{"report_id":"da4cfcf4-ee95-4439-b289-19928ae452cf","version":6,"status":"done","tags":[],"date":"2026-02-14T05:42:16Z","url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":0,"asn":0,"as":"","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"title":"Kometa Casino","dom":{"size":1507740,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"253365a2c04fb5130179e26502d0e028","sha1":"2a622dc29f2e54ba7dd65ff203eadc0075893e94","sha256":"d64b37acc640144eff439f6e1889669772a902d4da0dd5a0375be131db45111e","sha512":"1056e691b9e32c555c6df2ca695a95ab24d72b607f90b06226b883e424d52427ea4611f961c189c332df6c8c1bec06035f54ebad94074dd182c0d307657ec421","ssdeep":"24576:qnLBvKYoAlmls8uqU5rVGLXCZgwQmVlBTwXFXl2ll00w5fH6+6FV:qLB7me80XQXCCwQmVlpwXFXl2lZw5fHw","tlshash":"1e656bd1b2c5f4a507e701e6943b1002a33a2c1a740da458fbbcdcdba95a58e6337f79","dom_hash":"domhashca18f44ad98926d056f000e8cf616abd","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":0,"asn":0,"as":"","country":"Romania","country_code":"RO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T05:42:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"api.kometacas596.click","ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"domain_registered":"2026-02-05","domain_rank":0,"first_seen":"2026-02-13T13:44:28.805281Z","last_seen":"2026-02-13T13:44:28.805282Z","alert_count":42,"request_count":14,"received_data":159391,"sent_data":8056,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kometacas596.click","ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"domain_registered":"2026-02-05","domain_rank":0,"first_seen":"2026-02-13T13:44:28.809902Z","last_seen":"2026-02-13T13:44:28.809902Z","alert_count":267,"request_count":89,"received_data":8591453,"sent_data":41504,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"node-sber1-az3-20.jivosite.com","ip":{"addr":"178.170.197.234","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":2965974,"first_seen":"2023-08-15T13:44:02Z","last_seen":"2026-02-10T00:20:22.455987Z","alert_count":0,"request_count":1,"received_data":684,"sent_data":509,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jivo.ru","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2019-03-27","domain_rank":437705,"first_seen":"2022-03-30T15:10:58Z","last_seen":"2026-02-12T04:20:45.744581Z","alert_count":0,"request_count":2,"received_data":21698,"sent_data":888,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"telemetry.jivosite.com","ip":{"addr":"87.242.88.149","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":346139,"first_seen":"2015-07-15T08:41:42Z","last_seen":"2026-02-11T21:01:29.712197Z","alert_count":0,"request_count":1,"received_data":111,"sent_data":469,"comment":"","tags":null,"fingerprints":null},{"fqdn":"agstatic.com","ip":{"addr":"52.84.50.28","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-12-14","domain_rank":408512,"first_seen":"2020-07-31T02:50:23Z","last_seen":"2026-02-07T02:09:49.75871Z","alert_count":0,"request_count":1,"received_data":1517,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"code.jivosite.com","ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":232952,"first_seen":"2012-07-22T02:03:39Z","last_seen":"2026-02-11T13:31:19.510613Z","alert_count":0,"request_count":8,"received_data":2026722,"sent_data":3800,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"vi-sber1-20.jivosite.com","ip":{"addr":"37.18.110.91","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"domain_registered":"2011-05-06","domain_rank":2853955,"first_seen":"2023-07-29T23:17:29Z","last_seen":"2026-02-09T21:14:36.42155Z","alert_count":0,"request_count":1,"received_data":206,"sent_data":593,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f708963e8177d2b3d1a38dc4820f064","sha1":"3ea95e21bd9f5717ec847711825fe1bfc5650570","sha256":"fa5e4af61c2153dcf52ff929360102348261b28e5d9fd4823fc5ba33cf350dd3","sha512":"5e430e6d1fec1f540efe6292925e5d824472306a939e336a9893b995a1478836ba0b3447e1589e1fe68d8d13b1bd26a61c8ed5f109e6b50537e72eedfc6c6da9","ssdeep":"3072:1Hc0Og6iAPmTwF42omI9rXDe5Uiga8SrDcN:hc0UiOE9YZgaTDcN","tlshash":"40343ad071d0e8bc42e641daa43f6100f2292d2df409b958f3f8ddd9ab5598e2266f3d","size":244146,"data":"","first_seen":"2026-02-10T14:36:06.467051Z","last_seen":"2026-02-17T17:00:15.6702Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/polyfills.1d322f88bff78630.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6b303793148a52ac25d6083818e878c","sha1":"b9ea1199f1367dbddc09fef33409bbf53f1d6618","sha256":"f715ebca3b8bb3d7f5949e2be0921e81f428d7e85f73d754fa46d536395eb033","sha512":"23a509b1b73cb22f01562b75074d68e1bf14e6019a190591843a50b490e34b0e80340033323b8e5a1d2ddd23787d80ed9f53ac9a63c143353e9067dd543fe650","ssdeep":"768:WZKL5aGUIjImvY7dSu0NMrLDnvtcnSX0jQ3wo6eWehnGeivq/9Y+pPPMHpFxDKsY:aIM+zedc1LQ8ZWr3KytiTpQ","tlshash":"59f2f7d67392b0a28bfa55f5917f8007e63624a0784c88d8f15c98da3c3705a91a7f3e","size":35093,"data":"","first_seen":"2025-08-12T05:19:05.863114Z","last_seen":"2026-02-14T05:42:27.020271Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/ziqY8DLV0e","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"08bb2b1c65762b11c191fd16e2399c86","sha1":"7f4fee0da92a42d27660159f34ed106b4ef79dbc","sha256":"7c0bcc2ed0efcd10baaf3ec249d1ef86ba0d93e7c523bdb4795b9ac128ae010f","sha512":"3d03e03e1f9d56ff1ef3307f17e39b75266b82f6c34626d132fd540eed90dbec23be22fb0d0b838cee19d406130855b1335bdbc39556c44b70f0575ca3136b57","ssdeep":"384:boU4JkQamum040erAN8OX7HMiqJISOVJBz8U08wYWcPY4:RtM/AfX7WO8UFWcPY4","tlshash":"2a822b6e7959b97743b208f9606f6209733549ebd404c920a401ea4d7db8ede813fef8","size":18065,"data":"","first_seen":"2026-02-10T14:15:11.610153Z","last_seen":"2026-02-18T09:49:24.551113Z","times_seen":234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1770729112","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0b0142e34e2c52a43db467e64def9c3","sha1":"ccac10bdea6537df93f5bb12019991222815eede","sha256":"74913bf0fe3af4ce