{"report_id":"0726a184-3a38-49f9-9a00-91a51714fdf3","version":6,"status":"done","tags":[],"date":"2026-02-14T05:30:41Z","url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":0,"asn":0,"as":"","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"title":"Kent Casino","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":0,"asn":0,"as":"","country":"Romania","country_code":"RO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T05:30:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"kentcas393.click","ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"domain_registered":"2026-01-16","domain_rank":0,"first_seen":"2026-02-13T13:38:38.960501Z","last_seen":"2026-02-13T13:38:38.960501Z","alert_count":309,"request_count":103,"received_data":7759726,"sent_data":48060,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"api.kentcas393.click","ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"domain_registered":"2026-01-16","domain_rank":0,"first_seen":"2026-02-13T13:38:38.959606Z","last_seen":"2026-02-13T13:38:38.959606Z","alert_count":42,"request_count":14,"received_data":163290,"sent_data":7940,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"code.jivo.ru","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2019-03-27","domain_rank":437705,"first_seen":"2022-03-30T15:10:58Z","last_seen":"2026-02-12T04:20:45.744581Z","alert_count":0,"request_count":2,"received_data":22519,"sent_data":882,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"node-sber1-az3-20.jivosite.com","ip":{"addr":"178.170.197.234","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":2965974,"first_seen":"2023-08-15T13:44:02Z","last_seen":"2026-02-10T00:20:22.455987Z","alert_count":0,"request_count":1,"received_data":682,"sent_data":506,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"telemetry.jivosite.com","ip":{"addr":"94.139.253.159","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":346139,"first_seen":"2015-07-15T08:41:42Z","last_seen":"2026-02-11T21:01:29.712197Z","alert_count":0,"request_count":1,"received_data":111,"sent_data":465,"comment":"","tags":null,"fingerprints":null},{"fqdn":"agstatic.com","ip":{"addr":"52.84.50.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-12-14","domain_rank":408512,"first_seen":"2020-07-31T02:50:23Z","last_seen":"2026-02-07T02:09:49.75871Z","alert_count":0,"request_count":4,"received_data":4092,"sent_data":1772,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"vi-sber1-20.jivosite.com","ip":{"addr":"37.18.110.91","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":2853955,"first_seen":"2023-07-29T23:17:29Z","last_seen":"2026-02-09T21:14:36.42155Z","alert_count":0,"request_count":1,"received_data":204,"sent_data":591,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jivosite.com","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":232952,"first_seen":"2012-07-22T02:03:39Z","last_seen":"2026-02-11T13:31:19.510613Z","alert_count":0,"request_count":8,"received_data":2026727,"sent_data":3784,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kentcas393.click/main.3405b98e3c8aaffb.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c31551670119c4d9cc7ae402f8ba9e85","sha1":"75c819bc873ec3b6fb371c3a3b80e85ec94a24fa","sha256":"845ac11b8845d833eba343ae969285c1bb4221b7f128236fe9cd1393c1e1cfb0","sha512":"4c5086542acb14dcdabe83a8ce484004eb9864679c6833bbe5fff70538ff933c31f1c10fbd55d982dc80af95fd07b0c8a5a3c57b273b3303c2ce5ef4c717b787","ssdeep":"49152:mdGiXwLaEz7IxC35BIfLbj49E6Y7Zz/3ycUuSX+BNXSLoMFhyu8vt8slEf9EB4+v:wfh","tlshash":"d6b56ca57322f03627d78456a07a0586b33c6448eb07909cf2ac8cec96dde9b617773d","size":2354198,"data":"","first_seen":"2026-02-13T13:38:46.593341Z","last_seen":"2026-02-14T05:30:50.919945Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc00deaabfafd48080a08fc0d7f841b5","sha1":"3bf17f3bd75349b1ba1f9b78c6117fadd4620310","sha256":"be8a7243d87cc8bc1c523f0b10a41c149622c9c6af30b6a4e8231b1506cfd542","sha512":"1f3d4801665e172b54578e6d0d71f066c72df7244512cf00026104acbf6f21dab5de812d2679f56b2414ae7f40fd4963f61db75bc7bfc0893c8a3debf65638fc","ssdeep":"192:2P7mk/7Obf14M6bOIpUTPqZ8BijFLeEJK:C7H7ObdFkOIphZ8wjFCmK","tlshash":"af22d71ee7017f360fa613c3744f7b5376a480e592646cb5d89c826943b9bcab217b8c","size":10598,"data":"","first_seen":"2026-01-27T14:54:11.499444Z","last_seen":"2026-03-31T09:24:10.733781Z","times_seen":1154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"0448413eb22bf4901b27cf364ea01a83","sha1":"9d09826000b83bbddbe2a32c67dc7cdf77751bd3","sha256":"4abc7748aabbd4b8752f553178b7b70749371b8fcee34ec0ec169b3ec779b174","sha512":"d6fe6dde0126bc4b94c0130f97394b67f087fe2a52f713153369fa21b5d08a05a7e3b32f7e29e208422983c340845ac1036b67787cc8b286900b485a49a809b8","ssdeep":"","tlshash":"5590028710460926a1e9500257133300209304a90d419c0055060411362430f82155ca","size":43,"data":"","first_seen":"2024-12-23T01:16:29.472085Z","last_seen":"2026-06-07T02:17:55.832593Z","times_seen":433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1770729112","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0b0142e34e2c52a43db467e64def9c3","sha1":"ccac10bdea6537df93f5bb12019991222815eede","sha256":"74913bf0fe3af4ce5085782094f372260dd5d655f754d955806824b842975ac8","sha512":"1a7d937765c9848c3a059afe591f5cd1c1b08008583199a60fe1de555be04d27b80c8d29cb8e8aa0c7fea083c6905642215cd31b20e96c6b8f6206b054b68307","ssdeep":"24576:j5h1n2wU6C3nmrkmYIfH6+rlCrL3RhKfIapRuky+o7jm/5j9I/quAgPgef7mttBt:jj1q3mtY4drlCsIapRuky+o3m/5j9ILA","tlshash":"db656bc5b2c4f46203d355e6a03b2005b33a2859340da068bbbcdcdbe95698e6377f79","size":1539171,"data":"","first_seen":"2026-02-10T14:15:11.69515Z","last_seen":"2026-02-18T06:03:42.237051Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"4014b634fdf9325444646ef6061af87c","sha1":"520f2699029b823c98608f475b18fdc64883b68f","sha256":"50956830d9a0a8f176d92c024b7ad84e6233732f15ab3ae65313231c97e165a5","sha512":"07c5da12acd32609af200a7f29b5c9f8ffebda7a87f208f6297bc6d73a08c5cf38c545c33c303093627e48e5b346252b188107ccd1f382992aabef7c8d3ae140","ssdeep":"24576:YnLBvKYoAlmls8uqU5rVGLXCZgwQmVlBTwXFXl2ll00w5fH6+6FI:YLB7me80XQXCCwQmVlpwXFXl2lZw5fHb","tlshash":"ca655bd1b2c5f4a507e701e6943b1002a33a2c1a740da458fbbcdcdba95a58e6337f79","size":1506927,"data":"","first_seen":"2026-02-10T14:15:11.696496Z","last_seen":"2026-02-18T06:03:42.245735Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f708963e8177d2b3d1a38dc4820f064","sha1":"3ea95e21bd9f5717ec847711825fe1bfc5650570","sha256":"fa5e4af61c2153dcf52ff929360102348261b28e5d9fd4823fc5ba33cf350dd3","sha512":"5e430e6d1fec1f540efe6292925e5d824472306a939e336a9893b995a1478836ba0b3447e1589e1fe68d8d13b1bd26a61c8ed5f109e6b50537e72eedfc6c6da9","ssdeep":"3072:1Hc0Og6iAPmTwF42omI9rXDe5Uiga8SrDcN:hc0UiOE9YZgaTDcN","tlshash":"40343ad071d0e8bc42e641daa43f6100f2292d2df409b958f3f8ddd9ab5598e2266f3d","size":244146,"data":"","first_seen":"2026-02-10T14:36:06.467051Z","last_seen":"2026-02-17T17:00:15.6702Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/runtime.410107919101eb27.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"55fe0efb0efe52fed766aab654e28b48","sha1":"efe6b54efeda7202c3cfba8305081c5440ba0d41","sha256":"9a2bab6248cee226cf4ae003904f0ede6f027ccc7eaa56ff6b214ef811a3c2c6","sha512":"1e8629a64502cb5fd9ae51e2d0048d7ab688d4e40cf124e9fc4f696b8f327991b118572b06128fc7aa073bff086a240e84f004bbe243754a37ac086a933e6290","ssdeep":"","tlshash":"f871f7b42268edb62af104c55c3dc581f318a836156ba8e2bb1bcc786575ed20935ff2","size":3692,"data":"","first_seen":"2026-02-13T13:38:46.585303Z","last_seen":"2026-02-14T05:30:50.909831Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/polyfills.522796e73cfc2d4f.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c32c895ba1c11332ec0886604c9067fc","sha1":"ada1267488d0c32328e15de3aa80f27d8b5e34b2","sha256":"c251ed452280ed17db7dc496ad874e795263d42312f745e2edba4fa8a0af4e95","sha512":"72d8a3164396f07c0bcad29e3022968975ace373e6ea63eb5b15b93bfe34862c62fc8d2ecaddb556d1a581fc52cecba5795b8046b7f5236526063c84ca76b5ea","ssdeep":"768:xFhDiDOx1jogSxDqlnbhH4/bwEbVuHD9QAi/n/OmF/bcVxvaDv9AUIj+5oY4+m3X:/hqR65ERxSvFq5M+mQR1z9tiTP1","tlshash":"86f219da7392b0b287f654f5c57f8007e63634a5384c88d8f14d99ea383714aa166f3e","size":37124,"data":"","first_seen":"2025-08-05T17:20:37.376571Z","last_seen":"2026-05-24T00:49:22.724572Z","times_seen":148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-17T09:31:32.395611Z","times_seen":307416,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/ESt1iDtMoi","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"08bb2b1c65762b11c191fd16e2399c86","sha1":"7f4fee0da92a42d27660159f34ed106b4ef79dbc","sha256":"7c0bcc2ed0efcd10baaf3ec249d1ef86ba0d93e7c523bdb4795b9ac128ae010f","sha512":"3d03e03e1f9d56ff1ef3307f17e39b75266b82f6c34626d132fd540eed90dbec23be22fb0d0b838cee19d406130855b1335bdbc39556c44b70f0575ca3136b57","ssdeep":"384:boU4JkQamum040erAN8OX7HMiqJISOVJBz8U08wYWcPY4:RtM/AfX7WO8UFWcPY4","tlshash":"2a822b6e7959b97743b208f9606f6209733549ebd404c920a401ea4d7db8ede813fef8","size":18065,"data":"","first_seen":"2026-02-10T14:15:11.610153Z","last_seen":"2026-02-18T09:49:24.551113Z","times_seen":234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a7c7885903365daa576d368d375cab09","sha1":"e16dfe57955d2ea696b962f79058c63ef5d6488d","sha256":"cb93d5b413c59444b68dc6403321b747e899f19fbb0d879c546eb1466d5eb4d1","sha512":"1698b2db2fd6b8cf22d0e9af7efdbcc816f88055cdee28dad06beb0422a06eb1a68315923a00a3351a3669aa281e323a41ad528cae164a981bf2e80dce1d09b3","ssdeep":"24576:inLBvKYoAlmls8uqU5rVGf3qZgukmoUBTwXFXl2hl0Hw5fH6+6F2:iLB7me80XC3qCukmoUpwXFXl2hQw5fHD","tlshash":"0d655bd1b2c5f46507e701e6943b1002a33a2c1a740da468fbbcdcd7aa5a58e6337f79","size":1505125,"data":"","first_seen":"2026-02-10T14:15:11.776638Z","last_seen":"2026-02-17T17:00:15.682547Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/all-games.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/all-games.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-2d3\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":723,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8b8466e84cf3d2723e7243e0b789a495","sha1":"23abb03e8a9b517e41a0e937582c423812c4152a","sha256":"52e4d71cf849da5b825336f2ac582067309c2224fb42fddf05850a9d014034c7","sha512":"410889eac2eacadcfcac3602f17e669ae2d6ff293dcee6dc7cfd2a1972e374c19ab733ec51385644105539007b299d3ac08ff7fd88864ae2a53b580d6561b2fa","ssdeep":"","tlshash":"6201dcc6e1ba83aee5af810c9bb584a417cfd0ba896541c8254d8bad054a4c1e2422b8","first_seen":"2025-08-05T17:20:37.288121Z","last_seen":"2026-05-24T00:49:23.326214Z","times_seen":74,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/favicon/android-chrome-192x192.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/favicon/android-chrome-192x192.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 4368\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-1110\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4368,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"a88490b71b7e9d3a189ee2e0c6a2ffea","sha1":"529909f23752e0c7dde8f85c53bf45d16c7dc93c","sha256":"41a55f511b1dd02775585bc7bc557c618ea01b4a730124ad993f341217e5ec44","sha512":"c0582ef2146a1a690b52fb63863ac9dfa99e0360d40583d9ce556d8040962af42eb569b12612f0b9670242f85cbeb0ba3519d4bc98583470d0ae6c3ddc9b5a0d","ssdeep":"96:AjGbRt/JynTorSmHxHjf+tcZIXbais9p8+F2KK8mcdo9775p:AifIGRHxHj8m6aiCpJBKAEp","tlshash":"59917de438777f9cca3f1905c47be4854937a225d2db1a873a6800328daea56e09f087","first_seen":"2025-08-05T17:20:37.489053Z","last_seen":"2026-05-24T00:49:23.090384Z","times_seen":75,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/BaconBankrollRL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/BaconBankrollRL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 63942\r\nlast-modified: Fri, 16 Jan 2026 07:06:10 GMT\r\netag: \"6969e362-f9c6\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63942,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"ba2db2eafd1a7f7c1cebfef033a393ca","sha1":"4f9331b9201ad8b39c85b73a2e9c38d57f7f0fdc","sha256":"9114e93297f31d261633ab29ad1ec0b6357ce6b20f4220de3fb7273e57cc02dd","sha512":"4ea78fca54320d796cdf0c1f8746da5c6cd83e73562a980db3b0debbdc8939dfa7f934675e1cb7502306dba7d92dac459c6478f3477a0240a926f9feeb443f66","ssdeep":"1536:e+4CmcLJLEjKAHcFiynhb2ZH8/FEtiLGGBHf68D:j4CHLJWHcNRMt+BHfvD","tlshash":"035302de22a116e4f8c450d6858baaf075630d25d2bd54de74d8ce9c34438b7c92acfb","first_seen":"2026-01-27T00:01:42.997633Z","last_seen":"2026-06-12T00:18:49.656981Z","times_seen":9,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/TreasuresofAztecPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/TreasuresofAztecPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69564\r\nlast-modified: Fri, 13 Feb 2026 13:18:20 GMT\r\netag: \"698f249c-10fbc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69564,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"3684d5596a79b40c0c597305bafe16f5","sha1":"71367843b2d61c189d4a187172f20203218d027c","sha256":"460332f95e268142033bbadc537140487b1312e1c49ea09a748e01d5d1340d29","sha512":"b7e896cd327d563718b5aaddc6a403a651f885a97d4f4aeca6c7d96ffff77b0d39447c2d412a317ac35a56a3debbeb58ac81f5912cee3ea47f4b563d4512ddc1","ssdeep":"1536:xy/zC0Nd5MU0RztlveiYOSRn+cT49STsR8fYqiRIYFPyLh1E95eEbTj:x4mgdlmtRgOSh+cT4SlV9xLQ95eEb/","tlshash":"c76302f19a646dfaf57245b749923b0143f8f90dfa7b1ce893ca34822d24071bb0539a","first_seen":"2026-02-14T05:30:50.779232Z","last_seen":"2026-05-24T00:49:23.563541Z","times_seen":7,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/recent.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/recent.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-30d\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":781,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1395ed7cef479b43fd59f9cfb634e835","sha1":"8e88bbebe9fb76c00d11ae4aec6fef8fded0e758","sha256":"263af21d6bd432eaa93ea5c27080d30fb4739c4487e6455d8a0edda6b917952b","sha512":"4c58d578ff4908928400866aceb487f01fb0c48f7dbb664b8387eb708a11e0a62014bf1012a670c35195d615fb922388512c3cd9d617b4c6047a1a59f7fa897b","ssdeep":"","tlshash":"8c01f1fd719c10e8e1075fa0f932b025146a6c7e7fc902558056eae3b6105dc4016ef4","first_seen":"2025-08-05T17:20:37.504177Z","last_seen":"2026-05-24T00:49:23.062512Z","times_seen":74,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/master.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/master.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-348\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":840,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"65c3e82ff58fc44a441f2f66a98b468d","sha1":"a44fbbaf538a17bdb70c2c2eae6abaf4bbc2a47a","sha256":"54cc8b9b5ae72dff20e674903762c4f25668bc87da2c55c2a3978691e43e2cd5","sha512":"19da66a80cf63453e02b62d40c5705fedf190ff9b425f31c1bfe16a03546aabc904baaa0cad360d38323391345719a687b0e053a2a5f1862086bbab0125f204b","ssdeep":"","tlshash":"8e0188ccd27c91a8fc0c53c98f24246c3e4aa23e5270c1daf00e98a496d6c95c410ba3","first_seen":"2025-06-22T12:57:21.081259Z","last_seen":"2026-05-24T00:49:23.477892Z","times_seen":219,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/litecoin.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/litecoin.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-12a5\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4773,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"93edb733903adf6957e1e50757d1dbfa","sha1":"684943d3832a33a7bee11defa4db5cf07f69ac29","sha256":"9e01176bab3a1d0560eadcd93ac75b3e7e1ac3298bcd32006e102c8f486a10f9","sha512":"6daa6b99f3352e6a214db80af8d4016c56b4404ab783a26cf818bf2f7a236b38bfd165de4903eeff7bf3ff43b4f16d4ae42c5126c24fd79248c03807c0984293","ssdeep":"96:CgxAH/Tjy0GAV7ukw7NvZh1oamyP7qENbMWR3Xz+bXTeF:CX/60xV7Zw7Nhhi2DhKXKF","tlshash":"dda193ca37e464ecf488cbf64b57a0d92102a1ff55458a1cf7dc5e64aa5081c8c276d7","first_seen":"2025-06-22T12:57:21.198549Z","last_seen":"2026-05-24T00:49:22.645Z","times_seen":219,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agstatic.com/wlc/flags/1x1/ru.svg","fqdn":"agstatic.com","domain":"agstatic.com","tld":"com"},"ip":{"addr":"52.84.50.