5085782094f372260dd5d655f754d955806824b842975ac8","sha512":"1a7d937765c9848c3a059afe591f5cd1c1b08008583199a60fe1de555be04d27b80c8d29cb8e8aa0c7fea083c6905642215cd31b20e96c6b8f6206b054b68307","ssdeep":"24576:j5h1n2wU6C3nmrkmYIfH6+rlCrL3RhKfIapRuky+o7jm/5j9I/quAgPgef7mttBt:jj1q3mtY4drlCsIapRuky+o3m/5j9ILA","tlshash":"db656bc5b2c4f46203d355e6a03b2005b33a2859340da068bbbcdcdbe95698e6377f79","size":1539171,"data":"","first_seen":"2026-02-10T14:15:11.69515Z","last_seen":"2026-02-18T06:03:42.237051Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"4014b634fdf9325444646ef6061af87c","sha1":"520f2699029b823c98608f475b18fdc64883b68f","sha256":"50956830d9a0a8f176d92c024b7ad84e6233732f15ab3ae65313231c97e165a5","sha512":"07c5da12acd32609af200a7f29b5c9f8ffebda7a87f208f6297bc6d73a08c5cf38c545c33c303093627e48e5b346252b188107ccd1f382992aabef7c8d3ae140","ssdeep":"24576:YnLBvKYoAlmls8uqU5rVGLXCZgwQmVlBTwXFXl2ll00w5fH6+6FI:YLB7me80XQXCCwQmVlpwXFXl2lZw5fHb","tlshash":"ca655bd1b2c5f4a507e701e6943b1002a33a2c1a740da458fbbcdcdba95a58e6337f79","size":1506927,"data":"","first_seen":"2026-02-10T14:15:11.696496Z","last_seen":"2026-02-18T06:03:42.245735Z","times_seen":214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"0448413eb22bf4901b27cf364ea01a83","sha1":"9d09826000b83bbddbe2a32c67dc7cdf77751bd3","sha256":"4abc7748aabbd4b8752f553178b7b70749371b8fcee34ec0ec169b3ec779b174","sha512":"d6fe6dde0126bc4b94c0130f97394b67f087fe2a52f713153369fa21b5d08a05a7e3b32f7e29e208422983c340845ac1036b67787cc8b286900b485a49a809b8","ssdeep":"","tlshash":"5590028710460926a1e9500257133300209304a90d419c0055060411362430f82155ca","size":43,"data":"","first_seen":"2024-12-23T01:16:29.472085Z","last_seen":"2026-06-07T02:17:55.832593Z","times_seen":433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/runtime.0c1f3e971fc7dd1c.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"342f0bc93de6bcb4b0347284eb792392","sha1":"d75d3c32efb262fa6b9cd73a0df16a2d6bf1f1de","sha256":"b0eb7485d991da3aebda0f4ecaadc7d737e231bf287ef3b7e0a40b1aca4cfc18","sha512":"d45eb4bc91fcc299c5d1eca07c201ce60d824c8514d74a51da6c8cd9d92b155256cdcc21f92539bb61a055e6fed8ae613af4580d002169daa06ac1cdb17147a9","ssdeep":"","tlshash":"1b711b753364edbb2ae504c1583d8491e31c6036152ba8b1ab5fcd6a6434ed60875ff1","size":3691,"data":"","first_seen":"2026-02-13T13:44:35.795589Z","last_seen":"2026-02-14T05:42:27.000198Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-07T17:31:53.586884Z","times_seen":300017,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/main.70cab2177023b4c1.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"e580cbba4a4bfaecc9b1af22ccae1e71","sha1":"47b9fc69dbf5750a7aa62cb633b29b67ecd1202b","sha256":"0a62a1be6a78c3acadb0726e5baec20eba17e0f9f122e698bdbe84e74b3fd20e","sha512":"b90b8389451fea7bb72654c341e17741a6cc8eda3162338b2c24462622ae45e37d79558b8bedfcadb1500cd932dc60fd5a2c1260ddce88e490b4e71c9181ab3e","ssdeep":"49152:zlGnVTXKIJDkyTf3ZS8kkTKrDloQymONWClgI6ei8k9STfY+Ymteg695/uMaCgAy:c3x","tlshash":"43a56ca2a322f03536d78496a07645c5b33c6448ea07909cf2ac8cdc96ddedab17773d","size":2219866,"data":"","first_seen":"2026-02-13T13:44:35.826387Z","last_seen":"2026-02-14T05:42:27.063968Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc00deaabfafd48080a08fc0d7f841b5","sha1":"3bf17f3bd75349b1ba1f9b78c6117fadd4620310","sha256":"be8a7243d87cc8bc1c523f0b10a41c149622c9c6af30b6a4e8231b1506cfd542","sha512":"1f3d4801665e172b54578e6d0d71f066c72df7244512cf00026104acbf6f21dab5de812d2679f56b2414ae7f40fd4963f61db75bc7bfc0893c8a3debf65638fc","ssdeep":"192:2P7mk/7Obf14M6bOIpUTPqZ8BijFLeEJK:C7H7ObdFkOIphZ8wjFCmK","tlshash":"af22d71ee7017f360fa613c3744f7b5376a480e592646cb5d89c826943b9bcab217b8c","size":10598,"data":"","first_seen":"2026-01-27T14:54:11.499444Z","last_seen":"2026-03-31T09:24:10.733781Z","times_seen":1154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"a7c7885903365daa576d368d375cab09","sha1":"e16dfe57955d2ea696b962f79058c63ef5d6488d","sha256":"cb93d5b413c59444b68dc6403321b747e899f19fbb0d879c546eb1466d5eb4d1","sha512":"1698b2db2fd6b8cf22d0e9af7efdbcc816f88055cdee28dad06beb0422a06eb1a68315923a00a3351a3669aa281e323a41ad528cae164a981bf2e80dce1d09b3","ssdeep":"24576:inLBvKYoAlmls8uqU5rVGf3qZgukmoUBTwXFXl2hl0Hw5fH6+6F2:iLB7me80XC3qCukmoUpwXFXl2hQw5fHD","tlshash":"0d655bd1b2c5f46507e701e6943b1002a33a2c1a740da468fbbcdcd7aa5a58e6337f79","size":1505125,"data":"","first_seen":"2026-02-10T14:15:11.776638Z","last_seen":"2026-02-17T17:00:15.682547Z","times_seen":183,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"api.kometacas596.click/api/tournaments/kometa?lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/tournaments/kometa?lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/everyday-bonus-20000.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/everyday-bonus-20000.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 111546\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-1b3ba\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111546,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2560x603, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"46cb800364d8548d47ac8220bf3e91b0","sha1":"e1a2ae3234a57bdcfe7ccf4f595520c6af96584a","sha256":"f2e17060d4cd28c2a20857e8a1c4dc2b3a29c2ed320ccc75fb7f3645aeb9a92c","sha512":"3df45a08f47006462cf39944d4ab74dbdce969eb83c41a46655d371c2c4697253cddb451491f5e826b13b3e5e83cd9207fd8482f5d92ff26c06f1c15924a9733","ssdeep":"3072:qGR5eT8BSk5huZZdEy4t5N//XVyKfUUGVU7uD6IiU:bxS2huZZdE5NXUBUdKD6IR","tlshash":"19b312160fd68e52b253966dc1a0c994837fbb5cdbcbf4291bffc40661a91a2b409237","first_seen":"2025-06-22T12:57:20.988857Z","last_seen":"2026-02-14T05:42:26.993841Z","times_seen":81,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/visa.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/visa.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-4d5\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1237,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb44a62c392a656466cc4292c9b01c85","sha1":"da5416404e086527d249121a0e02b121b6282d23","sha256":"f596ff685b00268e18c8a108f8775fbb10d4cc568fa8fbbd162e944df9300ac9","sha512":"75f411e468604379c0959ff8108d22ac3cb94597e6a82cead9e87396d53e8318e036156502513522451ea464b3d3b6bb51c0060e87d2c4c72455ee414577dd4c","ssdeep":"","tlshash":"e521e0c9b5b846bc889d479ae72a714428eb60bd78118e44f34cdcf09a72a9da448450","first_seen":"2025-06-22T12:57:21.080048Z","last_seen":"2026-05-24T00:49:22.674969Z","times_seen":218,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/litecoin.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/litecoin.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-12a5\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4773,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"93edb733903adf6957e1e50757d1dbfa","sha1":"684943d3832a33a7bee11defa4db5cf07f69ac29","sha256":"9e01176bab3a1d0560eadcd93ac75b3e7e1ac3298bcd32006e102c8f486a10f9","sha512":"6daa6b99f3352e6a214db80af8d4016c56b4404ab783a26cf818bf2f7a236b38bfd165de4903eeff7bf3ff43b4f16d4ae42c5126c24fd79248c03807c0984293","ssdeep":"96:CgxAH/Tjy0GAV7ukw7NvZh1oamyP7qENbMWR3Xz+bXTeF:CX/60xV7Zw7Nhhi2DhKXKF","tlshash":"dda193ca37e464ecf488cbf64b57a0d92102a1ff55458a1cf7dc5e64aa5081c8c276d7","first_seen":"2025-06-22T12:57:21.198549Z","last_seen":"2026-05-24T00:49:22.645Z","times_seen":219,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/all-games.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/all-games.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-17e\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":382,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"46d4f8f0f2121c9c1086823e9674dcbc","sha1":"620ad18e08cd996a97b654b33204bbea74e0c73b","sha256":"9fe914218e4782553f71a5d1ab5741b364a0edea61e6ebf3b30e10f70202eade","sha512":"33b0da7d3d97cbf67c6ea4e0a650761779c69304264415a6722f436da4d0936165a26b716326244d71c65a20aeb24c618b7e505eb681b2b5eef8f4169a234c11","ssdeep":"","tlshash":"1ee06890e2684d19c84e5386863c3a3f10b7e4d25359400fef887e10b1d48fa9d726e9","first_seen":"2025-06-22T12:57:21.017068Z","last_seen":"2026-02-14T05:42:26.995777Z","times_seen":64,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agstatic.com/wlc/flags/1x1/gb.svg","fqdn":"agstatic.com","domain":"agstatic.com","tld":"com"},"ip":{"addr":"52.84.50.28","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:55.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.agstatic.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Tue, 25 Mar 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:22:43:3E:BA:C9:EE:89:8A:DA:E5:F1:6E:A5:1A:CE:62:7D:8C:8A","sha256":"A8:15:5C:3D:F0:FB:92:90:3A:8D:33:6C:77:5D:61:01:E8:D0:25:40:55:13:A1:47:54:B6:2A:66:2C:61:44:8C"}}},"request":{"raw":"GET /wlc/flags/1x1/gb.svg HTTP/1.1\r\nHost: agstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ncontent-length: 911\r\ndate: Fri, 13 Feb 2026 14:22:55 GMT\r\nlast-modified: Tue, 26 Dec 2023 14:45:28 GMT\r\netag: \"3de413a6f455e1e35121519f2e0deb75\"\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: cloudfront\r\nvia: 1.1 d85ed2d2deba50aaf4938eae2cbcf3ac.cloudfront.net (CloudFront)\r\nage: 55141\r\ncache-control: public, max-age=31536000, immutable\r\nvary: Origin\r\nexpires: Sun, 14 Feb 2027 05:41:55 GMT\r\nx-cache: Hit from cloudfront\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: L16GYRcBMLMFAyXAO7L-BJoRFrqaqiVSgTbAVaY5XqKl-Pma-4hRTg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":911,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3de413a6f455e1e35121519f2e0deb75","sha1":"8692d11f1bef937ecda85696ec530bbbfa76e5df","sha256":"2f0cc6ed1e8e9a7e56cafd3500585d685ae0c51abacddc52f750fb4d23f60b04","sha512":"cd5ab599bbe91838b2cedf58005c100196999ecca5c1c9db00d76b7eb8e91daf7edfed73cfb998dbeeccd5c4b88097ebed29a611a9d68ab07fd071bb5df4da4f","ssdeep":"","tlshash":"4b118cd462fde149ce52430c6a9e72682127b1c773414265f1991e4edbc588bc9d2eac","first_seen":"2023-05-07T23:28:43Z","last_seen":"2026-06-07T02:17:55.557177Z","times_seen":449,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":61,"dns":43,"connect":6,"send":0,"wait":3,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/AuraGodRL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/AuraGodRL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 62842\r\nlast-modified: Fri, 16 Jan 2026 07:05:59 GMT\r\netag: \"6969e357-f57a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":62842,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"50f56c809a675d5a52aec8e45f6a8048","sha1":"cf167e39375ba33459c10778b656f027b448b3ee","sha256":"2334d43559d5525b706752c5efafae79a156383f6768cf01f0666fe440975a81","sha512":"4c4212232d5cb24f60531673aa62ea6bb611d90d45b9f0d19b38c92863a57c7a661780e1e0787e676265f64985cf9998af4262578b6cfe3ea91d94b6bfe725ed","ssdeep":"1536:Og8GQ7e/yXZmBVLY8aakmscE6VdH8s112n/:2HAL+np6/8sen/","tlshash":"d75301a9fa281f93a4710c21e987bff55be1e86ecb27018bc5850d170c858a913fdd2c","first_seen":"2026-01-27T00:01:43.034753Z","last_seen":"2026-05-04T08:23:06.122828Z","times_seen":7,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/agent_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/agent_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 3760\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69428756-eb0\"\r\nexpires: Mon, 19 Jan 2026 23:58:02 GMT\r\nlast-modified: Wed, 17 Dec 2025 10:35:02 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-01-19T23:59:05+00:00\r\nx-node: m9-up-gc91\r\ncontent-range: bytes 0-3759/3760\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3760,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"8e9a165c4cb185ffd0b2658fa088e43b","sha1":"195873e5e8bbb2f5ecc32d95f90d6fb75817a649","sha256":"ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43","sha512":"6ef9fac16ac2835ecb95ab077270293a95a3597fd28fb053b32cfeb6b0a72b52c0ee51b0504a463ac9db1d8a3b2c6c41f113012d6364d16feb8e01821a3221ff","ssdeep":"","tlshash":"c771295c69348528f80b31b89f4b765ac1512c19a8f2ddd4a62818e7377b36a678820e","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-07T07:51:25.250948Z","times_seen":16401,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/bitcoin.