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.agstatic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:22:43:3E:BA:C9:EE:89:8A:DA:E5:F1:6E:A5:1A:CE:62:7D:8C:8A","sha256":"A8:15:5C:3D:F0:FB:92:90:3A:8D:33:6C:77:5D:61:01:E8:D0:25:40:55:13:A1:47:54:B6:2A:66:2C:61:44:8C"}}},"request":{"raw":"GET /wlc/flags/1x1/ru.svg HTTP/1.1\r\nHost: agstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ncontent-length: 294\r\ndate: Fri, 13 Feb 2026 15:22:15 GMT\r\nlast-modified: Tue, 26 Dec 2023 14:45:29 GMT\r\netag: \"b5556eb6e16708fd2f7ccfc0b204bc5e\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudfront\r\nvia: 1.1 5f042aad530968241af9b660cec6b106.cloudfront.net (CloudFront)\r\nage: 50887\r\ncache-control: public, max-age=31536000, immutable\r\nvary: Origin\r\nexpires: Sun, 14 Feb 2027 05:30:21 GMT\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: VrObT34PfItcVqS5e8MqZG2ngGiiYZziG9BN8Yv6zNT8Agpl36psug==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":294,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5556eb6e16708fd2f7ccfc0b204bc5e","sha1":"f46b9c780444a4513b32d3972dd13b42ae386a9b","sha256":"1562997120cc48657c55544098ab20d6ea0b635d223a2d21a32f2888d0247a1c","sha512":"b8d13f7cd9dc54ed22b9669836e033e6b2afb3486bd0447bf401b71b5cff1675e30858567e68d99029cd4c31ec7f6e44b2403bfd0b240b1471db29bd2b43825c","ssdeep":"","tlshash":"b7e01291988cd54cc94942358f3cb1b3607bd8c965c0158df5a12d1120d33b75c55adb","first_seen":"2025-06-02T18:43:51.073879Z","last_seen":"2026-06-12T06:20:53.686921Z","times_seen":167,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":350,"dns":24,"connect":3,"send":0,"wait":3,"receive":0,"ssl":329},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/FranksDinerRL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/FranksDinerRL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61487\r\nlast-modified: Fri, 16 Jan 2026 07:06:09 GMT\r\netag: \"6969e361-f02f\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61487,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"21e86b59d710ab992258f03f6433de95","sha1":"0269ff87d7cefb663efa525fa16ff51c571a996f","sha256":"b420dd197064622c2f5de3078e11efb28be679785d947fecfe39a3b5543c4b88","sha512":"de6438bcc5c42b78d2a996afdfa8cab5f5df7a5127da71540cd671637a44216589a6a6141971ff0590ddf48f5ac93cd3a9bc8568c4ea6162d369cd99bcf4eed7","ssdeep":"1536:T/pbVzJ1x0mYm2rf0xB4kYFedG9JTn5D+82RmEOVjk5I1beIKAhsLw3b:T/FFbx6mqf0xB4ZA+T5D+Z1Ev1brzhsa","tlshash":"c85302d1391c9cdc0efe5aba8f17dc088ac0b657641eb5f6e4c71034ba43216c265a7e","first_seen":"2026-01-27T00:01:42.888817Z","last_seen":"2026-06-12T00:18:49.675444Z","times_seen":9,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"vi-sber1-20.jivosite.com/ESt1iDtMoi?b1a7fd873f2da1fb","fqdn":"vi-sber1-20.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"37.18.110.91","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:23.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /ESt1iDtMoi?b1a7fd873f2da1fb HTTP/1.1\r\nHost: vi-sber1-20.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://kentcas393.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: tOEr7YiyTAMO3WxZgIFqsw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nConnection: Upgrade\r\nUpgrade: websocket\r\nAccess-Control-Allow-Origin: https://kentcas393.click\r\nSec-WebSocket-Accept: WFiR2bxAN2AtfYGUzDWpmA/mX+g=\r\nServer: hand/4.1.1\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":0,"dns":0,"connect":41,"send":0,"wait":41,"receive":1,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/content-1-2.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/content-1-2.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 104628\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-198b4\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104628,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2c44287665f46344b35ddb41aed26fba","sha1":"a898d915a0cc61dec3adc35f042c3dc59a654811","sha256":"04cb174b91b3a9f18d54a1645be1eaf3b49657fa2536098b7d3bccbd28cbad00","sha512":"d8fb543945c3a5e621376d3347e21e2ad67a61f04de3b55772c02467635f9bdfd842b32155f43cfd8f07465cbe1d0d9ef35f7d5da30e3db951a2bef84a8d2efb","ssdeep":"1536:HsLZS2yqwfAh63zLtWPOxVOL1FUzt2f9qr0NREmtHRHwpNiIvplEl9NTst1:GZSzDfDXtLPmrfYUEmZRveil9ZsD","tlshash":"49a312920c96f879cf56ed181d3056010d32606cce3605a2c5b6f4ae77c9b972e2bb8f","first_seen":"2025-07-08T21:30:00.279332Z","last_seen":"2026-05-24T00:49:23.456704Z","times_seen":80,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/info/info.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/info/info.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-382\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":898,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c8c7ecd8eb43f97bc2fa7fc5cfdb0537","sha1":"babebace137a602e58ae56a50d39c17d7ac3d91d","sha256":"27294ec839cc164e338e5d4c41f4895ace888b6997bc3a9ea6bd69f9cad3b003","sha512":"d85230d1fc820aece06a92c5517e8a05c9b9c6b0745ae9d5035b73ffbf1a22a160cfc5eed15c65fc97dce90f5dc3bcbad12d8e86cf3ba03dafc6a0c1b4fcf854","ssdeep":"","tlshash":"971180f473ec8982194f4b79ce2169406e3b0af9f7c123e4baf0a554ab180e4885085b","first_seen":"2025-06-22T12:57:21.236701Z","last_seen":"2026-05-24T00:49:23.229467Z","times_seen":138,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/3.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/3.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 10624\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-2980\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10624,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"eb489e34b02ed950dcc5ee0c5c683c77","sha1":"e048174e713bd2a3e31d288be846de076838cb94","sha256":"1487e6f6aec3dd916b113266f7604c435ccce8a9fc0a6c24e1de42d2e867078d","sha512":"769b669b962a119c52e6efb7584bd9a2b6e0d24998417d46d315f3bc4592571c74df22501ac2d052a5b1bbe6902627d88da4de17a8db43ac3502139551e7781e","ssdeep":"192:/LEKGFS1gXtAnDi4gp/gtDbl/QRy/soYT8SKfd4KGwzOmucczpeSf/:jlGddADi7StDblIy/Kwd4KG3mudFtf/","tlshash":"ee22b0f121ca1f44f8deecdf25d8aa61029cd89071cd615be762c3138a6c46d33a65a8","first_seen":"2025-08-05T17:20:37.445641Z","last_seen":"2026-05-24T00:49:22.887872Z","times_seen":74,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T05:30:17.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:17 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-79f5\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (29278)","md5":"7e562562f5bef4048847953f052645a7","sha1":"2f896df789699fe3f9beb1518af990aae8ece912","sha256":"81bb606725c5f71148fc52abe8c294ab222bf840e6cc3d9023ea68053df5c9c2","sha512":"6f27f8e23db5fa6c790df7280ae76418aaf30b06be9d3f6bc8cf8ab86ce59afe9e6a595b83cf4bb4b66de4f6967674a99ad9f6ff443c56f7d5a79ce7c2cef59c","ssdeep":"768:tEkFomUz5n6nT3mEOYVGkyO5CK/sGN+k8a6aQHAgttuBEQxSuu6mqmcV+IFVdWjj:En6nT3mEOYVGkyO5CK/sGN+k8a6aQHZ3","tlshash":"5ee24d47fd2653851217d85b1885af27af33bd22803d0126e757211a7abb84ff39a7b0","first_seen":"2026-02-13T13:38:46.521044Z","last_seen":"2026-02-14T05:30:50.788848Z","times_seen":2,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":264,"dns":68,"connect":95,"send":0,"wait":97,"receive":0,"ssl":101},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/header_BG.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/header_BG.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 15852\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3dec\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"024edd09cab4cf39c55d9d16b0aa0950","sha1":"fe695cea3a7267301a7c764053e8968f1e52e44c","sha256":"585f56561716ecee10aeed76a6a9a992d0500d48b446e693b9348cfeb5ccd955","sha512":"aa03297e4860ad433dc44c35633be6bcfab6c7855e31573b570b62b8505ba0efb5d1a820e17496b0aa18451a713270137745b6c21a0ea18a7de5c54b63539fd0","ssdeep":"384:+JPW3pKqP5waY7wct3BgiQrOkH4n/sQ3rRlk+sVr+:6Sp+3ii6OV9G+oy","tlshash":"a162cfd127ffc0b7920ab57522a4c783a31c96d8a724bd0696cdc60b58916e177c360c","first_seen":"2025-08-05T17:20:37.123603Z","last_seen":"2026-05-24T00:49:23.442618Z","times_seen":74,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/info-icon.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.445Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/info-icon.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-16a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":362,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23a5134cff64ca5058c70c3290592e38","sha1":"507e4e9cce12ee5cfbe9ed8bd21f429773742e01","sha256":"ab11f22aefb8593b6c6b5d07d8d2ccc6a8a9acd92c1e62e278deb2fb1705fc90","sha512":"4de3e2e8d6e1a7850b38b7d11df4bc93df38cf1e0a0452e2855832ad3c42ff250e0c92ff351b545bf1dbb6b3ae7c3baa9fa85284db08e5d86f568ea89b59f4f2","ssdeep":"","tlshash":"1ae0dff4ef1cd5cd83018bb21e2a214c030ea0b770200183ab0c3ef0959ace1d943b14","first_seen":"2025-06-22T12:57:21.069946Z","last_seen":"2026-05-24T00:49:23.480458Z","times_seen":195,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/ZombieOutbreakPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/ZombieOutbreakPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 49948\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-c31c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"983ae346bd81ff297b98d97a5d12271d","sha1":"04ba26c54a5a8cae258905cd4a525c6744347ecd","sha256":"a283406080b8126b1f683ae133dccb0fc77e3c4e734694acee82903e2faaa8e9","sha512":"28660a1381693bc30856c3ddbcb8513812766a610e6678ab743a52f0ea998ed45398bba793d69657b65cdd3488dd5153cf802a8dbce56b1f521c5a8a5aca60db","ssdeep":"768:LpUjeFhzAUliM7g4tWgLuxZpNBvYPrrgas8r27v3FRgl0ptJf8XLNJMqqT46k6hF:Lpq8OuLs5xDNqPnNC3rbTiRJMqB6DD","tlshash":"1623f16f6043d4e7a6174c940b1ceefe919620091cfce0bb85d68d5f7e7382855ac8e9","first_seen":"2026-02-14T05:30:50.791458Z","last_seen":"2026-06-12T00:18:49.679453Z","times_seen":5,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/BloodAndShadow2NL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/BloodAndShadow2NL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66210\r\nlast-modified: Fri, 27 Jun 2025 16:47:52 GMT\r\netag: \"685ecb38-102a2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66210,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"db860cd767f703ef71d43b36be3871b2","sha1":"983404dbef1931fd4b5206e6150b29590eaea267","sha256":"633a9923772b0ebecede3ac99a0185423c865311cc0a45acd3a18f378fa889b6","sha512":"bf395a90de8d2df9c2b4e46f489023439aa5f080ca48f5f1557cfa91e417c1f6ea4232bca8236e0f894a740aa890bc7d5ed9b50060808d8ddc8caae8f421d9e0","ssdeep":"1536:SZrq2J3d9KsB9clZY3rGtBjXZ6w60k2UNehEWQUc:SvKw3abLZ6wkfNehThc","tlshash":"4853027296e26b507aab383e2f1cff2f869fc8a86ee7d4d1a7c5db856044714c0c6141","first_seen":"2025-03-08T14:29:59.934306Z","last_seen":"2026-02-19T08:22:57.941807Z","times_seen":216,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/jackpot.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/jackpot.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-620\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1568,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a4e89a0753176e69c7b10e5eb228f50","sha1":"d0369f1833402c8f3b8be020475afea464c4c3f0","sha256":"b5ed7d7f3aaad87c44f321de6a5f3de85b000d010d69cd67ef25ce65d407c838","sha512":"8966d6b16c4afc37f1753520633d5088d69351749cfa719e43bec32673c660f2f9e5bf4cc3143d19918cb54ce320fd35fefe2318d1ed3a55e29258624b041e10","ssdeep":"","tlshash":"c431cdba921ce2dc04cbefbccb36d4a1270e6091f9abd7a4d89e837104778d9d487414","first_seen":"2025-06-22T12:57:21.044943Z","last_seen":"2026-05-24T00:49:22.756717Z","times_seen":138,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/script/widget/config/ESt1iDtMoi","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /script/widget/config/ESt1iDtMoi HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 1403\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nexpires: Sat, 14 Feb 2026 06:49:01 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: HIT\r\nx-cached-since: 2026-02-14T04:49:01+00:00\r\nx-node: m9-up-gc91\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3523,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"4e5442d199904c1f298cb106e37ffe4b","sha1":"0318b1d7a8c1b86201e6935f02cb5b7c5779d7c3","sha256":"8bfa886dc57eaef9dd0b53be544e70d0e9fbcdd0c9752d1f2355b6155c0adeb6","sha512":"8fba706901674f741110c9e800b94570aab411bc515e0a0381d8530a49c8d672b7b96311367d46f77b6ee840d1dd544ca4550186ec66224dbaf39b812259cc3c","ssdeep":"","tlshash":"137142b258881c7f09c9ba82f1b7ad4e20a80746db84cf71dd7d9d2fe6072502307a5b","first_seen":"2026-02-13T13:38:46.490298Z","last_seen":"2026-02-14T05:30:50.794447Z","times_seen":2,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":130,"dns":2,"connect":60,"send":0,"wait":56,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/kent_header_BG.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/kent_header_BG.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 104482\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-19822\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104482,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"79bd6af17c741d3d688f7bd73a27c75c","sha1":"87fe1027c3ea410affee53c63352e2f0f506d3c3","sha256":"936047322d7ab882f0fd49ee7ed6a0845431a59abb7bcac5acab3139a7cd16bf","sha512":"0897e00559a906628f3945358ab3e4d99118d53570739438eee030bfe634413753960bda965c87dec40aa7bf1409ee0640c2f779614b20a9b8a5030db4cb4b50","ssdeep":"1536:98t/z1rfx+1ifrMlls3i7erkhFpt/ABfh5HozbvjybLnmo22v5fVo1V6tavJVWkD:utZjx6iU7hDZAvtUHEjF5i1V6tQWkNsE","tlshash":"d3a3010a4b1d12d6c8589e2fce2f65b4389011f6a6f783863762d7e450693ccf41af5e","first_seen":"2025-07-08T21:30:00.251385Z","last_seen":"2026-05-24T00:49:22.754371Z","times_seen":82,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/notification.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/notification.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5808\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69428756-16b0\"\r\nexpires: Sat, 14 Feb 2026 23:53:21 GMT\r\nlast-modified: Wed, 17 Dec 2025 10:35:02 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-01-15T23:53:21+00:00\r\nx-node: m9p-up-gc7\r\ncontent-range: bytes 0-5807/5808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5808,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural","md5":"9aa341af370c4e59155717260ba0f282","sha1":"0c1216ecead8d1409557c843d96202c063f3f252","sha256":"1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab","sha512":"e6663f8406d859a7ae65e6eb9512ed1e79244b8f5b2119823f80fed99c17dd4a086cc17083f3cd70b6dd990c39b3be80142f303a7c2a9fbb9302147e700fa5cb","ssdeep":"96:XYLRSqytFnbfWnHBaSvgEyZMZuiusJ0jQDrrQNw:IMTnbfGhaSvg/inqc0m","tlshash":"cac1297acc3c146fd81e88b53f3bb0c9421c61803a00d8e61c99bb5bd6b2ba975468d2","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-17T06:30:03.05174Z","times_seen":16430,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-600.a50b65dc40b33829.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-600.a50b65dc40b33829.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 19640\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4cb8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19640,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19640, version 1.0","md5":"eb58db2b5a33a05641f253eb4c3d772d","sha1":"31dcf3e4095f08599b84767f57e93b17d634c008","sha256":"d6497c264dbf70ae51add5103b6c7553dadff334b5853d09adf8c9f1c63ad36b","sha512":"184b7a5420fc8fe092e084d4b843fab5e4a04284c436fdcde09867b61fc4cdca9380097f66a10bee01c0cf253e904e14a9de3e9e02fe01175802b680046edab1","ssdeep":"384:OZn0uOn6ClgwNcP+hkgzwV/Ajy/6uZbj+sn85M8P9Benw6MiW12+t9aLwNNDJv7m:OKuO6sgwNc+Sg8VsNuXGMg9gw6MXheLt","tlshash":"4e92d1000bf24c33e712d7b5dfd5124b448a55d0fbe65f3988f350762ea69668ec1948","first_seen":"2023-06-05T13:27:27Z","last_seen":"2026-06-16T07:24:23.173815Z","times_seen":1868,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/tether.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/tether.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-ce7\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3303,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2b7623eec1db8da3ee0ab1aca15c81ea","sha1":"7376c1080dbcd43c0a87153b0f81738090c1ae67","sha256":"1c6845faee131c97bb9c586095cda10016abd0f82f8e704eb86d9fc219cace8e","sha512":"d5051c0cfce9a1bfa9defdedda8e79161eec3b601664c4382486409058fce507401b69055c48b4c39379d41edc97668935f40bf51c1f50bc717c980a016268c7","ssdeep":"","tlshash":"3c6193dc76a851fcb404f2ee2b0721693d0624fbbb684a50f62d4cde3996884cc84ef5","first_seen":"2025-06-22T12:57:20.92505Z","last_seen":"2026-05-24T00:49:23.610091Z","times_seen":218,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/small-tourn_desc-10.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-10.