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/bitcoin.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-1673\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5747,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee55a8b8023b414560960992a34fea69","sha1":"53b955b7d1b3f5998369e6a48766e420104a4e10","sha256":"1ebf0d67f8863af08c2fed6fa33f7131899291c493d77d7f0d878be130fa5b6d","sha512":"b7e7db9ea04ff24740d29a7050ebaf1caa1be7c2f1918f0287068fa208bb01777db4cfbdd80d651e2ec93b1182d07fd3a4261aec37ec2d2cd5912c56c4c63a47","ssdeep":"48:9bVg6AqJuPwLoaOZSGOVJGsbw4Lxs6cFdm72L91FE2rUMm6rfluTROYknvgjTXsE:tS2nVSzk7t2BuO7nHYSsP0e","tlshash":"17c1e7c033aa6489f424d7eb5f5b903a7822bcfeb9408814d3e88e64f1d149c5c25ed3","first_seen":"2025-06-22T12:57:20.945168Z","last_seen":"2026-05-24T00:49:23.336185Z","times_seen":219,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/BloodAndShadow2NL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/BloodAndShadow2NL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66210\r\nlast-modified: Mon, 14 Apr 2025 10:54:38 GMT\r\netag: \"67fce96e-102a2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66210,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"db860cd767f703ef71d43b36be3871b2","sha1":"983404dbef1931fd4b5206e6150b29590eaea267","sha256":"633a9923772b0ebecede3ac99a0185423c865311cc0a45acd3a18f378fa889b6","sha512":"bf395a90de8d2df9c2b4e46f489023439aa5f080ca48f5f1557cfa91e417c1f6ea4232bca8236e0f894a740aa890bc7d5ed9b50060808d8ddc8caae8f421d9e0","ssdeep":"1536:SZrq2J3d9KsB9clZY3rGtBjXZ6w60k2UNehEWQUc:SvKw3abLZ6wkfNehThc","tlshash":"4853027296e26b507aab383e2f1cff2f869fc8a86ee7d4d1a7c5db856044714c0c6141","first_seen":"2025-03-08T14:29:59.934306Z","last_seen":"2026-02-19T08:22:57.941807Z","times_seen":216,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/runtime.0c1f3e971fc7dd1c.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /runtime.0c1f3e971fc7dd1c.js HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-e6b\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3691,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3691), with no line terminators","md5":"342f0bc93de6bcb4b0347284eb792392","sha1":"d75d3c32efb262fa6b9cd73a0df16a2d6bf1f1de","sha256":"b0eb7485d991da3aebda0f4ecaadc7d737e231bf287ef3b7e0a40b1aca4cfc18","sha512":"d45eb4bc91fcc299c5d1eca07c201ce60d824c8514d74a51da6c8cd9d92b155256cdcc21f92539bb61a055e6fed8ae613af4580d002169daa06ac1cdb17147a9","ssdeep":"","tlshash":"1b711b753364edbb2ae504c1583d8491e31c6036152ba8b1ab5fcd6a6434ed60875ff1","first_seen":"2026-02-13T13:44:35.795589Z","last_seen":"2026-02-14T05:42:27.000198Z","times_seen":2,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/super-sonic.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/super-sonic.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 385906\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-5e372\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385906,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e68945bcc8ec48ced33a11be3c7c3266","sha1":"90e346ce10eb78a4fc6955db6821ca90fa99ec05","sha256":"8900e70eef53676b6cd53fa20bd55baf357231c6979692e27c223f98ebe53505","sha512":"43247f103a76b1cfbb454455f0d35ec5ce1cd977c7161dcdc64e2bde0759bab5b2c9b9d57b458c08df146066c2f209c19aaf5975a18622e4a6718970d48c77a6","ssdeep":"6144:Pl2VLOPNQfQVCE1NiNRbuvC+vNfr6qO75k/xNFKS2NejBZozEP3sYy0VhrLQi:AVLOPSYVCSYu3xr3I5k/xNFKSJrozEPz","tlshash":"53842363960887b9a48990dd75ca14b91ed8235c0bfc7f835d0bd62df4b60de53aeb08","first_seen":"2025-06-22T12:57:20.924152Z","last_seen":"2026-02-14T05:42:27.001044Z","times_seen":81,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11275,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0dba2bc2e9900a4eb8b6bfbe4af4bf34","sha1":"a03b0668ffae9e7a3659f6168e771746c8a86de9","sha256":"13048bf2822613bb481752957b29581e47f3421c41c00cb77ccd3f9a7359e24e","sha512":"97ecb619e5aa6876796df486fa8665e479a1c9f74c729939e5a88acbdb1da91ccd68f83be77df6c6d38c5c5c5b6338ea8905ae5211f8dcb236d26a7a6c751eae","ssdeep":"96:vMWOAZ7saGafME4yt8RocAfmEXN27fmB+:lPGsLXfPXN2TV","tlshash":"8f32396b4b281cbfcb0f15f41ff33e4a918e0186d6c5ee65048ace9c85edaf6541b426","first_seen":"2026-02-14T05:42:27.00155Z","last_seen":"2026-02-14T05:42:27.00155Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1890,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1890,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/mulish-latin-ext-400-normal.010c30bc62bc9d6b.woff2","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /mulish-latin-ext-400-normal.010c30bc62bc9d6b.woff2 HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 12612\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-3144\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12612, version 1.0","md5":"4f34f0c29ef320b535bc4a258318b5c1","sha1":"b75380be26940aec716323a8537ae4c1b2e4252d","sha256":"bd31d387808eab8b6d39d6cf8ce3c11cdc69e93df8a3998b8e218a9427d4b6e1","sha512":"fb4ad84d88ea933dfafcd04e9e736c3893e1e90b56850c7d76f77a4c618c34db4e331d152276071d3432f05a8fcb79d5ce377405fa133f296a075ea687f6c034","ssdeep":"384:rbBt7eesr8mpH68SNdMusAHQOhU0WEumyhv:XBtXBmFTSBwOy07yx","tlshash":"eb42d0721f8981a0d31a3878157f932f46ea9448f2741f04ab4fe320e19d997760fa67","first_seen":"2023-09-24T13:57:41Z","last_seen":"2026-06-04T22:58:17.755136Z","times_seen":75,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/burger.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/burger.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-445\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1093,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3a9145363ee240b5f68328c78b070026","sha1":"65cb89e4b56c604bd1eeed1aa979b0ec129f1e2b","sha256":"b479576b247fc7dc52c39dee02ece52ad9202aa313dda6abbba0198d99ace150","sha512":"6267bec3665651d1e1b02bbda941198f5e5027aa67d263a809ff810765b61328602c27a8c32e7c27a587a9694f06787f3f9874dedbf0e17ada2e456324e69a9f","ssdeep":"","tlshash":"ca11aaffe3de86e0ba0fc77577121126381329b92466d6cd29640880d842bbc49899c4","first_seen":"2025-06-22T12:57:20.952784Z","last_seen":"2026-02-14T05:42:27.002833Z","times_seen":64,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/small-tourn_desc-8.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-8.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 42410\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-a5aa\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42410,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 950x276, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"55c3bb0cda5c5bdbc89b1c5673d92a63","sha1":"96cf5e165649d5f76af8e39315480abb1fc53d7a","sha256":"d9d4e49d1579b9970df3ff5ff8015c55696d23c677439f00f69de63b20ba4ab8","sha512":"ae661190b42af6e74534df69f5ccf7670185f2f8fe67d28597891ad31ae20747f12302d6c9f0f7d39969887b3e75825183ef67937ce3c5bcfb0708a45b378cb3","ssdeep":"768:eqwYUPJyZrGFCONZub+dUaS8q22i+ekVqjfH:3wbW6FCXgUde21JEjH","tlshash":"671301e753e311bbef5b3dc0238782876f82a145ab775c93b4162617c92cf08f99a844","first_seen":"2025-06-22T12:57:21.058626Z","last_seen":"2026-02-14T05:42:27.003507Z","times_seen":64,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/CoinflipOR.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/CoinflipOR.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 176518\r\nlast-modified: Mon, 27 Oct 2025 07:28:14 GMT\r\netag: \"68ff1f0e-2b186\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":176518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1760x1320, components 3","md5":"7d04d188db15e8e59568c184cc9d77b9","sha1":"6d39c4ac70f8b128c4fc00d9b9a987425570f1f1","sha256":"6cbe251fea11d824fa376cfe77bc40ead7a8b1b8f8fb59256f996de092b5f9a6","sha512":"e4f5ef571cb1055031eb77f8e6b48157ec6476b64a1182a43d45e5accd59e62ea7940b44fc6a4341f845bd19351bf3c41d76a8854c7c959bd5316883e6c1202e","ssdeep":"3072:OeH1sWy3zt81S/hW/RDujfTicnxeYVDbSZSe9uEzX7aj+IucKUzzQO5vy2Dj9Bls:OQ1flBJujfmieYVDbcSe9uEzOjtTKgzw","tlshash":"2e04129386d4c16be76365bf84836cbe272d8a6466407fc083ebee61732c15578701d8","first_seen":"2025-10-28T14:54:52.786017Z","last_seen":"2026-02-14T05:42:27.004013Z","times_seen":6,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":59,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=30\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:55 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11483,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"858637040d0d17b7ddbd32f5843248eb","sha1":"3780ecc8ea7baf198f9b8eb79f50b07fd98a4968","sha256":"45bb3de861b855b011c739f532a53e994e89d3088d632a985d69e823096d7608","sha512":"bb6bc884c25e9309e3fdf5fb3bf328d6940a51c62358d6b42c30a7ef149ba8e011f153f1bf52d4062a685a0a9c5725383780b8eecf0996c246d9fc0bad63819c","ssdeep":"48:YatuqRrOB9KMCJVNemdiaqIQtf/4IEkkFbow+JTVEEfpFs3Md9DywWXT:3R6B9XC5LiaqIQtfhTVDbd9Di","tlshash":"5432277a44280cffcb1725a51fe3be8e409d50c68adeee6415cacc0c49fdaf68506976","first_seen":"2026-02-14T05:42:27.004555Z","last_seen":"2026-02-14T05:42:27.004555Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/slots.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/slots.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-194\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":404,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0f0221b3b1167d4c8c77539b4f55cfc6","sha1":"5efd109f778c3fb9ebe0bcd1f8b94de348cce651","sha256":"5f8b129d584c3b016f320a62381ad637a3b3933fb53fae47de0863dcf4fcdf8e","sha512":"094842b35c36f19abd76cf0d2125b01d989b7fcc453e901b13251d847492c3088e4b5993d30dc43fc99d2ae7eca43c4cf00ff643ef2f058c0270f41418da960a","ssdeep":"","tlshash":"d1e068f4926c46acb04f073b8f67878ca71ef4eae4464106b1cc263a3301092d9079fc","first_seen":"2025-06-22T12:57:21.043958Z","last_seen":"2026-05-24T00:49:22.885173Z","times_seen":138,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/LegendofPerseusPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/LegendofPerseusPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 55879\r\nlast-modified: Fri, 13 Feb 2026 13:18:06 GMT\r\netag: \"698f248e-da47\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55879,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"c1113f91423af27a369fb680c47635e7","sha1":"25351c3098bf4064abd728657bef0c3e0c7b33ce","sha256":"4a1a3a0ac71170042dc00208a97c08ec9f3bf3b729c065925db6184de1d49aed","sha512":"c315fbe3a2025c905cb3145aff0496aad471492967cdecc6de7c7a3004d9d4a7631d4e93e398798129a0250dd194f70ff5786130fd02a5dced151ee21740443d","ssdeep":"1536:sULJh90jfh0OmMiaB2P/FemxmxoAQJEaN+qYgki6:sUlhk2OmE2P/5kxoN+qYn","tlshash":"294302a1b28370c2329bd13c45f3cf3683ebd111b1d69574b6db8d98c866562dd2e3a2","first_seen":"2026-02-14T05:30:50.811661Z","last_seen":"2026-05-24T00:49:23.708576Z","times_seen":7,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"node-sber1-az3-20.jivosite.com/widget/status/2256902/ziqY8DLV0e?rnd=0.9295123311720314","fqdn":"node-sber1-az3-20.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"178.170.197.234","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /widget/status/2256902/ziqY8DLV0e?rnd=0.9295123311720314 HTTP/1.1\r\nHost: node-sber1-az3-20.