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29320\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-7288\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29320,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fe2ed7e8134a7bf0baa6964751e01f1c","sha1":"c4dab8478413af1dff8a2b4c918a56ca5acc043e","sha256":"239b8991ab0563562637a2d9968a0383c5d9a75fd67d1676a4f96bcc4307fc2b","sha512":"06eb9c82b8c730b222b0c5aabb420566c8f36212e0e424d23d5023050e49490709325e4bebcdb1ca70966fc998cdfbcda9a1dcdd14590d2b98ca28546319e98e","ssdeep":"768:I77avlEyWUIgiS6XG5eKDhk3rIVqyuhH9fQroD901SAQMI:UudEhUv6W9Da3r6wfmoR01LU","tlshash":"fdd2e1b108e0de44454fefb4984b4714b9d8dde33a8593986eca18584cc71aee6ae8cd","first_seen":"2025-08-05T17:20:37.186355Z","last_seen":"2026-05-24T00:49:22.659987Z","times_seen":74,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/LeBanditHG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/LeBanditHG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53629\r\nlast-modified: Tue, 09 Sep 2025 10:49:20 GMT\r\netag: \"68c00630-d17d\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53629,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"f58afcbc05270b077d537f0c9714fee2","sha1":"7b140e51df247c73aba7bb4a44cc21f31e404d07","sha256":"27a3ab87dbeec886eef81bac140be77aec466ff49d3111cb18f8afb246d926c5","sha512":"dc9202485587df85bf8441b197b255022c45ae04355a33ba3b44d1ee95a5e01bff080c7476a8577cd5bf9600159247b2b724c678ee42e9bfa642c5c9dbf7127c","ssdeep":"768:1lF6j6Kv7kDtSbDFOirnPkbO77msQ1ux135d8WHC2byURUx4eXlzZmOYHYVGPQW:TwJkD2FOirnPk87mE1ZH2vxjHmD4YPQW","tlshash":"01330209be009a4cfdd8abf7214f01520ae009c982d663bb7badb590b11e44d68f79b4","first_seen":"2025-09-12T22:08:21.656502Z","last_seen":"2026-05-22T01:16:04.845874Z","times_seen":148,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-500.7b78a01de3f438de.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-500.7b78a01de3f438de.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 19564\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4c6c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19564,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19564, version 1.0","md5":"a7cfda8e322242c49247550915e00013","sha1":"8246c541665cdea3ef22a1ffcbfd1eb1d34d24c7","sha256":"7393d1abac009ede0da9f95d6c83479a08d798e28d3509575e02fb1d2346866f","sha512":"20a0e7c47f698fd2eb98988cb244547690a4426460f40d3c31b4fa5311e4cd28178159002920004eaafb5069b74267975aafee770b0d39c8e31b142fd2a30536","ssdeep":"384:y1rROrEnYIq6iuk6tznGDDq7qY4z5afxQJpW3VdNNZA8tkFCJG+:ARZYH67zDnQ5apQeO8mA0+","tlshash":"7592e10697c05a8d8ec616fc304bca1e74195e5281c42ed16b18cdb399a6ebe2d813bf","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-16T14:41:12.856846Z","times_seen":2018,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/1.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/1.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 7130\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-1bda\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7130,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"0447756be5e36f55bdcf57d771c30414","sha1":"92d2b6a34cbfde17376f091d5b532d2afffe84ce","sha256":"639fe4c3759f5212c92fdff9a78e6be9b77d3041841b4166c47f698d464ef0ea","sha512":"b0858be39f55d61e18910fbda4c9f66a28dee88c7683daf5eff0ac80971d237780e9c695c2c452fcb412e5516a376a2583e5479e87010805f16ad9eb1f0d76a9","ssdeep":"192:NND5LRRe/4JJRg8U8Gwegv8FTBFAOdPgijAy4:z/w/ug8U8GwexFTfAOdoy4","tlshash":"a3e19eaeba12c11aeb7c08051b9b576e8a28e03df45c5a91153af1cea37e3441943272","first_seen":"2025-08-05T17:20:37.530177Z","last_seen":"2026-05-24T00:49:23.026087Z","times_seen":74,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/DragonsTreasureQuestPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/DragonsTreasureQuestPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 70850\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-114c2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70850,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"80758cf1602906b97e7f0cdb19360585","sha1":"baaea1734eb429ad056b349dd780a842c6d0da74","sha256":"d807bbe290e80605d6455d3926ac0bd55efd6992a3578c5c2460be4a457d55aa","sha512":"d8ed4f0e73227fe3320334e7e8296b949f30168d47f8d51c5371206e9ed4bb94c9229f90198b748f71dd6e4a0ae26d0c2f3f04d933a0fa0cbf250925f51c1bfe","ssdeep":"1536:az8m17JddY1emK5L//7iPK+sBW67YopUZZfY/Tit6OGKx0Y:48m17Jz+/KcsBhFU7Ye6OGK3","tlshash":"766302b979dbdec06daf7fa4ee781d2420dcc37d12a458b704fa46ae035bb2a2c54144","first_seen":"2026-02-14T05:30:50.80583Z","last_seen":"2026-06-12T00:18:49.510377Z","times_seen":6,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/TreasureTumbleDDRL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/TreasureTumbleDDRL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64760\r\nlast-modified: Fri, 16 Jan 2026 07:06:10 GMT\r\netag: \"6969e362-fcf8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64760,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"e0a5fa2bb67411ea5512848ee4dc7559","sha1":"ba3fbefbd82e8cdbac55acd09a574966ae758e6f","sha256":"5f373083bcea2496086558b271b3f0943d89b3c8b2ed1547723977d52c4987f0","sha512":"183b4249f4c11c6042bea7364c41e765c3638eb5bad8ebeeeb54f4c3a1bee284607e769be5e3992ad1b12d65c5c9fafff27b5cb9be7be432256794cee6e741dd","ssdeep":"1536:xlZpVoFLi2DmabnAUKPfyD9FAGgaOUeq0:xlDui2Dbw8KGgjUeq0","tlshash":"8d53026f11b465a57e9bee34a764ecce3ce5d33c72278e694eea300490cd091a5f5350","first_seen":"2026-01-27T00:01:43.024323Z","last_seen":"2026-06-12T00:18:49.602261Z","times_seen":8,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/PinataWinsPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/PinataWinsPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71426\r\nlast-modified: Fri, 13 Feb 2026 13:18:20 GMT\r\netag: \"698f249c-11702\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71426,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"b6305200e7547e19bbc906e4dad440a4","sha1":"e378db5cdc98df8ab147091c5228b59f4a677ec6","sha256":"831a7a3f9c57e8da60e89a765a2767157aafedd19a452a53bed97bec0b5496bd","sha512":"94831b7fd4147efb65a4a5f96ff240493c154617c7ebb0ad332973db2c25a6aefd608809028a3feb5f151fd877c2044547556db0b23646ed2f09c209bc97854f","ssdeep":"1536:2934OljBA53/zcSR11KPJJdtwWMC/T33OplwzwGUp4xlzor:2mgUbcS3oHwWlOlwzwGUprr","tlshash":"02630225010f46d0be2ff0b6ae71d9a9328ff64430a3d9c72ead7c45881d949b657e0c","first_seen":"2026-02-14T05:30:50.808007Z","last_seen":"2026-05-24T00:49:23.233921Z","times_seen":7,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/new.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/new.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-244\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":580,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc24f925ce9f71141fd58a502bfbc9e8","sha1":"e22d7ba61603fdd9fa5128e2dda4c772aa341bc1","sha256":"d6e297afb36f8e26488ea2ddeeaa4a63fe69c0b65629bea22570be336b471061","sha512":"3d6925fd4876e62a5382d7645aa9343521935cff65c95fee33a677922b7baa7cde21bfd7caa412c9d6eb3a9c4b7119f9195eede3d382293a6fcd9511fa7fb1e1","ssdeep":"","tlshash":"01f0e1e1cb39e4c8e086493edf557ad8632720de59456989f264eb1ed1c6ac2d005494","first_seen":"2025-06-22T12:57:21.14658Z","last_seen":"2026-05-24T00:49:22.985802Z","times_seen":138,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/sec-tourn_desc-9.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-9.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 72234\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-11a2a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72234,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3439a5ace91626587f112d518a59ddb7","sha1":"c0786f98172b9d1033b6c0574e8407d506d7bdbb","sha256":"10b76905e4b42d4aa65f5ec832eca27e42e176585677eeaebecadf999730c5cd","sha512":"ca4c5cd8f82ed37d2ae3e3b1cbcaf2246fa34766966631482db9197fe3a6d1ae67573b8dd8ebed195f386e75bb5d7dfbf416286b6cd52c2def3831e260676ec2","ssdeep":"1536:a1AAsUV9mmlvDuBhnD7GxQ6H6fZCPkyCZ70LL6oeoLpsQrqq9zO:SUsDuBVCxHF+BoLTzK","tlshash":"4b63024fad5bb5ec86982bc5d22096361bf9309594f31150b700ec5c6fec595a0aeacc","first_seen":"2025-07-08T21:30:00.350395Z","last_seen":"2026-05-24T00:49:23.095447Z","times_seen":73,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":127,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/LegendofPerseusPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/LegendofPerseusPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 55879\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-da47\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55879,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"c1113f91423af27a369fb680c47635e7","sha1":"25351c3098bf4064abd728657bef0c3e0c7b33ce","sha256":"4a1a3a0ac71170042dc00208a97c08ec9f3bf3b729c065925db6184de1d49aed","sha512":"c315fbe3a2025c905cb3145aff0496aad471492967cdecc6de7c7a3004d9d4a7631d4e93e398798129a0250dd194f70ff5786130fd02a5dced151ee21740443d","ssdeep":"1536:sULJh90jfh0OmMiaB2P/FemxmxoAQJEaN+qYgki6:sUlhk2OmE2P/5kxoN+qYn","tlshash":"294302a1b28370c2329bd13c45f3cf3683ebd111b1d69574b6db8d98c866562dd2e3a2","first_seen":"2026-02-14T05:30:50.811661Z","last_seen":"2026-05-24T00:49:23.708576Z","times_seen":7,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/astroPay.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/astroPay.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-1778\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6008,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eae9755df32ce0b96800ec23a003ed5e","sha1":"8bd420f5818521092120270b13a81f6b37b90fde","sha256":"dcaba9df594f4878907d580418e7c05ccff8604f1ca5f0e5e8d19bf42e3f13ff","sha512":"1b5c4377bf83246b0d7317d5b5c6c220f565cd5925b14c3665d313577c504c931e45bceb991f34e9cb3922caf8b27cf4c5bcbc4969f459c94fc811fc85f28835","ssdeep":"96:AyqqHYHn7+X1/3PXnCq7do5h1ZBXJL2x4/sI5S/RFdeN2mjjM4KqL2VcmFCEc/KD:AuJX1vPn7dqzXJLBsWS/QFjM4h2imFC+","tlshash":"4bc1b6e6537892bc45cb9f5eef229851932fa0bab516c2c1ca6ddfa450c7c88f707810","first_seen":"2025-08-05T17:20:37.073455Z","last_seen":"2026-05-24T00:49:23.198523Z","times_seen":73,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-800-italic.3fc2784777cdb0b5.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-800-italic.3fc2784777cdb0b5.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 15692\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3d4c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15692,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15692, version 1.0","md5":"3ca84a88bd33a1f39a88890b0f1e155b","sha1":"eaf8cc9a3f1232fabdfaeb4ac706ce3cfac16d05","sha256":"5da87a7ef2468e98836df183bf22f098fb3c49caa1f7c2df6a06d0442f3b276a","sha512":"b6ad61246762814fd9d759eae4ccaf648870f47d2bd8fbc94a03857dd2ee3040e6a768785fddfd07a7a507ee4e99172a4bd552b88528824eaee104decba39e95","ssdeep":"384:Rc5hOm+fViGSvqwGUPbvhgaagaku8tw/xNARTa9V:RcQfA5SwGbaagHXttRTa9V","tlshash":"9c62e18cdb5032d649a73ddd1be19962887d241b33e03bdacc6fe7358aa259248702e4","first_seen":"2024-07-01T06:02:19Z","last_seen":"2026-06-06T17:37:45.121095Z","times_seen":89,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/5.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/5.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 14862\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3a0e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14862,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"4d1e214558865f17792f7add72a2e71b","sha1":"3d0d5475056b9bd710f0f03351f33a138ae74ea0","sha256":"47fbdf2dd506651557550ea81fcdb27ea666f5f2b784b1ef0e2cf04000096450","sha512":"44e6e4a41ec128e8e4eb6e669f27b657cf1645c60cf2cbbed9aea7668d458f90d052e624bbc14465762890a86e8a9ee58c13fd794cf34614e847d3712d60d034","ssdeep":"384:EqhMbnVD0d779WZkQzLHVE2+RRSxy98OB8GCZKFOkwkn:pMrVAd7798kQz0R8xyyidk5kwkn","tlshash":"2962cf93757c48966b758f6baf358d090d9202abd78541bd48a02cc6cfbbf163ac2c64","first_seen":"2025-08-05T17:20:37.327306Z","last_seen":"2026-05-24T00:49:23.538408Z","times_seen":73,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/SweetBonanza1000.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/SweetBonanza1000.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 70693\r\nlast-modified: Fri, 27 Jun 2025 16:47:52 GMT\r\netag: \"685ecb38-11425\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70693,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 432x324, components 3","md5":"e29f9407805414d20a3088fc2b387bd9","sha1":"f64b58c19b833b73b324b4a2f832ede129f21386","sha256":"22e36b7a910d0a2f6fbfe7138c165cb460f4d081ce0b1f45ca4d91e9779b7a66","sha512":"bece47d1074c6b483c1c3c7c296eb87b5d0f1cb04bb35aab66808a9d39e6311a41ecfe86bbddf3ffa4cc5e670c48a0d2ae5d0f61bc9bacaa0360418d83d71663","ssdeep":"1536:rxG4n93Nuf0+YplM2Z9PmPIDAL1JjRxvWArIKcDMfXi06xBdyX:VRm0+YpAT1JjTRrInkXi1/w","tlshash":"f263029cc286d4cc52ba1dd83eabff74a292694b4709bd595065473c28cf48939fcf90","first_seen":"2025-08-16T01:15:05.827099Z","last_seen":"2026-05-24T00:49:23.052041Z","times_seen":17,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/MrTreasuresFortunePG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/MrTreasuresFortunePG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85367\r\nlast-modified: Fri, 13 Feb 2026 13:18:18 GMT\r\netag: \"698f249a-14d77\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85367,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"2e7c20cc329b1464869d826fcd9c29db","sha1":"6d962979e151669e0e24256c9a0f6a2081b6b44e","sha256":"f2585ad20a0bf6538c2389ff2ce6442915e995dece9919505f450d13eee7e474","sha512":"b5a911d193944731d8dcd9bf401c5090f54d3e9a1fec22e54927e2ec505fb1155753edd29249ffa1676d305f645e7041bcd2bb40d6e48c83e06ca8e0b21e51dc","ssdeep":"1536:YNn3S0CF7+EAAZb7HFUpq+xlfTFajytLPSVOk4xT0GKM+z+FO3n7Tii5t8QI:wnC0Cp+FAFepquFa2Mn4xIGK8FO37HTI","tlshash":"038302f8971231eaed768525cfd32f816698fb4164cdd8e683483f1db3a8480a9610de","first_seen":"2026-02-14T05:30:50.816462Z","last_seen":"2026-06-12T00:18:49.540464Z","times_seen":5,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/WildBanditoPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/WildBanditoPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66051\r\nlast-modified: Fri, 13 Feb 2026 13:18:20 GMT\r\netag: \"698f249c-10203\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66051,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 382x287, components 3","md5":"aded5147c6e1f9d836b4b207e49fde7a","sha1":"d36e419a685a91267dc14cca86d7ed49b0f536e5","sha256":"c7bd342f32efdaceb8bea87974647d57cb67fb1a1827561e6f49bb1b208b719d","sha512":"67718214551e52d7fb3ae3b176f5f1a165da0ee83694a1355554fa6bdf4fc32e741975249935d51f127e7042c9250d68f4e5f7527cd5bc5b92740c92950e4bfc","ssdeep":"1536:UbFvYTZsgtCXp3SBfquTLLRq+GJFd0cF+Dyfu1Dpu:UJoZBt6ATLL0HucFqymW","tlshash":"c8530120972c7a9ff73d693bc441159a5eec6a3379fc51ca01d4a9bc8b24608a38c7e5","first_seen":"2026-02-14T05:30:50.817622Z","last_seen":"2026-05-22T01:16:04.768975Z","times_seen":5,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/shop_mobile_bg-_1_-1.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/shop_mobile_bg-_1_-1.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36656\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-8f30\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36656,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f03a4a527b34ebd74b4adc8c9e423094","sha1":"ca8624d5f55dc00f5e7bd2e12333cc4cb1cfc1fa","sha256":"67c9d22b705470e98950e10222e34f7984e60a676972bad066e9753c8e0d36ba","sha512":"019e00036717f4876bc545ac53307a04c7e4835c4402077e0e17e0be181ebdf5b9ccd4ebb89f2c4f40d240c7755100f6177ade4ec2e58765f7fceacd1a2df8f6","ssdeep":"768:z+PZaVpJN1PCdeBKSTwny/juBm86wXLEh+FPsCnMlq:zwZeT6dQwB1XLEeV","tlshash":"a8f2f1c5b78b16f52048aab55d37976ed2f82501bf00f6e8afad490f840b28b1cd9523","first_seen":"2024-08-19T18:32:15.319299Z","last_seen":"2026-06-06T17:37:45.149174Z","times_seen":85,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agstatic.com/wlc/flags/1x1/gb.svg","fqdn":"agstatic.com","domain":"agstatic.com","tld":"com"},"ip":{"addr":"52.84.50.