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-max-age: 1728000\r\naccess-control-allow-origin: https://kometacas596.click\r\naccess-control-expose-headers: X-Geoip, X-Botmode\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: frame-ancestors 'none';\r\ncontent-type: application/json; charset=utf-8\r\npragma: no-cache\r\nserver: foxy/4.0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-botmode: no\r\nx-frame-options: DENY\r\nx-geoip: NO;03;Oslo (Alna District)\r\ncontent-length: 79\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"23004c993bae8117921b54a171455921","sha1":"eab6702193cac131759dc8d479808d5186b4b994","sha256":"1810c736abe7811fdc653e6b2fa12c3e8d57145c1aff76407f6dffcf8e3831a1","sha512":"5b74801c1c96340f65d1e58fd45267b66043c7e98692e923e1ad6cd77f310da23dbaa3a3f72443a74c974d89e63fa9ca15e1005bb49fac3a0884a7094798ec1d","ssdeep":"","tlshash":"23a02431051150104310c310f1c73f014c34031377d1c434f355700073f745015dd007","first_seen":"2026-01-27T00:01:43.016279Z","last_seen":"2026-05-24T00:49:22.973942Z","times_seen":7,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":286,"dns":63,"connect":30,"send":0,"wait":30,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/wtp/loot-boxes.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/wtp/loot-boxes.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 27722\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-6c4a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27722,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"37ddc7111f2ab663b658508b3cb2bd02","sha1":"8bb6a65c7183868ca83cf9d3158bf9e5c54ff61b","sha256":"bd7333d979e53656cd2733882782acf0cff53d58a4643187f4e36742eef5482b","sha512":"167d742609aafd19f7082c863a5f20b9004d66e349458a58ee02053f5462bb7e60b0eb409b85137e1fe988c793a1d892a17371c65d1aa910e8fe89a486b699c6","ssdeep":"768:AmrhBvgw2EnPUdj+oARwkzM2zv/p/8+YsThW:AmrhBIE8dqoezlRXYo8","tlshash":"dfc2e13465b60c3791964e44268f9fcad68216e14c0d89fde9a658a3d8fb9881213eb3","first_seen":"2025-06-22T12:57:21.188365Z","last_seen":"2026-02-14T05:42:27.007429Z","times_seen":77,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/promos/promo.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/promos/promo.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-428\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1064,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc4e77b9775ef0d163160a194166b907","sha1":"1dc259bd1cd1ef875ccde831d5ed20b53222f552","sha256":"6d284862b3a44b96248fdd4f2e0be08402fcb7b3c37df72d20c8f901153a599f","sha512":"5f545fd0fd930029695c26312220f09da614d2606a24df265914e7e0713d9b45c96b122bac9b563376f03079c13235e62a53ce1d430958d215d5bde11b4d386d","ssdeep":"","tlshash":"271120fab154a2f080069f75c47392a1b94b34fb3ae9c1cd8390e854aa2a125c688cf4","first_seen":"2025-06-22T12:57:21.196403Z","last_seen":"2026-05-24T00:49:22.710259Z","times_seen":138,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/gift.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/gift.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-820\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2080,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"df0965768e874ad13424fca1d2919468","sha1":"8f9dfbb6d9afd849e7663b2248b3f926eecbc928","sha256":"3709b5b627f54ca4d5b6ddcd70ed8238d58dbe96d81e26ea24b1319571ea6dcf","sha512":"400f1d7bea005ca1a151f0fede6ec6607ef348131f0c77959e44c2beb1799d5641a386c39747e8c9c1138e4c62679dc579c281fa2dd4bfbd78f65147492ae5d0","ssdeep":"","tlshash":"354176f44140d4e8564bc9b49d7a7c94f72e34f65c24c0bc0163dd6adfa43e6ca1ac66","first_seen":"2025-06-22T12:57:21.069194Z","last_seen":"2026-05-24T00:49:23.461921Z","times_seen":138,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/XwaysHoarder2NL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/XwaysHoarder2NL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69719\r\nlast-modified: Mon, 14 Apr 2025 10:54:38 GMT\r\netag: \"67fce96e-11057\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69719,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"873b9f49061efc9cc74b8067033b9e93","sha1":"83dc9db5b4b95a50030e3305c6d2a29eb8454845","sha256":"45c0b313bc983dece484dbb235a88e911bdc5d121d1e46d690d3137df7e6e45a","sha512":"7cbdb7728a4e1ad34c52a7dacaf10770bd23ce51f5fb7dee95679b8a426f0bbf4282fc209c31d65e76568ae28db64641bd3089d9d13b9c95e58bf803abb17f52","ssdeep":"1536:T0i8gcLkVTdICxXcMpRqwuTQ04sLEWpZPVA0L:I3k76weQ0ka9VB","tlshash":"2763023f5018e2eb52412fa91d5b4874a6ec45f24c96786a73f34cd2f557342b9c63b0","first_seen":"2025-06-22T12:57:21.154828Z","last_seen":"2026-05-22T01:16:05.056424Z","times_seen":215,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/category?lang=en\u0026pr=kometa","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/category?lang=en\u0026pr=kometa HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:38:38 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4087,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d8370cd6ba878994f0cbaced99165b97","sha1":"4cfe8638749d3ad2813e04cb47da0f88cb152bfb","sha256":"cae1c9069b677f7cfe3738e4378f225e5490b41b9b2e5687a07679ad19fca9f3","sha512":"ba257e447321c96a8b5c2dd455271457b5f57badcd75affadb0333c8c2a3ecce3e316fd518412c2347e37f34b236deffa2c10639017ba00aa8aeaf6ae1272377","ssdeep":"","tlshash":"fc81b033e11449fad369bfc53cdb360625ea125c3dc0ee2aca88d60d02956f94727977","first_seen":"2026-02-14T05:30:50.847405Z","last_seen":"2026-03-18T07:51:45.277452Z","times_seen":20,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/VideoPokerOR.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/VideoPokerOR.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 183084\r\nlast-modified: Mon, 27 Oct 2025 07:28:19 GMT\r\netag: \"68ff1f13-2cb2c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":183084,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1760x1320, components 3","md5":"ae11da5bbe2c49d830fcba7ecb129e84","sha1":"b06414720ae32185ec09e8f688f90fadedc958ee","sha256":"1fe3af226e68f8287291582c4f5bec87a87c2ed180b45afe6a643f5511f02114","sha512":"d3aba64c326638d88d33cc85e851137d15bbba48fe4c7a92706c6e845c8571c7d11f08ec6df4ab195f2c6c12d4d5baed56e60723d44a0b0bfb2ee89d45dd0fd5","ssdeep":"3072:NL5z59MxD9o3rv3sdjkSgdYF82grVvJgGkUQ1AWgGbX2lCYevqvvYFRP4UVEcnd:NBEq3rvsk0F82QZJu0GSlCDYkRP4UVEE","tlshash":"cf0423fa72706f17b3db0f3b6b885314d1550d28a2e6ed8a89320f7779016d48d2c9e6","first_seen":"2026-02-13T13:44:35.808913Z","last_seen":"2026-02-14T05:42:27.01088Z","times_seen":2,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/outgoing_message.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/outgoing_message.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5014\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69428756-1396\"\r\nexpires: Mon, 26 Jan 2026 23:25:03 GMT\r\nlast-modified: Wed, 17 Dec 2025 10:35:02 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-01-26T23:25:11+00:00\r\nx-node: m9-up-gc81\r\ncontent-range: bytes 0-5013/5014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5014,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"7bf3e4962a5ecf1f8cbcc2ff3428f531","sha1":"f75c694461a643d2e096ae8d0f6c1a9d19602eee","sha256":"d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11","sha512":"53fb17ca3361636acb0b80107f66810150a8bbed9aa5f878c2b1fb5a23ddf7fd349b30eb082b05efb3c0d08dc5383d30ef15d0ca99ad98d62e0a9a335112ed6a","ssdeep":"96:nKEOyBuK+1D2sMVx9FX7+0YQQinefV/1gr/EaadKXdGdimO1:K2QhGvYinsLE/SUdUime","tlshash":"5da1399616202262f6090cbf124ec2f4e3996f6b39044726b67cd290f46ffa25366983","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-07T07:51:25.183904Z","times_seen":16401,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/loyalty.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/loyalty.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-5bf\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1471,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"feea3f7813e11d5fd87cdc8bac446209","sha1":"9843ab57d9f28245935f0bd4475f8b48c1676ac9","sha256":"f3b8bffc350cd6719de1f022738429f7f98a5c0909521c20ba4323497d354b60","sha512":"5bcb0bdbae9a175becb87fcf4994efedc5b9c6922c76e839b38e04ef93adfae5d31cceb08e53f712568dec3c585eb130a570d11cdaddacf80953b12c835ff98c","ssdeep":"","tlshash":"2731e5ea225da2c0d187d7746d375d55f55d80f2fbe23382c6549eb0bda11ee480ec00","first_seen":"2025-06-22T12:57:21.245119Z","last_seen":"2026-02-14T05:42:27.012169Z","times_seen":64,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/widget/ziqY8DLV0e","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /widget/ziqY8DLV0e HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6201\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: br\r\netag: \"698b2a9a-1839\"\r\nexpires: Tue, 10 Feb 2026 16:10:26 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: STALE\r\nx-cached-since: 2026-02-14T03:18:09+00:00\r\nx-node: m9-up-gc233\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18065), with no line terminators","md5":"08bb2b1c65762b11c191fd16e2399c86","sha1":"7f4fee0da92a42d27660159f34ed106b4ef79dbc","sha256":"7c0bcc2ed0efcd10baaf3ec249d1ef86ba0d93e7c523bdb4795b9ac128ae010f","sha512":"3d03e03e1f9d56ff1ef3307f17e39b75266b82f6c34626d132fd540eed90dbec23be22fb0d0b838cee19d406130855b1335bdbc39556c44b70f0575ca3136b57","ssdeep":"384:boU4JkQamum040erAN8OX7HMiqJISOVJBz8U08wYWcPY4:RtM/AfX7WO8UFWcPY4","tlshash":"2a822b6e7959b97743b208f9606f6209733549ebd404c920a401ea4d7db8ede813fef8","first_seen":"2026-02-10T14:15:11.610153Z","last_seen":"2026-02-18T09:49:24.551113Z","times_seen":234,"resource_available":true,"data":null}},"time_used":469,"timings":{"blocked":186,"dns":37,"connect":58,"send":0,"wait":59,"receive":29,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/favicon/android-chrome-512x512.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /favicon/android-chrome-512x512.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-6560\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25952,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22907)","md5":"587f2b9177f649fda1d34eab3699e1c1","sha1":"a8c2e22c71cc3a04676f4d281ef26927610c1a13","sha256":"1dfcb6b1f4aec4b9cf9538a09727f1ce9f5c8f12461a58632483d150f14e971e","sha512":"a7d9cb627093b4a8723baae0487e0128dfd1784dd68aa0097ba21a739f23d90206199c481b0741c7d6bba93cc7c6082504f08514260f484dbeade590814d6079","ssdeep":"768:tdXEn6nT3mEOYVGky55CK/sGN+k8a6a8iLOj7jiiMrLZBZCP:gn6nT3mEOYVGky55CK/sGN+k8a6aFLOH","tlshash":"d4c25007fda253aa2213e49b0840df67af737d32c43d015597132696767f48ef2aa3a0","first_seen":"2026-02-13T13:44:35.698586Z","last_seen":"2026-02-14T05:42:27.013428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/master.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/master.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-348\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":840,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"65c3e82ff58fc44a441f2f66a98b468d","sha1":"a44fbbaf538a17bdb70c2c2eae6abaf4bbc2a47a","sha256":"54cc8b9b5ae72dff20e674903762c4f25668bc87da2c55c2a3978691e43e2cd5","sha512":"19da66a80cf63453e02b62d40c5705fedf190ff9b425f31c1bfe16a03546aabc904baaa0cad360d38323391345719a687b0e053a2a5f1862086bbab0125f204b","ssdeep":"","tlshash":"8e0188ccd27c91a8fc0c53c98f24246c3e4aa23e5270c1daf00e98a496d6c95c410ba3","first_seen":"2025-06-22T12:57:21.081259Z","last_seen":"2026-05-24T00:49:23.477892Z","times_seen":219,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/sec-tourn_desc-10.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-10.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 