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.agstatic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:22:43:3E:BA:C9:EE:89:8A:DA:E5:F1:6E:A5:1A:CE:62:7D:8C:8A","sha256":"A8:15:5C:3D:F0:FB:92:90:3A:8D:33:6C:77:5D:61:01:E8:D0:25:40:55:13:A1:47:54:B6:2A:66:2C:61:44:8C"}}},"request":{"raw":"GET /wlc/flags/1x1/gb.svg HTTP/1.1\r\nHost: agstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ncontent-length: 911\r\ndate: Fri, 13 Feb 2026 14:22:55 GMT\r\nlast-modified: Tue, 26 Dec 2023 14:45:28 GMT\r\netag: \"3de413a6f455e1e35121519f2e0deb75\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudfront\r\nvia: 1.1 5f042aad530968241af9b660cec6b106.cloudfront.net (CloudFront)\r\nage: 54446\r\ncache-control: public, max-age=31536000, immutable\r\nvary: Origin\r\nexpires: Sun, 14 Feb 2027 05:30:20 GMT\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 6PWLAwFIJEPgTt5XshJCwQqYQiLc0o8dqhPkiWdcvzrcxvKsRzgk9A==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":911,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3de413a6f455e1e35121519f2e0deb75","sha1":"8692d11f1bef937ecda85696ec530bbbfa76e5df","sha256":"2f0cc6ed1e8e9a7e56cafd3500585d685ae0c51abacddc52f750fb4d23f60b04","sha512":"cd5ab599bbe91838b2cedf58005c100196999ecca5c1c9db00d76b7eb8e91daf7edfed73cfb998dbeeccd5c4b88097ebed29a611a9d68ab07fd071bb5df4da4f","ssdeep":"","tlshash":"4b118cd462fde149ce52430c6a9e72682127b1c773414265f1991e4edbc588bc9d2eac","first_seen":"2023-05-07T23:28:43Z","last_seen":"2026-06-16T15:59:21.98291Z","times_seen":455,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":233,"dns":29,"connect":1,"send":0,"wait":2,"receive":0,"ssl":213},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/BattlegroundRoyalePG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/BattlegroundRoyalePG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72001\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-11941\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72001,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"7206d04880d27c462586b730ec8e1afc","sha1":"c2d49e21d38f53986652d44ddf3a18f42b244f90","sha256":"997ddb414435246d39f32a6bcb65974f9657be2fff4af5f8a3af8af678a6270c","sha512":"dde0709b80ddf6febbb665a0c94a3d45e63515d7d03cb746237dc402780e8d0e4d772642233f84becab7a79b26d35feef8000a8c323e1a5f8ed884ce4e0a37c6","ssdeep":"1536:cU2RWTPwdUmVFlUSRc9Svb9N0YlEtTKHxbZKLQICnvyrE1Y:cUBTotVFzRRlXrlICvq1","tlshash":"3463121b16c1194f73aba4a4cdb65d8bc8d31b2dd3622591d8c686a1fb3cce53e4843e","first_seen":"2026-02-14T05:30:50.822078Z","last_seen":"2026-06-12T00:18:49.56838Z","times_seen":6,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1770729112","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/bundle.js?rand=1770729112 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 339471\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-52e0f\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:12:27+00:00\r\nx-node: m9p-up-gc58\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1539171,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3c0cc91f1a0e868e112b93f5e71d5361","sha1":"3fdc1b4c448334114515b0ca6f2f0f3d83e0eabd","sha256":"5dbc4be5ac058482599329a4e302477929d837c7cb5285bf069cbe4c38b8ccbf","sha512":"9d93bebe9a66d94ec97c199e346ce6ac03f70498b93d22015149090e3109d20c2aadd54fefdac43e4e30c808ab4d41555979d25c6de584481189217e569673f3","ssdeep":"24576:j5h1n2wU6C3nmrkmYIfH6+rlCrL3RhKfIapRuky+o7jm/5j9I/qd:jj1q3mtY4drlCsIapRuky+o3m/5j9Ii","tlshash":"c2254ac5b1c1f46502d355e6643b2009f23a285e7809b064fabcddcbfa6659e6233f39","first_seen":"2026-02-10T14:15:11.540974Z","last_seen":"2026-02-17T17:00:15.661685Z","times_seen":212,"resource_available":false,"data":null}},"time_used":724,"timings":{"blocked":215,"dns":73,"connect":68,"send":0,"wait":70,"receive":222,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/content.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/content.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 93284\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-16c64\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93284,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e7b7dde0d218100f03ab0eef2e6e3f46","sha1":"482b5889bc9feeadc87c8a84519d1846aecf06f9","sha256":"e16f39996e1705459551f3deffb5272f7339f80a5dd8715656fe384b4a0732ac","sha512":"2072f09b3922655a355de956ec8ca5a5701a9a99bdbb3d308c1265ea728d5fd653b305d74d86dbbd369fd616f480c74e198350a191d223cfedcd278c93de86b4","ssdeep":"1536:2QJDKHDm2xD4VMr6IQQD4+GaUmOOe5Zj4sJoMys2iRkOvEUwKSrC9LED9lVVH3jt:2QJ0NxD4Vjj8maNWZxH2iK4EYS29Lm9b","tlshash":"9b93128b58c77c3ef069ef2762be671353e8381dc020e597e757b13e71900668932555","first_seen":"2025-08-05T17:20:37.042733Z","last_seen":"2026-05-24T00:49:23.177551Z","times_seen":74,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/crypto-bonus.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/crypto-bonus.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26860\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-68ec\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26860,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d15e7574bc05bb86f75fdebcd33e44de","sha1":"d5b5ebab2625659e0f6631cd0a8232beedd223d7","sha256":"efee8b3791d4dabc6b2afe05cb848bc8fe5f7498886c426cd334eb0f8d5ee501","sha512":"48d6bc43be2d6a202d62845ecddd084b3f96fb21d88a8d44eebea3f57a30da442e70a2cd889459de265d44fe219f3f16035cb42385e938eceee4e2a301813ef2","ssdeep":"768:lrxVm1J9sABzc0W0CZpUrYAP6tuV4CGwvn9K0NsoWqcgc4y:BG1D3Bs00pmYHtugw/GFgc4y","tlshash":"f8c2f1928d32aa51152ef323a1fd5bab438dd4c64fc52e72bf2271c91ac9984d1c87a0","first_seen":"2025-07-08T21:30:00.375851Z","last_seen":"2026-05-24T00:49:23.371612Z","times_seen":82,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/slots.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/slots.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-194\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":404,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0f0221b3b1167d4c8c77539b4f55cfc6","sha1":"5efd109f778c3fb9ebe0bcd1f8b94de348cce651","sha256":"5f8b129d584c3b016f320a62381ad637a3b3933fb53fae47de0863dcf4fcdf8e","sha512":"094842b35c36f19abd76cf0d2125b01d989b7fcc453e901b13251d847492c3088e4b5993d30dc43fc99d2ae7eca43c4cf00ff643ef2f058c0270f41418da960a","ssdeep":"","tlshash":"d1e068f4926c46acb04f073b8f67878ca71ef4eae4464106b1cc263a3301092d9079fc","first_seen":"2025-06-22T12:57:21.043958Z","last_seen":"2026-05-24T00:49:22.885173Z","times_seen":138,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/rocket.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/rocket.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-57a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1402,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"48077a9e3d909fa5d5a7f09719a2d432","sha1":"4c4b64a7e50c3130f479c242c50510b6790c80a1","sha256":"11e40b22f6c9bde571089816532348b1738a3e4a185e6157d96ff4d5826890f7","sha512":"379f1a2e3021020f6d8a115c3bfd45fd7b2acb46f56697a6aebbbc1c7be1434abc4d3c0c2e0705dcfc240ea4dc4e1901fe611f06314ad5fb12e2cd54dc3ee867","ssdeep":"","tlshash":"192110d75168938da9cd961aef60ead5332ea07fb1fa80c1a85f161c534add1f006020","first_seen":"2025-10-28T14:54:47.391114Z","last_seen":"2026-05-24T00:49:23.092909Z","times_seen":9,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/download.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/download.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-10c\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":268,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"621bdf8aa40c0a561292c8e28dfa7404","sha1":"c67ce0df2fc4728decc5145059144952a88b712e","sha256":"4a2d122e0adae5e054c761aee881bacafb5a03a4641eb17cc4347631ce7b0224","sha512":"bb81e76dc4495cc6078da99cfe05b9c7e295be4c17438bf96b0be1cc9d7418e7f33e0381c8d30ab6fbc7527eec03525e947cf96f4d93abfe8249d07f6748882f","ssdeep":"","tlshash":"a6d02be7b0289e58f148430a12b8786a04f590fff81802e5f6423ad3f0d41c26e934f9","first_seen":"2025-08-05T17:20:37.223596Z","last_seen":"2026-05-24T00:49:23.304348Z","times_seen":74,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-700-italic.1107dab5a2b7b463.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-700-italic.1107dab5a2b7b463.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 15604\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3cf4\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15604,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15604, version 1.0","md5":"2c3951e7b40d2c0d0257f5340261d0dd","sha1":"917fe952e13eb314d554d50d87d2d33c1609f4ba","sha256":"0e11e659d374826312dffca4e775323581d2142dad6e3afd2c9ecea18914e799","sha512":"fe74dcd6f3fe2c7a3c42e8eed60f0a88818377ec13aa767332a4ad36cb5930d32e1e4bf880bde5d00535525f4eb5846eafa9517753d2a9ae81f6629f1a844fbf","ssdeep":"384:uIQUd1lpPrPNUt+v5ykjSKCVh4x2TpBZbGaTJIS:uIQk5NUeyk2KCVh4iHJd","tlshash":"ce62c099c5fa8e1fb38c9ab7fd5f07d843a2471d08d05484c431c4d98a2da818ce7ee6","first_seen":"2024-07-01T06:02:19Z","last_seen":"2026-06-09T06:50:07.229938Z","times_seen":112,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/SnakeArena2RL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/SnakeArena2RL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64175\r\nlast-modified: Fri, 16 Jan 2026 07:06:11 GMT\r\netag: \"6969e363-faaf\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64175,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"87b6fe91c6a694d3e28ec68e2234bed5","sha1":"a25a16a822af267099b5f3c9177b7ccf34932752","sha256":"f67298be190bb3c7618d713f2b99bba08157f1e3ee4ee53b98d8a7c4f7f3265e","sha512":"0abb5d55a0e654437a6510d149674603d3ce3b4b00ad0884279c81dedc1f49b5286590cbbd5dd2624579c9703686ae7ce9e7886fef0ef91c00b65d4811301698","ssdeep":"1536:PhdFn+sCUcAAcQIbPNewUnt/6vsmfuaWsDoY5+YmasrZ:PhdUsCVJUNewUnt/6vvfujXo+Ym9rZ","tlshash":"dd5301771d701bdaf5ce8cbd5991b87875d3878edb5901a833c482b3dc1a6b8c24b251","first_seen":"2026-01-27T00:01:42.945169Z","last_seen":"2026-06-12T00:18:49.698078Z","times_seen":8,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11479,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ea2c9b77a028aa21ca102ce01b4d3ec7","sha1":"0726d8c9895d77a2493d77572c8693ea9586c02a","sha256":"eed9f4fb2c296c27c2be8ddee74b5ec92bb36128888a9b79fc58cb9e50075901","sha512":"1fefc617291f039477b579c1d7f9208efd51d0e5ef932deed8a5782260d7270fc636d99ff4560803b26538b8ec93ac3dbf6fcee49c8886de9f3ac4d098972bff","ssdeep":"48:YatuqRrOB9KMCJVNemdiaqIQtf/4IEkkFbow+JTVEEfpFs3Md9DywlXT:3R6B9XC5LiaqIQtfhTVDbd9DT","tlshash":"b232267a44280cffcb1725a51fe3be8e409d50c68adeee6415cacc0c49fdaf68506976","first_seen":"2026-02-14T05:30:50.831266Z","last_seen":"2026-02-14T05:30:50.831266Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/bitcoin.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.119Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/bitcoin.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-1673\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5747,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee55a8b8023b414560960992a34fea69","sha1":"53b955b7d1b3f5998369e6a48766e420104a4e10","sha256":"1ebf0d67f8863af08c2fed6fa33f7131899291c493d77d7f0d878be130fa5b6d","sha512":"b7e7db9ea04ff24740d29a7050ebaf1caa1be7c2f1918f0287068fa208bb01777db4cfbdd80d651e2ec93b1182d07fd3a4261aec37ec2d2cd5912c56c4c63a47","ssdeep":"48:9bVg6AqJuPwLoaOZSGOVJGsbw4Lxs6cFdm72L91FE2rUMm6rfluTROYknvgjTXsE:tS2nVSzk7t2BuO7nHYSsP0e","tlshash":"17c1e7c033aa6489f424d7eb5f5b903a7822bcfeb9408814d3e88e64f1d149c5c25ed3","first_seen":"2025-06-22T12:57:20.945168Z","last_seen":"2026-05-24T00:49:23.336185Z","times_seen":219,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/WildBountyShowdownPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/WildBountyShowdownPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74381\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-1228d\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74381,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"c9dacd2fe5bdf78d51d0c5816c98205b","sha1":"a43d29a11e4f05d39e3548a720cc6bc72c14d4c5","sha256":"bbde4c79c4dbbe055a04dbb725c96c59e7c2df8dc50ad2c928a57d4f3a5dda7b","sha512":"3b911b01b7596a11eb171e89c11b2436b31f7012a8e6acf862b0d5fbd3fb803e2797472b439763f15c1610d702b61d415875922142f8214f99c89d0bea52e1f3","ssdeep":"1536:vFw/nWdK0PS517s7C6nxx1TtkldJdIRwOrp0qi+YlFAThe1OANtb:vFw/nWE15ps7C6xxlt6dP2wOdJYlmhe1","tlshash":"8573027761e9e5dff23b5b2fc698d31d0dea02a7322920ac018f00d9917516989e3f79","first_seen":"2026-02-14T05:30:50.832715Z","last_seen":"2026-05-24T00:49:23.314292Z","times_seen":7,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/LePharaohHG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/LePharaohHG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72305\r\nlast-modified: Tue, 09 Sep 2025 10:49:20 GMT\r\netag: \"68c00630-11a71\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72305,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"10da40d4241e3d0b472a4d3d1ba03dc7","sha1":"d4eab63ed662013fa0d88d1ec6297923d037da5a","sha256":"4d0bc9b29c0d7eb110ab8e90fc12605b8d429c3e0290059cadc3c19c509e8aca","sha512":"62643d86cb27190d38a4fca3ad127d0dae66f553949cee844bddbf4b63b047a60837678eb0922914ed38d1cce4e52d1a00f8106880e63873b5d36c850f115ddf","ssdeep":"1536:TgUNFIZitKAmQu1xJHt9r7g4oVeBSI+HhlG/JwSyZJX0Cg9Uncl:TrFsiAAmQu1xdtdJo1NhlCJwSkJkhOcl","tlshash":"21630254663f28c1a1d340b762228cca14deb73ac25d101e7db7bc640e87bae2c7cd99","first_seen":"2025-09-12T22:08:21.782031Z","last_seen":"2026-05-22T01:16:04.907955Z","times_seen":148,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11271,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"151a55a87ca4efb9bf0dc8557f55acc4","sha1":"6362a137553f69dfbe48fe63796af5ebe1aa17dc","sha256":"9f27d4bb4b5c973b5533edd20b0e948cd26ed29f0d6de6a7fde5791ad3d2629c","sha512":"ceff8e4b35962e8c99c5767c65449ce058977d983e60e0f41b79bf0104210c3705183a8d09ed6cdad0364474276f579325b2dafacb36110202d74111d94622eb","ssdeep":"96:vMWOAZ7saGafME4yt8RocAfmEXN27fmBb:lPGsLXfPXN2TU","tlshash":"4232286b4b281cbfcb0f15f41ff33e4a918e0186d6c5ee65048ace9c85edaf6541b426","first_seen":"2026-02-14T05:30:50.835278Z","last_seen":"2026-02-14T05:30:50.835278Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1930,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1930,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/AuraGodRL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/AuraGodRL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 62842\r\nlast-modified: Fri, 16 Jan 2026 07:06:10 GMT\r\netag: \"6969e362-f57a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62842,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"50f56c809a675d5a52aec8e45f6a8048","sha1":"cf167e39375ba33459c10778b656f027b448b3ee","sha256":"2334d43559d5525b706752c5efafae79a156383f6768cf01f0666fe440975a81","sha512":"4c4212232d5cb24f60531673aa62ea6bb611d90d45b9f0d19b38c92863a57c7a661780e1e0787e676265f64985cf9998af4262578b6cfe3ea91d94b6bfe725ed","ssdeep":"1536:Og8GQ7e/yXZmBVLY8aakmscE6VdH8s112n/:2HAL+np6/8sen/","tlshash":"d75301a9fa281f93a4710c21e987bff55be1e86ecb27018bc5850d170c858a913fdd2c","first_seen":"2026-01-27T00:01:43.034753Z","last_seen":"2026-06-12T00:18:49.633167Z","times_seen":8,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/logo.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/logo.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-55e\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1374,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9e9f4ed21539acd13c474dc980a5595f","sha1":"b8e12510f7bce5e6e1cfa11f20c69dc746da7f4d","sha256":"eabb425ab245fa661f48fcbcce101112a4e3d21355ea1b0b5a32dbcd78f5d576","sha512":"24a0597710b8b0c13d03b59800a70da810993cd37db7ac2782b073268de7be96912d3e833016df4f927908d1386c224140dd21d713891f15010c46c703709051","ssdeep":"","tlshash":"5421dce567ed5fe0ca608ba5d97cb0b5712fb4fa2780c2ca5bd04d5061b54cd884cec4","first_seen":"2025-08-05T17:20:37.146266Z","last_seen":"2026-06-12T22:55:42.784458Z","times_seen":80,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/game/last?per_page=30\u0026lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/game/last?per_page=30\u0026lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/DeadMansRichesPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/DeadMansRichesPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74908\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-1249c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74908,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"a816688e304cf954aeb7e7c5f109de64","sha1":"6fbbdc9d71205a29d21dfdf010566798be827b4b","sha256":"ba51fd4ca32b5629f23571e8405e061309b99538d332beb3749b2058e9331e58","sha512":"f33c785485b5f5cb6d0ae4c54b51c809624d2e5d38239d1f0cb471a6c89b065d0d9f4250a338a211e3c72640bac35fe770214e154d86684ed8104d426ed3e01a","ssdeep":"1536:SZ7GXMAfM6c8RBia32NYJxWGVFZhWh0UvzRt7YQ+3EpNJORK5ZL:yGXMAfM65/pmyWGPjWh0MzRiQ+U/JO2L","tlshash":"3a7302663b62aed2e5df67ac84a61d1530cf7f5e809949086cf2b521406cecac39f7d0","first_seen":"2026-02-14T05:30:50.843049Z","last_seen":"2026-06-12T00:18:49.581699Z","times_seen":6,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"node-sber1-az3-20.jivosite.com/widget/status/2256902/ESt1iDtMoi?rnd=0.43909602655274005","fqdn":"node-sber1-az3-20.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"178.170.197.234","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2256902/ESt1iDtMoi?rnd=0.43909602655274005 HTTP/1.1\r\nHost: node-sber1-az3-20.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://kentcas393.click\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\ncontent-type: application/json; charset=utf-8\r\npragma: no-cache\r\nserver: foxy/4.0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\ncontent-length: 79\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"23004c993bae8117921b54a171455921","sha1":"eab6702193cac131759dc8d479808d5186b4b994","sha256":"1810c736abe7811fdc653e6b2fa12c3e8d57145c1aff76407f6dffcf8e3831a1","sha512":"5b74801c1c96340f65d1e58fd45267b66043c7e98692e923e1ad6cd77f310da23dbaa3a3f72443a74c974d89e63fa9ca15e1005bb49fac3a0884a7094798ec1d","ssdeep":"","tlshash":"23a02431051150104310c310f1c73f014c34031377d1c434f355700073f745015dd007","first_seen":"2026-01-27T00:01:43.016279Z","last_seen":"2026-05-24T00:49:22.973942Z","times_seen":7,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":203,"dns":49,"connect":28,"send":0,"wait":28,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/category?lang=en\u0026pr=kent","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/category?lang=en\u0026pr=kent HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:28:34 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4087,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d8370cd6ba878994f0cbaced99165b97","sha1":"4cfe8638749d3ad2813e04cb47da0f88cb152bfb","sha256":"cae1c9069b677f7cfe3738e4378f225e5490b41b9b2e5687a07679ad19fca9f3","sha512":"ba257e447321c96a8b5c2dd455271457b5f57badcd75affadb0333c8c2a3ecce3e316fd518412c2347e37f34b236deffa2c10639017ba00aa8aeaf6ae1272377","ssdeep":"","tlshash":"fc81b033e11449fad369bfc53cdb360625ea125c3dc0ee2aca88d60d02956f94727977","first_seen":"2026-02-14T05:30:50.847405Z","last_seen":"2026-03-18T07:51:45.277452Z","times_seen":20,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/NSD_header_BG-1.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/NSD_header_BG-1.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 70576\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-113b0\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70576,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"235bf94ee05b4ebfcaf5d69624c2a74c","sha1":"b9403fc4b701f3822481d17ef74cc68719780070","sha256":"edda1557ea1258dad07cda63d00a54064b8c16462f732b7659e9b1a711cc1ffb","sha512":"c887f2330a0ce0992f44fb2c4525e901c18a4d3e0e8883c247f0535c9ec5d9e9bc7a66d1e7ae69a6814b86ed49ca4d63982e00fa8b486d1632c1295ab9dc2312","ssdeep":"1536:diwrT53RfIVZ0IDPSzxEK/djV2AsFq/EmLBgt3sEuCPeX91Sysbq:d7RFuy7xEydgsE4BgBs+Py91Syse","tlshash":"c7630299e7e242ae443fe7c02989667dbd5903872bb4250f3de68443cb6973041fde48","first_seen":"2025-07-08T21:30:00.354523Z","last_seen":"2026-05-24T00:49:23.679644Z","times_seen":82,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/tournaments/kent?lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/tournaments/kent?lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6220,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"319b98d08ed71405c5c9a091c3ec4456","sha1":"6b6b7327f03aeb39f662ccd6d923b0f6ddbe0638","sha256":"4180061737362d3d55a693a4dd9d8d2912f7fb7b64ac55300921d2d3c7a31ae6","sha512":"9db0ee0d33bfc0ddf72fd517ba9af6ff1ca22a53efa769ea533b4b37ddc834cbcaaa1e50eb1a09682d17da6bf8bc64130bd82e1ad1a7a73c7947de7758665a8f","ssdeep":"192:WjwY3axT7CtuuCtZYEaQvFH2tojZYxaQuoZvm:UwY3axnaCtZYEaQvlbZYxaQuog","tlshash":"b4d166b547ac247ea54be9647f8ff7f0167a7049c2c0c899f9bdca2c044853e49a24b4","first_seen":"2026-02-13T13:38:46.49126Z","last_seen":"2026-02-14T05:30:50.849623Z","times_seen":2,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/ethereum.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/ethereum.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-1c2c\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7212,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3fe499243090a7dc549b24c1b9429f7f","sha1":"3b2d21f6225ca42bdc073c72232d1a993b293b1b","sha256":"161524c2c8f622ae04f7cc826368f931e489fe7a990b68db701aa81dc8159f71","sha512":"cfa25450d0f995b67327ad5e9a1c6a516bb421a2b026257aa7e22ef9d96b166bf24db0e3a8c7a44b9c8bbfe2f16840b9a94f7fd3623786112d969c234775c5c6","ssdeep":"192:Ax6geMbCgSrnuVk5RnK7GdYZMlQXVNlLlN:x9gqumTdYSlyP","tlshash":"d3e1c7dd1f3107cce884d2fb6f2694d9318ac9fea5488885d3ba8d3aa4d14b44d5acc3","first_seen":"2025-06-22T12:57:21.20873Z","last_seen":"2026-05-24T00:49:23.070595Z","times_seen":219,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/category?lang=en\u0026pr=kent","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/category?lang=en\u0026pr=kent HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/weekly_bonuses_content.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/weekly_bonuses_content.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 40012\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-9c4c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":40012,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"67521610080036c0583934935acd096a","sha1":"1cec53d1b43012103e8cf352bbd72092dcc52ecd","sha256":"7c5905bf15fa1e1b700e18e00b03aec004dafe2da89f02a9df036a026f96033e","sha512":"908ad35e688b9ad37a3f2921491f0653ddb7611b2fc8bceb031fe220c9e7d4208c5522dee75cd1b433f1b7a765d6f4c8a8455a5de10ab73a7a65d13f85bce3dc","ssdeep":"768:0t57EShQ5RfgescpkG/uh1Lh+jxjPEPR+MNQ8caTj5sr8/rh/:0t57ESy5NVscHIlh+JPYVuMYcN","tlshash":"4503f154699af657830b3301d14947ec9483cb3e1378dfda95a3439d3a6aa63e80f60e","first_seen":"2024-08-19T18:32:15.312706Z","last_seen":"2026-06-06T17:37:45.143242Z","times_seen":88,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/shop_header_BG.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/shop_header_BG.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 69834\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-110ca\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69834,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0c21478aabb3d0c7575ac19bcf3f4f0b","sha1":"6ba93a1a5bd6602deb863b0bbb34c7f182613e3a","sha256":"4868f8733412967724f467064b3439cee76a5386661f2e2427e5896630079a66","sha512":"e2e5966824e51b5f3ce6d0ffdc336b2de5c3b796814ea869d48b2bde33eb003945113327edc2c208e6e899293afb3f4c27f6b0a43338309002addf0784d6227b","ssdeep":"1536:9/SYhE3O1Zwpgug94DkA3VqGcJXKfDx09xggUzBOa1n:9hfwpguU4w2V2mgUpB","tlshash":"97630269513b5fe15277deb95349d7008378b35e7ccf31dccc9b8a3b208198a20a91a7","first_seen":"2024-08-19T18:32:15.323041Z","last_seen":"2026-05-24T00:49:23.22543Z","times_seen":82,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/wins/wins_bg.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/wins/wins_bg.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 1196\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4ac\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1196,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"abacd14e77b29a462ce16c98c0fae5a9","sha1":"6b0c782a9908a2bcfd349f4b904b68507dc8c5ea","sha256":"59e78f21293bf5ef8f91ac06f407cff00b62207d4bf4746d6fc10cc00d27fcb5","sha512":"12ec716b931e32427d91e47cca4cb0935f7775db1702596d54b96b33980a104d331c252a6540cf19ae42e5f00a03866b20bfdc7f4d1e344519e7f7cef3af837f","ssdeep":"","tlshash":"3021d77d6882a1fa11b0a580c67a313aa0bdd87e85848bf05dd926064dc1e1bc5ab5ca","first_seen":"2025-07-08T21:30:00.277933Z","last_seen":"2026-06-06T17:37:45.125805Z","times_seen":79,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/promos/promo.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/promos/promo.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-428\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1064,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc4e77b9775ef0d163160a194166b907","sha1":"1dc259bd1cd1ef875ccde831d5ed20b53222f552","sha256":"6d284862b3a44b96248fdd4f2e0be08402fcb7b3c37df72d20c8f901153a599f","sha512":"5f545fd0fd930029695c26312220f09da614d2606a24df265914e7e0713d9b45c96b122bac9b563376f03079c13235e62a53ce1d430958d215d5bde11b4d386d","ssdeep":"","tlshash":"271120fab154a2f080069f75c47392a1b94b34fb3ae9c1cd8390e854aa2a125c688cf4","first_seen":"2025-06-22T12:57:21.196403Z","last_seen":"2026-05-24T00:49:22.710259Z","times_seen":138,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/XwaysHoarder2NL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/XwaysHoarder2NL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69719\r\nlast-modified: Fri, 27 Jun 2025 16:47:52 GMT\r\netag: \"685ecb38-11057\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69719,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"873b9f49061efc9cc74b8067033b9e93","sha1":"83dc9db5b4b95a50030e3305c6d2a29eb8454845","sha256":"45c0b313bc983dece484dbb235a88e911bdc5d121d1e46d690d3137df7e6e45a","sha512":"7cbdb7728a4e1ad34c52a7dacaf10770bd23ce51f5fb7dee95679b8a426f0bbf4282fc209c31d65e76568ae28db64641bd3089d9d13b9c95e58bf803abb17f52","ssdeep":"1536:T0i8gcLkVTdICxXcMpRqwuTQ04sLEWpZPVA0L:I3k76weQ0ka9VB","tlshash":"2763023f5018e2eb52412fa91d5b4874a6ec45f24c96786a73f34cd2f557342b9c63b0","first_seen":"2025-06-22T12:57:21.154828Z","last_seen":"2026-05-22T01:16:05.056424Z","times_seen":215,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/5f3ca08/chatcontainer.widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:32.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/5f3ca08/chatcontainer.widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:32 GMT\r\ncontent-type: text/css\r\ncontent-length: 14861\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"698b2a99-3a0d\"\r\nexpires: Fri, 20 Feb 2026 13:52:49 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:49 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-10T13:52:49+00:00\r\nx-node: m9p-up-gc30\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"30142f29f846e745dc58a8103d6c2edc","sha1":"765ab6186c158f91c5b02a45b3862f27becba1cc","sha256":"e83f8c3f545b4ebeb39d1586bd9cbb938500a7f857763f606b7b29dc3ddee040","sha512":"e37871fc0d6315e7705dcb70fe346cfb4ba1cd6c64d8d00759a3f3041f40c34256a030a5a8c0b8d4af89e94356e3f69e291d1a83f014905ae348ed9dd3ad200e","ssdeep":"768:2+XAQXgUyLSaZV0MKDhXeVrnIn7bwt0YRfSyq+kUH86Qj:2+XAQX4SaUHk0YR6p+BHuj","tlshash":"8173b462f6d0252df02bc536ece2bbb9643d901297231fbae644b734c78a5d7176260c","first_seen":"2026-02-10T14:36:06.544196Z","last_seen":"2026-02-17T17:00:15.678019Z","times_seen":103,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-regular.03e7decc532f08a6.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-regular.03e7decc532f08a6.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16728\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4158\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16728,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16728, version 1.0","md5":"e23161fd661d68acd57b789a9480e91c","sha1":"4ee6034ab8db8f6ae87f82ba2919574005dc91d2","sha256":"ddd9595560c35725e00d01667ce9bee519d245620e610844f0dd149df10b5d5f","sha512":"cfaa87e0974980fcb0e353db0a68deb3907846a6966e46fa21b2b637edd29071baf13825bb9ca2f10f457cd94baf3684d68b4c41af3a8353b14d21ea538f4e65","ssdeep":"384:6pTkKBpsb+Kkz953yu1mrwtzaYIAH6coLs9gLGwNnCPIRKRaaj9FG1ZU:6pTkKJ3yALtza/upE3nCgKaaJFG1ZU","tlshash":"1972b0295b80530fd91df5a270a4dfff61ae1ee4593ef8c23590b0b1284597a04b2db8","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-16T14:41:12.96542Z","times_seen":4314,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/mulish-latin-400-normal.16e241995ddafc55.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /mulish-latin-400-normal.16e241995ddafc55.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13308\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-33fc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13308,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13308, version 1.0","md5":"4a684bb9f8ac87840ebf9ecd11ac6231","sha1":"33e5298d295711a280e246ef054185113e096b30","sha256":"f86eb1d613257841fb2fc63c9330319fb84c7bc8d0f73d45f85533eb1659d4e3","sha512":"ca98a378863c5f54521d7aa9edce454a4329e15a2c8a98458738953b7eb68d68ff5378ee5b5c076dbf1a4e95c73c4c30b7a0c741027693e51eeec6081102cebf","ssdeep":"384:zIKfmwb7W3j/hZ0q0YefLhpBFJ6QT7ZeToluvj8K:zIKvbST10DdjX6QTFeYuvD","tlshash":"e752c073b64deadcc8d48a7593b9a022bec0526685892efc55376c433f0fea11581c7a","first_seen":"2025-06-03T04:36:48.16898Z","last_seen":"2026-05-24T00:49:22.582323Z","times_seen":215,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/small-tourn_desc-9.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-9.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34252\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-85cc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34252,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"df800e97a9ac880772b9cf886e173d0c","sha1":"42b632917e3a52c5e43dfdc90e0a1ce5c47708a1","sha256":"48d56eaa758edad8e976e0e84738a623a658d11e2f03070086f38862313e9aca","sha512":"bea5a92323cb296285e6c24c383231e427e873aabb1ad56e9bf1cacfdb888ffff876f29278c7ec5df127527a2b4bdf7ef2d0fe5b529c5405ec0c06a710a54017","ssdeep":"768:IB/txEcVbdyVFDkcwF9y/7wH8ZDoE8Z4Y1MRt81JLXMjUY3X:w/tmbjDqc9oEq1MEkUK","tlshash":"b2f2f23929c75a55da04afe7b1199d11d78100249ca7ba23c8a29dee0c8cfad7ea1374","first_seen":"2025-08-05T17:20:37.152299Z","last_seen":"2026-05-24T00:49:23.306869Z","times_seen":73,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/5f3ca08/locale-en-US-json.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3407\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-d4f\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:50:41+00:00\r\nx-node: m9p-up-gc7\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10600,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10573), with no line terminators","md5":"fc00deaabfafd48080a08fc0d7f841b5","sha1":"3bf17f3bd75349b1ba1f9b78c6117fadd4620310","sha256":"be8a7243d87cc8bc1c523f0b10a41c149622c9c6af30b6a4e8231b1506cfd542","sha512":"1f3d4801665e172b54578e6d0d71f066c72df7244512cf00026104acbf6f21dab5de812d2679f56b2414ae7f40fd4963f61db75bc7bfc0893c8a3debf65638fc","ssdeep":"192:2P7mk/7Obf14M6bOIpUTPqZ8BijFLeEJK:C7H7ObdFkOIphZ8wjFCmK","tlshash":"af22d71ee7017f360fa613c3744f7b5376a480e592646cb5d89c826943b9bcab217b8c","first_seen":"2026-01-27T14:54:11.499444Z","last_seen":"2026-03-31T09:24:10.733781Z","times_seen":1154,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"telemetry.jivosite.com/w","fqdn":"telemetry.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"94.139.253.159","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:32.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"POST /w HTTP/1.1\r\nHost: telemetry.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 185\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":185,"data":"{\"event\":\"offline_invite\",\"widget_id\":\"ESt1iDtMoi\",\"chat_mode\":\"offline\",\"site_id\":2256902,\"device\":\"desktop\",\"visitor_id\":\"b1a7fd873f2da1fb\",\"widget_version\":\"183.9.0\",\"shard\":\"sber1\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: JivoTelemetry/0.9.7\r\ndate: Sat, 14 Feb 2026 05:30:32 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":347,"timings":{"blocked":153,"dns":62,"connect":41,"send":0,"wait":41,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/bg_left.bf3268148a5a82a8.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /bg_left.bf3268148a5a82a8.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 67148\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-1064c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67148,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"16d4a751bbe2010d302f4a020ebc784a","sha1":"a948fc682bcfe8b064c23c66c600658022cde760","sha256":"42e09559f7aa6719d88efcc4425f265e4d68f2b41eb22a7ca490866ac9aeaae6","sha512":"3197a206fb83509333f8f43060f7a743307de98c722422512e54f610faf4d13f782258ac4b8cac00d3d5ec8df673887c9c8b03a245546f5c80bee3d6c4a43fce","ssdeep":"1536:Mh5TxcQUoMGUjIYmRh1+n+Nvd5GPcCu+2bQWtISgrJqE/HuySn7nxaE5m:MhmxGNYmsn+pGclbntIl9qWSnje","tlshash":"f16302a92042e456b71f3d16dba861431393c84976d2ea9ddc5093ea8057beee432fc8","first_seen":"2025-07-04T05:14:00.889341Z","last_seen":"2026-05-24T00:49:22.93248Z","times_seen":77,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":96,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/hot.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/hot.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-1c3a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7226,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eb3ba9023fa787286797622bddc92b75","sha1":"6f7937716df7b17c4af10e585da1ed241c382155","sha256":"e3eb5eddd056852d9231c8c28ea312a26f41e27f62a34de5a6fee370b9994264","sha512":"0bd6a49d9b9ed48128deae65c899ff852fde42e9b77708ca96ab47c86d967b89834d60521d8765ed54751c9f9a1dc8ab4570f233441d4ad75beca0293cbed07d","ssdeep":"192:JwzJxB59Mx0Qgr9Pzg5XWUh15uek59Mx0Qgr9Pzg5Xj:JMKdgrdzg5GO5Ttdgrdzg5z","tlshash":"cde1dd060354d77c6a86c50cce32a1a6369b14cef2efa0eceab39641f4475f5d274938","first_seen":"2025-10-28T14:54:47.394935Z","last_seen":"2026-05-24T00:49:22.620696Z","times_seen":15,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-700.31bf83bcbf020d67.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-700.31bf83bcbf020d67.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 19432\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4be8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19432, version 1.0","md5":"8463cdb9a06b7047c6e2e7eda0fd0627","sha1":"bea3f13f55c080e15e50312a5d5cecf29b08f801","sha256":"7aecbe035c1e311eabe7cac089f565c917558c365f809d5a9684881782370e1f","sha512":"cc46e30571e453431269f6ab06097c96601fcf4f700af69ab6416bc632b86d8fd756f7bc6c8710c05686b62371ec87b3a5ecb5dc5fdffe5010ec0603ec678b08","ssdeep":"384:sKMcqtSsJOPJmS0eepoRtwLHtJYvmW6Oa/0SXFao+HwvEeSzglljMt0ge0dvyO/:Qcqte4MKoRtwz2b6Oa/0MaxwvjSz+Itt","tlshash":"5a92d0e0228328f9f0640541768ed0fdcf61ed1964f227585046b2999b773deb7399e8","first_seen":"2023-06-05T13:27:27Z","last_seen":"2026-06-16T14:41:12.148477Z","times_seen":434,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/FortuneTigerPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/FortuneTigerPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74221\r\nlast-modified: Fri, 13 Feb 2026 13:18:20 GMT\r\netag: \"698f249c-121ed\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74221,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"2187c0e0d09986e4009999397d81012b","sha1":"c4fff49e460eb18df16b5a9533749f3c502135b9","sha256":"d4c77aaba2b79d5e24ce64e67b1012e30457162e77693f6736e365f2c79c0ef0","sha512":"e1eb156ab0984a3c5bd3fe48305f124da0a77331fa882b567e0a7c4de13f4ce4b838222baa1b94f059f4ebce5a22f58369f9b119af5e4eafb02365ea0da92fad","ssdeep":"1536:E/04Exvd8m99iM7wJCwrzXQ1slg+7cDkqkbvKvlRTKgX:E/lExvd889iM7Hwrs1VbDkqialRZ","tlshash":"527302169454b9c6f971797b5c73e6d70cf9e61220e89cd958cd39e2f90efe23240290","first_seen":"2026-02-14T05:30:50.871626Z","last_seen":"2026-05-24T00:49:22.594022Z","times_seen":7,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/loyalty.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/loyalty.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-d80\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3456,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a8233b99b982ec35c6fe6c8ec476cbd","sha1":"beaa7d4798353a2d3ab384815cc43b4bf9bba09e","sha256":"a36d916dee97a7dab0cc08dfe3f950d7c9773c92fba6a80f2a74938fa019e9e0","sha512":"e496f12079ec96fd5c15951297c6c44e8328aacfac2ee500eb7bd8e6664255beb814875f79e2fd178a4c99f11e451a6b338c808ce4e60126f0686ebd5cd003a4","ssdeep":"","tlshash":"2961fbe7a395b3c4e817dba1cd223638771b3cba3fa9c2d9c152999556221ad488cc80","first_seen":"2025-08-05T17:20:37.360545Z","last_seen":"2026-05-24T00:49:22.640709Z","times_seen":71,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/popular.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/popular.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-24e\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":590,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad3ab692945a93c4974467c3373d236a","sha1":"64e77bb4db1d16ab111fd65b2fdb3d003bcdb1ec","sha256":"9777eea65b8ca55f74b723ed796e04bce6dce9ba08ebe21344097df97d479a1d","sha512":"f762ff835b5e6e6bd39f240f39c2c3507d3cd306ba5ca409814711f095b6f7ee5f99f4d2777b39a7c555c4f51744d85e56404c78f97bb4f4f1a248bb5edfe6bb","ssdeep":"","tlshash":"28f04ce6c20843bc60ce4e9ca76c7124633eb0b6749540a1ee8d459e44035d0f9ab918","first_seen":"2025-06-22T12:57:21.087647Z","last_seen":"2026-05-24T00:49:23.558433Z","times_seen":138,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/small-tourn_desc-8.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-8.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33658\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-837a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33658,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d039c19b3a5fddf10ed6ff9cb3c4d4f5","sha1":"b05faf6e69f14b0e3606fef3556c19ae460eb0a7","sha256":"0f8ef2a2e528108631f922e1d2cee93f934010887f6d39a3c8896690f98eb01f","sha512":"c7c3543e57dd8b3b6ad9c93479a9e62bf30b2238107ac12c98a42f2ca4f649c53ced77a03225695d2552be22f23ab12f2405b97c81c199d6c0f657babb353af5","ssdeep":"768:JpTtcRcN5olqWQXWGkL+SW4k1P/UhNGKoPHRKMm8Co83a9Q:bTtcRcNSqWQXWLL+SWl1P/UhNGKgxvEt","tlshash":"7de2f1e468f88f2ac35beeb247c2929fd8b2350e0a50fc1a00452dd924546561fbe3f7","first_seen":"2025-08-05T17:20:37.178709Z","last_seen":"2026-05-24T00:49:22.826936Z","times_seen":72,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/translations/en?pr=kent","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/translations/en?pr=kent HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nskip: true\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:13:54 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115788,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"84209ae762b4fb333df73abd120f9453","sha1":"8b01df98bfe6f94b87c9e7a6c50fa67d51e944b0","sha256":"6fc1f0971338041beccc7db1d8dbf9c8ab55c9994cb50b4706fd2eae596f74b5","sha512":"112bf7383229018642b516c32525debcc162c12d14178143a0ea736ba0c88e2f0fcaa0eca4250f17788ca0e17222f269c4800feeb22a0966a4eab1a5e9624173","ssdeep":"1536:vEfmr38WOGc6mLNtUVugpA9WKSfFDG7/ZfAfl7X78B0W82eZ+8dnNSc/CCq9Ffrv:su78BNtUVugpAkRdqrR+AH3hvn2kGLla","tlshash":"ecb3085fe7881377179203c0ba8f7bfabb6d50682321c5a478adc16c2359d365a739c8","first_seen":"2026-02-13T13:38:46.548608Z","last_seen":"2026-02-14T05:30:50.875549Z","times_seen":2,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/weekly_bonuses_header_BG.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/weekly_bonuses_header_BG.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 70656\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-11400\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70656,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b1ac64f13bc889a01a0ed4c49cbad572","sha1":"c03c4cacf770d49614f7ef235c1312e4a3638e26","sha256":"8457a314c59b6b527f8719b14b246ddf8f65fedeaadf2cfb193b55f361d06346","sha512":"8ed3c8eaffbfadbb9b72af48783023c9390800f09d38183b566be2ad2788c37ba944dffa338b4c019f48016561cd44a43906a91c97c0fa096e2d35a685f11de7","ssdeep":"1536:dGkeurQYvAej8gkAt94b6/cdNFeoJyTBiUvaiNbnUJ18FKr5:gk1Yej8E2bCYyJYUV8sq5","tlshash":"166301870b16f892103f8018e45b0fbdb13a7a56cc6273f6546dae19d6da7360e74788","first_seen":"2024-08-19T18:32:15.313611Z","last_seen":"2026-06-06T17:37:45.183012Z","times_seen":88,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/shop_content.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/shop_content.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34152\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-8568\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34152,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b6bbd5a33d2b3d384ef0e6c39a4f535b","sha1":"06ca8823eebf70ffa0beca2d81fbe8678b5f22b1","sha256":"ba40e5b52247556bc8b0b4a2bbc494ee7236c6effe9a66bd2770865cab9dbd6f","sha512":"c51157c1fb6aeb9740da0008621ca41b02ffda9c7e9eb370a74e265899594dd608f5ef3336dde127be409f499bc071c113ba05826e198db1cd355f88ba58d44f","ssdeep":"768:FxTcSDMf/bcXFXBM70+dK6bCM2NYZGz6xjNDsl7GjcKUI:LTcSfXy0AKUoO7DC7GjcS","tlshash":"2ae2f1a6cfc99dc33ba42c0dc1150aaf8c7bea47852e712c46507c36ba5840f7963a99","first_seen":"2024-08-19T18:32:15.320224Z","last_seen":"2026-05-24T00:49:22.590148Z","times_seen":83,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/welcomepack_desktop_en.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/welcomepack_desktop_en.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 1835422\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-1c019e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1835422,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3376 x 1000, 8-bit colormap, non-interlaced","md5":"842684b5a27606a0f922bccbcabc0331","sha1":"6a1363bdfe525d85d1b7b87930e4710703588012","sha256":"1ebb507ad4f8f6ae6486f59a1462006bb31fad3978fd288f49e3ea02366045c1","sha512":"8ded42ce41a212f97df688f87825150329cf1f67d985565f9a199e02f15680100dbfcb74c6e937dac15c90bbfcf571eca2d93496dbf054a372092a4776fe92fc","ssdeep":"24576:x8xU8y4Sa99Km2vzTjLILJlogMwgfmOc6UZ53T:xuy4Pm7TjLILvnM/fWX","tlshash":"3e25330db6842710eb646ee30e7eb5c17e9a7e4152aa4dc85148d4a3fa05bf30bdc768","first_seen":"2025-08-05T17:20:37.520841Z","last_seen":"2026-05-24T00:49:23.703521Z","times_seen":72,"resource_available":false,"data":null}},"time_used":1435,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":1313,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/burger.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/burger.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-445\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1093,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d7af4ec6d23eaafbf06cba74964e83e3","sha1":"7094deb37f5f24d7ee9faf3bf1d92453d873a710","sha256":"201378ac83438389107eaa92d5d9b11029b2ba49fc1bc397a03f8a1c2976c7f6","sha512":"42c773daa99ee022bd1bb60602ba9629065482833fa9551eddcfbc865669d248e8d63b9f331504df552038358ce6049d2535a9ada00a66cfe806da737d9519c6","ssdeep":"","tlshash":"fe116afff3de86a0ba0fc7757b121126385329b91466dacd69640880d852bbc49899c8","first_seen":"2025-08-05T17:20:37.164686Z","last_seen":"2026-05-24T00:49:23.044402Z","times_seen":73,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/ecopayz.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/ecopayz.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-16f1\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5873,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6197bc595d7071792571c5d4a216da77","sha1":"ba1da339f8d3eed04f74f6130d8f5979e42606f2","sha256":"8e2eb49e0d2c978103e880739de327c71a978e398324e9f0b6bc424a3e0938ff","sha512":"698bbb08b15c6e06df383c1bb15927242eacdab1aaf8cdefd047c261e4c2422655cc609106a7dff84e2c3a0f7fad614cb13bd5323cd2fd476b86e7ee00d73529","ssdeep":"96:UJHwrwEBxByzVfzm/Jc8T8qdENTU5u/aMp86M8/9z9weTmMQMsu+DLZVLj:U1wdyJUdE1R/apUqeTtCLrLj","tlshash":"b0c1a5e8377c92f4f54ad7fe872664e5340260ffaa4589dcf39c6c28aa8145d5c84ac2","first_seen":"2025-08-05T17:20:37.06344Z","last_seen":"2026-05-24T00:49:23.066558Z","times_seen":74,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/2.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/2.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 8778\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-224a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8778,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"4f31a3583916442a1b43fdb95199358a","sha1":"7376adbec8255d731c3267e1430057b4cf61c5e4","sha256":"a1c42735b5ec272e951e3d6a9d07b5617342d289b3810523f13ac1e23f1ed558","sha512":"ab5d2753f0a91e773c5225ad3285c3b71179537686ecac2be8fde99e799c7a4273cb7cca948b20d9baeeafe40588cc7f75b9a2612c09a3d225f2f568473bba17","ssdeep":"192:qSxFpS9vqmnRvTpM+6r2ZybqSAkFOrUMMxFPp1nQ3j0jJ:lxFpkvqwvubqZybn4CFPp1QT0F","tlshash":"2002cf73100d55cebf86912f25b89f02d056f758c1fd17884c9926c9a1d56c33b1b122","first_seen":"2025-08-05T17:20:37.410056Z","last_seen":"2026-05-24T00:49:23.499213Z","times_seen":73,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/main.3405b98e3c8aaffb.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /main.3405b98e3c8aaffb.js HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-23ec16\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2354198,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"81ceb5b59ef79ba71569ece915723c87","sha1":"e179358c0e15f9313f806484b1c013b93ce5342f","sha256":"bc654b71e468e3b23be2022f8b688bcc3b47f5a7da12781df548ab11b7705d2c","sha512":"f5a1bd41a9018662898f8178fe5838997704b8b6fe9e742d77f75fa6ebff74258ea5974b7b54f2601f5dfc8641539f19819f2d157a0ca337db229675ca0cfd2f","ssdeep":"24576:mdGiXwLaEz7IxC35BI9y6Lbj49E+JYO5yXZz/3:mdGiXwLaEz7IxC35BIfLbj49E6Y7Zz/3","tlshash":"c7254ba5b232f0392b968456607b1585a33cb40ddb07b08cf3a88ddc56daedb617273d","first_seen":"2026-02-13T13:38:46.480012Z","last_seen":"2026-02-14T05:30:50.884155Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/tournaments/kent?lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/tournaments/kent?lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-700-italic.1107dab5a2b7b463.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-700-italic.1107dab5a2b7b463.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 15604\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3cf4\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15604,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15604, version 1.0","md5":"2c3951e7b40d2c0d0257f5340261d0dd","sha1":"917fe952e13eb314d554d50d87d2d33c1609f4ba","sha256":"0e11e659d374826312dffca4e775323581d2142dad6e3afd2c9ecea18914e799","sha512":"fe74dcd6f3fe2c7a3c42e8eed60f0a88818377ec13aa767332a4ad36cb5930d32e1e4bf880bde5d00535525f4eb5846eafa9517753d2a9ae81f6629f1a844fbf","ssdeep":"384:uIQUd1lpPrPNUt+v5ykjSKCVh4x2TpBZbGaTJIS:uIQk5NUeyk2KCVh4iHJd","tlshash":"ce62c099c5fa8e1fb38c9ab7fd5f07d843a2471d08d05484c431c4d98a2da818ce7ee6","first_seen":"2024-07-01T06:02:19Z","last_seen":"2026-06-09T06:50:07.229938Z","times_seen":112,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/4.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/4.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 13918\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-365e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13918,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"e6e02284267f65df2ebcdac3d454f3c6","sha1":"90a12e7beee3c121491e7f51266d10efa65f1cbc","sha256":"a0d379506526653dd0e1b4e40d36357da3c398a5346028dd49265f4c0e9e6918","sha512":"ab9061c4e3c0f66a391d546092d90e93c650219044c62e19c53a62b3c033cd0a09b20e33aaf28a89edc3f0cbc0366b4f3f1aaef353f5d69a8a03fde8a322b8ff","ssdeep":"384:s2w/Vkf2laPaHHELH74Vd4o/y/ZUi1M7Zv/7XVejWx+UPIz:2/Vkf2sPaELgdda/NU7Xsyx9g","tlshash":"e852cf4143b0d2e1c280ff09a0d87bdb0926be779f9d51d6aa045151eb4b09ee29b7fc","first_seen":"2025-08-05T17:20:37.190986Z","last_seen":"2026-05-24T00:49:23.560971Z","times_seen":74,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":136,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agstatic.com/wlc/flags/1x1/pl.svg","fqdn":"agstatic.com","domain":"agstatic.com","tld":"com"},"ip":{"addr":"52.84.50.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.agstatic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:22:43:3E:BA:C9:EE:89:8A:DA:E5:F1:6E:A5:1A:CE:62:7D:8C:8A","sha256":"A8:15:5C:3D:F0:FB:92:90:3A:8D:33:6C:77:5D:61:01:E8:D0:25:40:55:13:A1:47:54:B6:2A:66:2C:61:44:8C"}}},"request":{"raw":"GET /wlc/flags/1x1/pl.svg HTTP/1.1\r\nHost: agstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ncontent-length: 225\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\nlast-modified: Tue, 26 Dec 2023 14:45:29 GMT\r\netag: \"88f476932dd1a59dfb8fc64598200061\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudfront\r\nvia: 1.1 5f042aad530968241af9b660cec6b106.cloudfront.net (CloudFront)\r\ncache-control: public, max-age=31536000, immutable\r\nvary: Origin\r\nexpires: Sun, 14 Feb 2027 05:30:21 GMT\r\nx-cache: Miss from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Dgtx6xbOLpgUhw6vYsiRLumcREc9ZQXv5zqvRnZZHhahdzsWbPvaiQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":225,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"88f476932dd1a59dfb8fc64598200061","sha1":"4ab6fa4d71fa1e26b2a4d0c7848e5080dbe4cda9","sha256":"e773f6174a780d8bc7b53634e24f24fdff012ff405a3fdd58fbcf4a202c51494","sha512":"6c9a91ff4a7064dbec8be901e5161964fe167024fdbb9b8fe47319e7a181bccf8ead69033311378dbc50520c1cc9092528b88c9d4620ec200cee58ba54f1c555","ssdeep":"","tlshash":"05d0a9a580b8940cdc2a42304f2cb2ca2223698982c415a6f1a02850368a683d807b9e","first_seen":"2025-10-05T04:41:58.516551Z","last_seen":"2026-05-17T05:49:10.338816Z","times_seen":6,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":220,"dns":20,"connect":0,"send":0,"wait":86,"receive":0,"ssl":208},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/BannerCat_1-31.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/BannerCat_1-31.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 121108\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-1d914\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121108,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"ac1eca0f7f0ed84113d537cab8e9b8bc","sha1":"1106eb8dbdefd23c11fccb7092aa3559bbf28ebd","sha256":"aff41f6965077dd4a6065ff8472af1f7fa52b6b8aec2b7ffe09d3da55d507df0","sha512":"c29f35178d69bca5b18eb2b5f662a2a9a5030e7cc00b58b7dd53b80e28a5a2a2c2258cd7f1ff336338b0647b0ee3997142bf96b9bee0a4e4eb66c68739b4417a","ssdeep":"1536:vnMsz1Myk60KcNt61lyIphvxUSKg59YfILnnox98dnJFGSXxKgriDuTEFO+ZzSpA:vnMKmy+ZtoyIzvgcnnhFxXEzCG+e3GWx","tlshash":"aec3127dfa6a1c12b609b530f1416d02d6dcd4015a984f0d4db6fc79026cf8bf27368a","first_seen":"2025-07-08T21:30:00.371642Z","last_seen":"2026-05-24T00:49:23.007955Z","times_seen":86,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/mulish-latin-400-normal.16e241995ddafc55.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /mulish-latin-400-normal.16e241995ddafc55.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13308\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-33fc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13308,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13308, version 1.0","md5":"4a684bb9f8ac87840ebf9ecd11ac6231","sha1":"33e5298d295711a280e246ef054185113e096b30","sha256":"f86eb1d613257841fb2fc63c9330319fb84c7bc8d0f73d45f85533eb1659d4e3","sha512":"ca98a378863c5f54521d7aa9edce454a4329e15a2c8a98458738953b7eb68d68ff5378ee5b5c076dbf1a4e95c73c4c30b7a0c741027693e51eeec6081102cebf","ssdeep":"384:zIKfmwb7W3j/hZ0q0YefLhpBFJ6QT7ZeToluvj8K:zIKvbST10DdjX6QTFeYuvD","tlshash":"e752c073b64deadcc8d48a7593b9a022bec0526685892efc55376c433f0fea11581c7a","first_seen":"2025-06-03T04:36:48.16898Z","last_seen":"2026-05-24T00:49:22.582323Z","times_seen":215,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/visa.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/visa.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-4d5\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb44a62c392a656466cc4292c9b01c85","sha1":"da5416404e086527d249121a0e02b121b6282d23","sha256":"f596ff685b00268e18c8a108f8775fbb10d4cc568fa8fbbd162e944df9300ac9","sha512":"75f411e468604379c0959ff8108d22ac3cb94597e6a82cead9e87396d53e8318e036156502513522451ea464b3d3b6bb51c0060e87d2c4c72455ee414577dd4c","ssdeep":"","tlshash":"e521e0c9b5b846bc889d479ae72a714428eb60bd78118e44f34cdcf09a72a9da448450","first_seen":"2025-06-22T12:57:21.080048Z","last_seen":"2026-05-24T00:49:22.674969Z","times_seen":218,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/cashback_content.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/cashback_content.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39078\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-98a6\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39078,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d28a349152e849aae35f61fc506b6a6","sha1":"a7352149a40530527f96b4bd9bdcda9114d621a2","sha256":"83594fb676b1a88b4aace065d60291fb60167d9ac97ea7a87e91f5d1da37a795","sha512":"59007a1893d3017ded96a1ce95b9fbb007c8c73d86cef1e2f57c4d88f8b9a434107393233f21a7090e983edb3764480e092989540eb8b3b53695502dc8935f5f","ssdeep":"768:F9HSVrBbVywC39doKz6pLis91uOMiwomFxk3JtHH+aghsIV:F9yVzywC39lz6pWs9gOMit3JBH+abIV","tlshash":"d903f19d460128f77ac16db2901bbb7c744b337828e227f7fe80993981398dd5b65609","first_seen":"2024-08-19T18:32:15.309009Z","last_seen":"2026-06-06T17:37:45.289842Z","times_seen":84,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/categories/casino.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/categories/casino.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-3fa\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1018,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7642082198daf48355ff55d5cd82d4e5","sha1":"c0ab3e70eabeaeeac787336b0874ad25de4bd4b9","sha256":"1607a70524618274f2c209ead0fa547be954006ce4280d460d83af01d0bff1e9","sha512":"e32b5116932bc1463bdfdbb5bf4dd39e71c76638268ccd4e3e56bd0485764c09d90e077e943f5aa9b3792471e3cc6bdc0516bfd3c4aaa6fbe4274b5b04913d20","ssdeep":"","tlshash":"751112ca52b4960cecc959afdfa16284610bd0fdb529d889f1cde7409e878a4e001850","first_seen":"2025-08-05T17:20:37.400862Z","last_seen":"2026-05-24T00:49:23.496678Z","times_seen":74,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/ESt1iDtMoi","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /widget/ESt1iDtMoi HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6201\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: br\r\netag: \"698b2a9a-1839\"\r\nexpires: Tue, 10 Feb 2026 16:53:28 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: HIT\r\nx-cached-since: 2026-02-14T04:04:00+00:00\r\nx-node: m9-up-gc11\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18065), with no line terminators","md5":"08bb2b1c65762b11c191fd16e2399c86","sha1":"7f4fee0da92a42d27660159f34ed106b4ef79dbc","sha256":"7c0bcc2ed0efcd10baaf3ec249d1ef86ba0d93e7c523bdb4795b9ac128ae010f","sha512":"3d03e03e1f9d56ff1ef3307f17e39b75266b82f6c34626d132fd540eed90dbec23be22fb0d0b838cee19d406130855b1335bdbc39556c44b70f0575ca3136b57","ssdeep":"384:boU4JkQamum040erAN8OX7HMiqJISOVJBz8U08wYWcPY4:RtM/AfX7WO8UFWcPY4","tlshash":"2a822b6e7959b97743b208f9606f6209733549ebd404c920a401ea4d7db8ede813fef8","first_seen":"2026-02-10T14:15:11.610153Z","last_seen":"2026-02-18T09:49:24.551113Z","times_seen":234,"resource_available":true,"data":null}},"time_used":531,"timings":{"blocked":231,"dns":37,"connect":58,"send":0,"wait":63,"receive":1,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/levels/hexagon.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/levels/hexagon.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-2a6\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":678,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d63753195933b385be23a7e8957eec24","sha1":"44116eb2bd0232243ef3a97cfd9a160d8cdbe35a","sha256":"45d1adfb6587ae003bea112b0d4b5f743d40bc8a670cf837c90052fd3135a7fe","sha512":"e68ece1af31274629835c1831518fdf5571bb2b1334f8087f9ffa16459c631f7c11c015c814bb7918aeda3451cd6a899b010862d986f28441387bcf9e622624c","ssdeep":"","tlshash":"d2019ec5750c9181f4098b098a3d703f31f47cfc9abf435935a11297bd451da4c92ac8","first_seen":"2025-08-05T17:20:37.089767Z","last_seen":"2026-05-24T00:49:22.774519Z","times_seen":74,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/search.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/search.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-16f\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":367,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99e1aa2a8c9183dd4af4aabc7a4d978a","sha1":"f195d4ceeb7a461b1e28645b2354beb0745afdf4","sha256":"a1c785b6ffd11c1982b91cc53ee4d749df61f4347128244be17b94ed0872cb18","sha512":"e194fe8aeb4569254343bd8eb3d81681cf425f2ab78ee4b235107d2606d697bf1d905f8fbac9a5c4556591b327869e0aecc60e07a1dd3d57998ae29bf17ad9f3","ssdeep":"","tlshash":"f3e0c0f4130c48ecd50f9a3e9f7a8080c362e4f36828c001b1dcd4286703356b4c3959","first_seen":"2025-08-05T17:20:37.40545Z","last_seen":"2026-05-24T00:49:22.834818Z","times_seen":74,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/sec-tourn_desc-10.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-10.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34180\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-8584\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34180,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d148e38b32c8956b437c7b38efa82627","sha1":"03d36211d51ec61a01224fd80bda867d1641b254","sha256":"142f86e18bd8325a72713e7147db6c9afa37467f1d36d84c251cbac2ccffef43","sha512":"a580f55a13d6a5ea49ee4fe7a6121b125aee170d47945e58afe595e351f45bda82ca72a113af57a44ae4b7331ae49d336c8e8601545b85d2046068f16c44b98e","ssdeep":"768:xM1oct4PlyyW0SLI/FoBQjs2ajh1SIvLMY/QuEk0N28wd7Pd:GfYyynSLUFoOad1SkLMFbns8i7Pd","tlshash":"f2e2f1b598b9d62095cc6cba5eb04ecbe34b21a483b3307e4e0d6c9116f5c19d4b2ecc","first_seen":"2025-07-08T21:30:00.331026Z","last_seen":"2026-05-24T00:49:22.734253Z","times_seen":74,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":125,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agstatic.com/wlc/flags/1x1/ua.svg","fqdn":"agstatic.com","domain":"agstatic.com","tld":"com"},"ip":{"addr":"52.84.50.127","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.agstatic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:22:43:3E:BA:C9:EE:89:8A:DA:E5:F1:6E:A5:1A:CE:62:7D:8C:8A","sha256":"A8:15:5C:3D:F0:FB:92:90:3A:8D:33:6C:77:5D:61:01:E8:D0:25:40:55:13:A1:47:54:B6:2A:66:2C:61:44:8C"}}},"request":{"raw":"GET /wlc/flags/1x1/ua.svg HTTP/1.1\r\nHost: agstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ncontent-length: 249\r\ndate: Fri, 13 Feb 2026 16:42:19 GMT\r\nlast-modified: Tue, 26 Dec 2023 14:45:29 GMT\r\netag: \"57d4015f254507bdb4e39b2e8193c2b7\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudfront\r\nvia: 1.1 5f042aad530968241af9b660cec6b106.cloudfront.net (CloudFront)\r\nage: 46082\r\ncache-control: public, max-age=31536000, immutable\r\nvary: Origin\r\nexpires: Sun, 14 Feb 2027 05:30:20 GMT\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: havgxEgvHhVVOjah-IPOSQ9aTswwLziDEkfpTvbqhItrW_8n0AaEDw==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":249,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57d4015f254507bdb4e39b2e8193c2b7","sha1":"004c37ca50a2cdbc025a0d033b5f9bd56ca57b47","sha256":"d1e8353bf48e58af71cc8ed25d65a1db1013b26d6fd8e8116073731f8011eef3","sha512":"1ee2f466f447fc7d3dd4a3f3245cded880b56c7ea26dc48c59b4490a9876e7ee24db77f3a4d32589340ecb7d3d1c797f3d16071be5b773aeb53af09448302f85","ssdeep":"","tlshash":"9fd0a7f492bc551ca42843348f2c72cb6667604a72f82595f1502c24265e6eb9c5b7de","first_seen":"2023-07-21T14:15:06Z","last_seen":"2026-02-14T05:30:50.894723Z","times_seen":55,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":210,"dns":16,"connect":3,"send":0,"wait":3,"receive":0,"ssl":197},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/LeVikingHG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/LeVikingHG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65713\r\nlast-modified: Tue, 09 Sep 2025 10:49:20 GMT\r\netag: \"68c00630-100b1\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65713,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"1dfe2c72e412452ba4974b03b30c6ef2","sha1":"dd0ffcc7a30094b3c1ad7f78c7e038ba960d5484","sha256":"90804bcba8e0cfde0896d3ec9b4175adcb4122f9f1cf68d7ec1bb67d64c9d7da","sha512":"a921d5e836291b7bfeda482f47f5e55aab904a8d73e89731fc3108126e65d5b39a0234fa68df7bb74de4abb5b4c61fd451dec335d62fb5831fd27004754e4c06","ssdeep":"1536:otCfjzL2gSHYZabdeNoRcQ95ge35vy4P4q:oYfjzL2gBawNoWVOQq","tlshash":"cb530257fc923acad219c1719f9d521c3df8c796872426fa23f0eae6418ac6137e518c","first_seen":"2025-09-12T22:08:21.696262Z","last_seen":"2026-05-24T00:49:23.250456Z","times_seen":151,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-regular.03e7decc532f08a6.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-regular.03e7decc532f08a6.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16728\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4158\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16728,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16728, version 1.0","md5":"e23161fd661d68acd57b789a9480e91c","sha1":"4ee6034ab8db8f6ae87f82ba2919574005dc91d2","sha256":"ddd9595560c35725e00d01667ce9bee519d245620e610844f0dd149df10b5d5f","sha512":"cfaa87e0974980fcb0e353db0a68deb3907846a6966e46fa21b2b637edd29071baf13825bb9ca2f10f457cd94baf3684d68b4c41af3a8353b14d21ea538f4e65","ssdeep":"384:6pTkKBpsb+Kkz953yu1mrwtzaYIAH6coLs9gLGwNnCPIRKRaaj9FG1ZU:6pTkKJ3yALtza/upE3nCgKaaJFG1ZU","tlshash":"1972b0295b80530fd91df5a270a4dfff61ae1ee4593ef8c23590b0b1284597a04b2db8","first_seen":"2023-06-01T13:52:06Z","last_seen":"2026-06-16T14:41:12.96542Z","times_seen":4314,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/favicon/favicon-16x16.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/favicon/favicon-16x16.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 202\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-ca\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":202,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"b3c08714ff9dc1c761c9ad695e7ba489","sha1":"e34f26a66aad56cc15be74f1e00799b92111b5d4","sha256":"9ebd77cb951147544563e09326cb4b84b9d8a50c0b657ff7baec140db4f9ab03","sha512":"9553d0c67e3f7a90eafda80f3ae62bc99628acb0444f429d03e4165afbfa82416ee66af5943de52dd7f96921f04cb9bea59f4dc3dd3bb2bc4962a338dbfc07c0","ssdeep":"","tlshash":"b1d023d5c6c0c1142a47c4965b84a55c9b9470c0dc1f509d03de457d417d008172fe1c","first_seen":"2024-08-19T18:32:15.223887Z","last_seen":"2026-06-06T17:37:45.290455Z","times_seen":83,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4591,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"db3774a53aa610c49592c588316dd2da","sha1":"d56a067455ddd899e4447daf658efcc1f5a23dc9","sha256":"670fe5409fbc82384117ce3f425443a85bcd214fcbfd08f400013e32bc1c91b7","sha512":"1db1a11c7592f33a5e72c6dd253aa6b69ffd29009e9c569f1cb180270afe0d9a89ab3d3e965294dd7468e64d6fe32d3366d7390815f52abb4cb45aec9f79d2b3","ssdeep":"48:YPbg8bgchbgdbbg68Z3bgFrSEbgrY4bg7bgGbgKXbgQbgLbgk7Fbg/JKIXbgW7po:iBPobF8RwSEx4m53Xj6rwXhXtVNh9i","tlshash":"1291056645261cbfca1724b93f933fc6409c819a9adfef64418dcd0c96bc9f94907832","first_seen":"2026-02-13T13:38:46.522842Z","last_seen":"2026-05-24T00:49:23.256452Z","times_seen":9,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/ThreeCrazyPiggiesPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/ThreeCrazyPiggiesPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68644\r\nlast-modified: Fri, 13 Feb 2026 13:18:20 GMT\r\netag: \"698f249c-10c24\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68644,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"395936b41f1d389345a18b2d04364779","sha1":"ba123a85fa17e0f4cd1da1e9fb0244665b01bd99","sha256":"4f6e0c6c8908c2a5d958f6cde3b9d78fcccac14f2c0e08c0ee13c1a4cff739bf","sha512":"4d502deb73c31ac02322d024dc1e23c454fdeb81f7cd12597dada1ec45ece0e5a14ad054f6ef251f5e619d7d6bcd0d0bdea887698fdfe2f7b34bdc4dc63a9828","ssdeep":"1536:4/fvYOtsnweIngbHWIp7UQKsWxzw3YxCuRqHq/U/odf//:4/XYusweInkTSQKsWxw3YxCi/uodfX","tlshash":"ee630268c8822df5fb513bb9d4076e689bda9192307ab12b11cfd857fc239326a43c50","first_seen":"2026-02-14T05:30:50.89923Z","last_seen":"2026-06-12T00:18:49.629877Z","times_seen":5,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/BillAndCoin2MummyMischiefRL.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/BillAndCoin2MummyMischiefRL.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59858\r\nlast-modified: Fri, 16 Jan 2026 07:06:09 GMT\r\netag: \"6969e361-e9d2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59858,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"40f23614b17f3d79857acaa39352cb91","sha1":"d6a12722a4d3d0ed532fa06db15a21cbc93a67a2","sha256":"f1b6ff9f5ba1e48b62ccdad30785a8e4594c948fda65ac5ff3c71cf0b067a474","sha512":"85afb3eeaf0a2e55d1e497535439592f9133894bdee3a87eb40d64727683ca5a3bc8231b61d70938737ff9ea21ecc37bc4c89d59af858386e2ba0ebcb79e54d3","ssdeep":"1536:ROE2/MGUokJxecRNAAy1HeU0VqALXSMb1xefQTaUA:RlHGT2Ar1HeU0VqALXS2efkaUA","tlshash":"e44302621a342df1d86c1ebe4cb96f9c18da28121e3b513fb2dc5e8b4e02590d8970bc","first_seen":"2026-01-27T00:01:43.026644Z","last_seen":"2026-06-12T00:18:49.72056Z","times_seen":8,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:32.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/5f3ca08/chatcontainer.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 58233\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-e379\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:52:55+00:00\r\nx-node: m9p-up-gc59\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":244146,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9f708963e8177d2b3d1a38dc4820f064","sha1":"3ea95e21bd9f5717ec847711825fe1bfc5650570","sha256":"fa5e4af61c2153dcf52ff929360102348261b28e5d9fd4823fc5ba33cf350dd3","sha512":"5e430e6d1fec1f540efe6292925e5d824472306a939e336a9893b995a1478836ba0b3447e1589e1fe68d8d13b1bd26a61c8ed5f109e6b50537e72eedfc6c6da9","ssdeep":"3072:1Hc0Og6iAPmTwF42omI9rXDe5Uiga8SrDcN:hc0UiOE9YZgaTDcN","tlshash":"40343ad071d0e8bc42e641daa43f6100f2292d2df409b958f3f8ddd9ab5598e2266f3d","first_seen":"2026-02-10T14:36:06.467051Z","last_seen":"2026-02-17T17:00:15.6702Z","times_seen":104,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/bg_right.e2d21ec775bcd9e6.png","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /bg_right.e2d21ec775bcd9e6.png HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/png\r\ncontent-length: 14885\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-3a25\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14885,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 199 x 2735, 8-bit colormap, non-interlaced","md5":"a4d7eab03b3374f4aee1ee044c1c9c1e","sha1":"11b98b02bc7233e558253d974e96a99ff0de1686","sha256":"abdb0b72935cbe07a2580d2d9d66ebfa0a980902a8314b60819b7111608e8cd6","sha512":"3fa1ecfe356d5b6114664399467f6ddd7a7f62fb8e56dea15336a0dcdabc4696f0d277db04c14e34ae512120c66d7227f9f678a24eedb83a5422d6660e334cf5","ssdeep":"384:IYPJXA0yhrA6QsC6yLclcEY22chfshuhf:DmhrasdyLclcxGfL","tlshash":"a362c0f4a61e0908de0e79f3e2f45a8df9b4568ff6ac9cc1218046079a535cb48dc22f","first_seen":"2025-07-04T05:14:00.905233Z","last_seen":"2026-06-06T17:37:45.307539Z","times_seen":84,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":101,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/switzer-700.31bf83bcbf020d67.woff2","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /switzer-700.31bf83bcbf020d67.woff2 HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/styles.3a2810820b977f79.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 19432\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-4be8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19432,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19432, version 1.0","md5":"8463cdb9a06b7047c6e2e7eda0fd0627","sha1":"bea3f13f55c080e15e50312a5d5cecf29b08f801","sha256":"7aecbe035c1e311eabe7cac089f565c917558c365f809d5a9684881782370e1f","sha512":"cc46e30571e453431269f6ab06097c96601fcf4f700af69ab6416bc632b86d8fd756f7bc6c8710c05686b62371ec87b3a5ecb5dc5fdffe5010ec0603ec678b08","ssdeep":"384:sKMcqtSsJOPJmS0eepoRtwLHtJYvmW6Oa/0SXFao+HwvEeSzglljMt0ge0dvyO/:Qcqte4MKoRtwz2b6Oa/0MaxwvjSz+Itt","tlshash":"5a92d0e0228328f9f0640541768ed0fdcf61ed1964f227585046b2999b773deb7399e8","first_seen":"2023-06-05T13:27:27Z","last_seen":"2026-06-16T14:41:12.148477Z","times_seen":434,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":169,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/tournaments.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/tournaments.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-6a3\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1699,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e15edb0047f98d1b64ce4a4d4a79c670","sha1":"9fffc6cf696913da48da33d1ab1703c4d9785e34","sha256":"5e8e6239d9dae59cf44a70227be537098b03dc422cad8aed17b24decf32b0c45","sha512":"15e8ff6bd2aabb1248d7eecf2085b37cf721942bd404f74461c1fc23a712e3869e72cb8f4464268b7d06595ea0d78e6bf01f2b4507263381786f78fdac14b2b0","ssdeep":"","tlshash":"803194ff4710f9c8f187cbbade132d21316968bd5d8282ca2570e6e0f830351c959c88","first_seen":"2025-06-22T12:57:21.026936Z","last_seen":"2026-05-24T00:49:23.309422Z","times_seen":137,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/SweetRushBonanza.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/SweetRushBonanza.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77067\r\nlast-modified: Fri, 05 Dec 2025 15:34:35 GMT\r\netag: \"6932fb8b-12d0b\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"ff85ac46988cf78bb2f88692164f3341","sha1":"9db1c2f3230310e52cfd2248a13c6076504d9ace","sha256":"476cc6889c417415c021f070e8b56be2fb168f669781c7cdbffb213b3da99e4d","sha512":"9d97d1a59cbb20af6964ee5bc131c6524c4efca4049e636b4316d328bb753eb465b93164d20303e93d2425a67209ca07ac5e980217a774ad341dbf7c4c2b0281","ssdeep":"1536:W00sIO/ResjcY082CbFv4UHsGneE9K1fnK6RRJfiUNt7ykS8wIvvJbKDKdYZ+Jd:EsH/FvsE9OfKKvf3TS8wsxvdvd","tlshash":"1273129cdd5d7a15e2442b334e913d80a7ef3872f5cb5e709d0e91f0aa2ecac2157542","first_seen":"2026-02-14T05:30:50.904468Z","last_seen":"2026-06-12T00:18:49.624617Z","times_seen":3,"resource_available":false,"data":null}},"time_used":310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kent\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48 HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/Back.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/Back.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28088\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-6db8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28088,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3583eac2ded8ea57bd34caa1522d13f0","sha1":"1f45e41c224cfe6a97eb54f7fce4db9b62f8f4f8","sha256":"be1cc5c3f34e5c2e5a1b39eb8bbf3f1c73f1940ea6a66f889ecaaa95838bde32","sha512":"765c131393bf9b8964e8d45fdcf5be82db7a1403484d31ab7a38dc38320c8f6f7890edcfbe11bc539467adc372f7ededb60d343204b2be429a43621505a4df48","ssdeep":"768:5pnrVFIuWQNZmqrnRuP5D7RvFeUONoLH5O8ZKXvlIUfQ:LnrVm9qlGDtdO+O8Afa","tlshash":"f9c2f2f651a6b7c8c50100ab42fccc28b018c75c59824cd74633f4b9619c672d66faef","first_seen":"2025-07-08T21:30:00.353694Z","last_seen":"2026-06-06T17:37:45.198454Z","times_seen":83,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/game/last?per_page=30\u0026lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"GET /api/game/last?per_page=30\u0026lang=en\u0026pr=kent\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5368,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"daaacdd9f9b5baffc7548781704b9eca","sha1":"9b62c32ae73bd5a559e98c2ee9b33ec9b8deabf7","sha256":"91e68810123c3cdda050f83430adccba0511afa392961d464dd8e6963e16bc73","sha512":"5f10e0d931b1e3f7a22269e82bf02744ef5c3ec2bf870058d062973539531bbf0d9ab23e28bad3fc21eb610559673cfb8e59293d5429bca118398a24735fe891","ssdeep":"96:InZE7EWoP7UYud0GzE9V7x/ae8HTUt7rlPQPo7WdQpySQ9ZP64x2UW75r5:IZEYWoIZ0GzET1/aNHTUtHePoydQpyri","tlshash":"73b17a998f4bedbf336432901d83b3c62b6db12771c1cb9410a8d8145d79d6b226726b","first_seen":"2026-02-14T05:30:50.906918Z","last_seen":"2026-02-14T05:30:50.906918Z","times_seen":1,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/outgoing_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/outgoing_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5014\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69775d6e-1396\"\r\nexpires: Wed, 11 Mar 2026 23:28:23 GMT\r\nlast-modified: Mon, 26 Jan 2026 12:26:22 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-09T23:28:23+00:00\r\nx-node: m9p-up-gc29\r\ncontent-range: bytes 0-5013/5014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"7bf3e4962a5ecf1f8cbcc2ff3428f531","sha1":"f75c694461a643d2e096ae8d0f6c1a9d19602eee","sha256":"d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11","sha512":"53fb17ca3361636acb0b80107f66810150a8bbed9aa5f878c2b1fb5a23ddf7fd349b30eb082b05efb3c0d08dc5383d30ef15d0ca99ad98d62e0a9a335112ed6a","ssdeep":"96:nKEOyBuK+1D2sMVx9FX7+0YQQinefV/1gr/EaadKXdGdimO1:K2QhGvYinsLE/SUdUime","tlshash":"5da1399616202262f6090cbf124ec2f4e3996f6b39044726b67cd290f46ffa25366983","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-17T06:30:03.047541Z","times_seen":16429,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/icons/gift.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/icons/gift.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-820\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2080,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df0965768e874ad13424fca1d2919468","sha1":"8f9dfbb6d9afd849e7663b2248b3f926eecbc928","sha256":"3709b5b627f54ca4d5b6ddcd70ed8238d58dbe96d81e26ea24b1319571ea6dcf","sha512":"400f1d7bea005ca1a151f0fede6ec6607ef348131f0c77959e44c2beb1799d5641a386c39747e8c9c1138e4c62679dc579c281fa2dd4bfbd78f65147492ae5d0","ssdeep":"","tlshash":"354176f44140d4e8564bc9b49d7a7c94f72e34f65c24c0bc0163dd6adfa43e6ca1ac66","first_seen":"2025-06-22T12:57:21.069194Z","last_seen":"2026-05-24T00:49:23.461921Z","times_seen":138,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/runtime.410107919101eb27.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /runtime.410107919101eb27.js HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-e6c\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3692,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3692), with no line terminators","md5":"55fe0efb0efe52fed766aab654e28b48","sha1":"efe6b54efeda7202c3cfba8305081c5440ba0d41","sha256":"9a2bab6248cee226cf4ae003904f0ede6f027ccc7eaa56ff6b214ef811a3c2c6","sha512":"1e8629a64502cb5fd9ae51e2d0048d7ab688d4e40cf124e9fc4f696b8f327991b118572b06128fc7aa073bff086a240e84f004bbe243754a37ac086a933e6290","ssdeep":"","tlshash":"f871f7b42268edb62af104c55c3dc581f318a836156ba8e2bb1bcc786575ed20935ff2","first_seen":"2026-02-13T13:38:46.585303Z","last_seen":"2026-02-14T05:30:50.909831Z","times_seen":2,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/polyfills.522796e73cfc2d4f.js","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /polyfills.522796e73cfc2d4f.js HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-9104\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37124,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37124), with no line terminators","md5":"c32c895ba1c11332ec0886604c9067fc","sha1":"ada1267488d0c32328e15de3aa80f27d8b5e34b2","sha256":"c251ed452280ed17db7dc496ad874e795263d42312f745e2edba4fa8a0af4e95","sha512":"72d8a3164396f07c0bcad29e3022968975ace373e6ea63eb5b15b93bfe34862c62fc8d2ecaddb556d1a581fc52cecba5795b8046b7f5236526063c84ca76b5ea","ssdeep":"768:xFhDiDOx1jogSxDqlnbhH4/bwEbVuHD9QAi/n/OmF/bcVxvaDv9AUIj+5oY4+m3X:/hqR65ERxSvFq5M+mQR1z9tiTP1","tlshash":"86f219da7392b0b287f654f5c57f8007e63634a5384c88d8f14d99ea383714aa166f3e","first_seen":"2025-08-05T17:20:37.376571Z","last_seen":"2026-05-24T00:49:22.724572Z","times_seen":148,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/styles.3a2810820b977f79.css","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /styles.3a2810820b977f79.css HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-21f71\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139121,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"203dcdc4319e4a00290ff46d37162924","sha1":"5633c7e6af8a307f4228665efb19f256c31e6733","sha256":"8f7733880fd3efb0ee94d8c732a02b2b05c3e366ac7e51c1477f2fc06cf22ccb","sha512":"7290adb86a5d098ee3699ac069f0b6d1610a5a1615acad46c43b37a3372e43bac7b3736be214dc4bca00b848bf15b069f719311f5a8734c8a333e0082f299d98","ssdeep":"3072:HHmv36/OKu7R/5y23E3TnmCEoTac+jdNUBUQBYcO86SqkQ:HH036/OKu7tE23E3TnmCEoTac+N","tlshash":"83d30922e539f2a53717c45373849fec1278f80dfb172ae4f1a6cd0c5ac605692a6b6c","first_seen":"2026-02-13T13:38:46.50446Z","last_seen":"2026-05-24T00:49:23.328747Z","times_seen":5,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kentcas393.click/api/translations/en?pr=kent","fqdn":"api.kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.34","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:18.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"CF:65:A5:54:61:57:D9:64:13:5C:C3:F5:48:6A:61:3C:B8:F3:88:48","sha256":"26:28:7F:D2:D4:9C:AC:F2:F3:C5:E7:96:6F:DD:59:AD:16:54:B9:FF:52:C0:16:63:D6:82:7D:44:1E:32:77:B1"}}},"request":{"raw":"OPTIONS /api/translations/en?pr=kent HTTP/1.1\r\nHost: api.kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: skip\r\nReferer: https://kentcas393.click/\r\nOrigin: https://kentcas393.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: skip\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T09:31:00.786811Z","times_seen":16480402,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":252,"dns":57,"connect":92,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/games/ico/AnubisWrathPG.jpg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /games/ico/AnubisWrathPG.jpg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56974\r\nlast-modified: Fri, 13 Feb 2026 13:18:19 GMT\r\netag: \"698f249b-de8e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56974,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"bba747cacfc8da65251afce5dc429342","sha1":"11d3864d50b68d7c00e1984f7bf7e39e8caeeb9a","sha256":"042db45c1f3d7a2893ed4c9ab92514232f84f56b34dfc14f0b5ba0b1cdfabe6b","sha512":"b9ef10388154342fab58fec60e41233803c6258f3c3c79efc84d2861227b8a4401dadd5cf27e35460b05c27194a67c9e46a49d629bdee1a8d7ac200151ad16ce","ssdeep":"768:iW2igMXIREi71m/tQPusJ1c/iqPHm+G32ZytNvk0hQOGzwZhXFhaP+8uLjA5CY8t:cM4FM/QvWix+E28h+ALXFTjEtwH5nkgd","tlshash":"1c43f1b9377091c0fe2aa8b2292b4a0b6dc68b8627c7557cc521d891e277ec746f1325","first_seen":"2026-02-14T05:30:50.91334Z","last_seen":"2026-05-24T00:49:22.917454Z","times_seen":7,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/banners/cashback_header_BG.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:19.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/banners/cashback_header_BG.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:19 GMT\r\ncontent-type: image/webp\r\ncontent-length: 70656\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-11400\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70656,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ea2bab14cdc7a8da8157ddbfb06f69e6","sha1":"cc4951afab03db7626124c1da456f10c071461d3","sha256":"857e10aaf89bd4e6f06f9350593339664cf8fe86f413ff1babe1431faeafbac9","sha512":"5d7e577d46b0478a4494d4998a45f3a3a25b6d839f00e8fd4d1387acbaedb33c26fc08c43a3a81b4d6afb1a47207e52a7ab0a96e60e15b2903166146dd395b4c","ssdeep":"1536:nJer27WZAsmkLLdonNYVQEethsNR0mnqmi30ZxU+wFtq8usKSlmgY5p:nJerTZFEYVtekL0nHEvUJUzsKUbY5p","tlshash":"a26302e2e94412b0d9e75f581017c49e0a15cca76e7f1a7ed2569bc3833b410a2c1efe","first_seen":"2024-08-19T18:32:15.314384Z","last_seen":"2026-06-06T17:37:45.08Z","times_seen":84,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/footer/payments/interact.svg","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/footer/payments/interact.svg HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69859aed-55a9\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57e627c8fe520cf7fe6b7ba25697fe55","sha1":"4cfa9683305eee2075b9d4ffcee4e9575dda5838","sha256":"667d2b41d58cb58ea47f10ee14786069ee1625f861606772bd25bc980801642a","sha512":"865b8ad40bde7fc463caeabdd8470aff1794d15ca447fbb551d2ff8c71b5e572c764431482383735b52118849196d40fda3c6203b8bc0f52d67685cc4e9c6fb0","ssdeep":"384:faSlKW7ESNjUd4qT9v6KM2FlaD9+6cKUV3ecXko:fh7zNYdkKh+9At5ND","tlshash":"29a283e9173493dc98c7994fff32ed94531f64fab9a681c0896fdb58949b8c0fa06804","first_seen":"2025-03-08T14:29:59.761442Z","last_seen":"2026-05-24T00:49:23.45943Z","times_seen":220,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kentcas393.click/assets/img/tournaments/sec-tourn_desc-8.webp","fqdn":"kentcas393.click","domain":"kentcas393.click","tld":"click"},"ip":{"addr":"217.156.8.35","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:20.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kentcas393.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 16 Jan 2026 14:16:55 GMT","end":"Thu, 16 Apr 2026 14:16:54 GMT"},"fingerprint":{"sha1":"FD:C5:60:27:A6:14:82:B0:A9:08:85:7E:2F:32:64:7B:E1:34:E7:C0","sha256":"DA:F1:FC:6D:58:37:7E:3C:3E:E8:B3:CB:0C:5D:C3:EB:30:EA:BD:3C:C2:77:36:2C:B9:44:33:6B:E1:95:88:3C"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-8.webp HTTP/1.1\r\nHost: kentcas393.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:30:20 GMT\r\ncontent-type: image/webp\r\ncontent-length: 46610\r\nlast-modified: Fri, 06 Feb 2026 07:40:29 GMT\r\netag: \"69859aed-b612\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46610,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5ecf311b50c6e527278cfd9ae8413977","sha1":"64ca976ace554eea6c27e6b5847317fa78e64899","sha256":"7de96dccf65804d5b6b23f0adef5f6057777292b5274e1d8cb578b3a7cdf4011","sha512":"aae9f9cbb91e9b128d760d668a5b533a46469a51f1e57c1715fd8007b78a0cf7ab32a76a0ffed04f351d376b32412498f3e9febc867df533142bcaee930faf11","ssdeep":"768:XOeTTABthJWFod+mCcB5omuAI5g1UFsx/i4dkPueo+4sKAt8cIsk2S54kYcSd+Pa:XvMthIF8+mBPJEHsx/rwzo+4s/pQ4CSD","tlshash":"5a2302c74e9ae48c301cc3a910d7d6069603f50550ffe87b85f1b2739f285ee0619ab8","first_seen":"2025-07-08T21:30:00.283966Z","last_seen":"2026-05-24T00:49:23.203286Z","times_seen":74,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kentcas393.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kentcas393.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/5f3ca08/widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:21.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/5f3ca08/widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:21 GMT\r\ncontent-type: text/css\r\ncontent-length: 25386\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"698b2a99-632a\"\r\nexpires: Fri, 20 Feb 2026 13:50:35 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:49 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-10T13:50:35+00:00\r\nx-node: m9p-up-gc90\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137137,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2774c9239097c91a13a487e24a2ebdda","sha1":"b813877552a6d1ef88821d7e8c10d5fe6b3d274b","sha256":"e809e1f3500cf65e2f23d75eeb5e033afcc6c60507326aa7b6405c2daf477f51","sha512":"296c752e5f47b72284e1fc5b33566e2f04549beb5884f7845bd5038ecd5e6d5f062c8acd9b3367f6ad3757d011c0e64f94562492741fa9ccfbd6d215f453ca53","ssdeep":"1536:iL5TTKsyA6h6SrhHDuVye262HSfpTyl6568+UlA4UUV6tFUPQxicOLOEDl6mc3o7:LL3S8S2oaU","tlshash":"ddd3e865ead2a53ce91e541ac8c5aa3ca63de102cf230dbbf744f3e147cb6e21276505","first_seen":"2026-02-10T14:15:11.570412Z","last_seen":"2026-02-18T06:03:42.216428Z","times_seen":215,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/agent_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kentcas393.click/","date":"2026-02-14T05:30:22.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/agent_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kentcas393.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:30:22 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 3760\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69775d6e-eb0\"\r\nexpires: Thu, 26 Feb 2026 23:26:04 GMT\r\nlast-modified: Mon, 26 Jan 2026 12:26:22 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-01-27T23:26:04+00:00\r\nx-node: m9p-up-gc8\r\ncontent-range: bytes 0-3759/3760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3760,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"8e9a165c4cb185ffd0b2658fa088e43b","sha1":"195873e5e8bbb2f5ecc32d95f90d6fb75817a649","sha256":"ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43","sha512":"6ef9fac16ac2835ecb95ab077270293a95a3597fd28fb053b32cfeb6b0a72b52c0ee51b0504a463ac9db1d8a3b2c6c41f113012d6364d16feb8e01821a3221ff","ssdeep":"","tlshash":"c771295c69348528f80b31b89f4b765ac1512c19a8f2ddd4a62818e7377b36a678820e","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-17T06:30:02.955364Z","times_seen":16429,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}