65622\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-10056\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65622,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9ac84863ee532dcec143053399e8851b","sha1":"134ae21a78a4173f78174dd3f80d660a450926fe","sha256":"a0d6e48c872671a610e79b5f4941f6202abc35682427c273e8484e5947abcae8","sha512":"4b852555c3db797ffc280913a997890e582d744c1aaea21996f04cdd9d53a2c45e0c785d886863f4f267177306b78d73d81f1e4837fa7ad7ae375eb365c9f74e","ssdeep":"768:E+9dsm//eSF7h4Kq5tcryXjMuX2yTMkkNnd5OtJpl9C7t/gPSFZUlK2n2lIqlM54:EU//RFB8OjuGTOs/+EIKkkwFjy","tlshash":"94530291faed1358abd09f4cd62f0801f7a60641e5335fe1b2ce59e4b2a568fd6e84c0","first_seen":"2025-06-22T12:57:21.217775Z","last_seen":"2026-02-14T05:42:27.014905Z","times_seen":62,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":204,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/DeadMansRichesPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/DeadMansRichesPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74908\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-1249c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74908,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"a816688e304cf954aeb7e7c5f109de64","sha1":"6fbbdc9d71205a29d21dfdf010566798be827b4b","sha256":"ba51fd4ca32b5629f23571e8405e061309b99538d332beb3749b2058e9331e58","sha512":"f33c785485b5f5cb6d0ae4c54b51c809624d2e5d38239d1f0cb471a6c89b065d0d9f4250a338a211e3c72640bac35fe770214e154d86684ed8104d426ed3e01a","ssdeep":"1536:SZ7GXMAfM6c8RBia32NYJxWGVFZhWh0UvzRt7YQ+3EpNJORK5ZL:yGXMAfM65/pmyWGPjWh0MzRiQ+U/JO2L","tlshash":"3a7302663b62aed2e5df67ac84a61d1530cf7f5e809949086cf2b521406cecac39f7d0","first_seen":"2026-02-14T05:30:50.843049Z","last_seen":"2026-05-22T01:16:04.746042Z","times_seen":5,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/LeBanditHG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/LeBanditHG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53629\r\nlast-modified: Tue, 09 Sep 2025 10:49:01 GMT\r\netag: \"68c0061d-d17d\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53629,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"f58afcbc05270b077d537f0c9714fee2","sha1":"7b140e51df247c73aba7bb4a44cc21f31e404d07","sha256":"27a3ab87dbeec886eef81bac140be77aec466ff49d3111cb18f8afb246d926c5","sha512":"dc9202485587df85bf8441b197b255022c45ae04355a33ba3b44d1ee95a5e01bff080c7476a8577cd5bf9600159247b2b724c678ee42e9bfa642c5c9dbf7127c","ssdeep":"768:1lF6j6Kv7kDtSbDFOirnPkbO77msQ1ux135d8WHC2byURUx4eXlzZmOYHYVGPQW:TwJkD2FOirnPk87mE1ZH2vxjHmD4YPQW","tlshash":"01330209be009a4cfdd8abf7214f01520ae009c982d663bb7badb590b11e44d68f79b4","first_seen":"2025-09-12T22:08:21.656502Z","last_seen":"2026-05-22T01:16:04.845874Z","times_seen":148,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivo.ru/script/widget/config/ziqY8DLV0e","fqdn":"code.jivo.ru","domain":"jivo.ru","tld":"ru"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivo.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 23 May 2025 08:26:37 GMT","end":"Wed, 24 Jun 2026 08:26:36 GMT"},"fingerprint":{"sha1":"07:E5:24:E6:38:82:D9:A9:3B:D9:9F:6C:CA:85:05:67:F9:70:6D:EB","sha256":"35:5E:C9:A1:8F:64:C1:73:82:E3:0A:D7:B4:C2:B2:91:30:3C:D7:E7:EE:F3:8C:76:50:04:90:44:7A:35:0F:95"}}},"request":{"raw":"GET /script/widget/config/ziqY8DLV0e HTTP/1.1\r\nHost: code.jivo.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 1199\r\naccess-control-allow-origin: *\r\ncache-control: max-age=7200\r\ncontent-encoding: gzip\r\nexpires: Sat, 14 Feb 2026 02:19:16 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: sber1\r\ncache: STALE\r\nx-cached-since: 2026-02-14T00:19:16+00:00\r\nx-node: m9p-up-gc69\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2696,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JSON text data","md5":"5f557275b16950a452300101f93fd0cf","sha1":"8d6623cbe08cb69d12d7ce4454e4440e9736286d","sha256":"2d3fdcea4e3c83d7866980c62b3510f241e090c271de3a9dab56077294cd33a9","sha512":"95c58e60390f4e0757bfc415611526e052f4202630c433ee53169c2bdf7c70b569dc6d7f931cdff3a4816a92d1c11d2e2bc964bdca757c4777fb770331a3a0c0","ssdeep":"","tlshash":"9d5143b21c891c7b4a8abb83b087fd43547c4397dbc55e71daac8c3c255b2942317a5b","first_seen":"2026-02-13T13:44:35.745062Z","last_seen":"2026-02-14T05:42:27.016578Z","times_seen":2,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":149,"dns":1,"connect":66,"send":0,"wait":67,"receive":45,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/popular.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/popular.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-24e\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":590,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad3ab692945a93c4974467c3373d236a","sha1":"64e77bb4db1d16ab111fd65b2fdb3d003bcdb1ec","sha256":"9777eea65b8ca55f74b723ed796e04bce6dce9ba08ebe21344097df97d479a1d","sha512":"f762ff835b5e6e6bd39f240f39c2c3507d3cd306ba5ca409814711f095b6f7ee5f99f4d2777b39a7c555c4f51744d85e56404c78f97bb4f4f1a248bb5edfe6bb","ssdeep":"","tlshash":"28f04ce6c20843bc60ce4e9ca76c7124633eb0b6749540a1ee8d459e44035d0f9ab918","first_seen":"2025-06-22T12:57:21.087647Z","last_seen":"2026-05-24T00:49:23.558433Z","times_seen":138,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/info-icon.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/info-icon.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-16a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":362,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"23a5134cff64ca5058c70c3290592e38","sha1":"507e4e9cce12ee5cfbe9ed8bd21f429773742e01","sha256":"ab11f22aefb8593b6c6b5d07d8d2ccc6a8a9acd92c1e62e278deb2fb1705fc90","sha512":"4de3e2e8d6e1a7850b38b7d11df4bc93df38cf1e0a0452e2855832ad3c42ff250e0c92ff351b545bf1dbb6b3ae7c3baa9fa85284db08e5d86f568ea89b59f4f2","ssdeep":"","tlshash":"1ae0dff4ef1cd5cd83018bb21e2a214c030ea0b770200183ab0c3ef0959ace1d943b14","first_seen":"2025-06-22T12:57:21.069946Z","last_seen":"2026-05-24T00:49:23.480458Z","times_seen":195,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/BlackjackOR.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/BlackjackOR.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 195822\r\nlast-modified: Mon, 27 Oct 2025 07:28:14 GMT\r\netag: \"68ff1f0e-2fcee\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195822,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1760x1320, components 3","md5":"2f42ceb3965ecaf0a70af50d26f9332a","sha1":"fccc2cb9dd5f888891ce0e47638953983ca7d0af","sha256":"42f21e92037c1a2ef6aa05afe7b30bd0771049e93d1d0f071b760430b8f49d3c","sha512":"65a5f6ea84a90597e47274aaca7e79bc6224d490309654244349858cd4109f819f1aa5201552d4f0d7578fea524f3bc58e72d9a2d36c50099aa5150abd8c1f57","ssdeep":"3072:jx6PUsjKbJ0B+fg41/xv9+MRuUyNgoZNUscoH3L8INuSI8Xc94kWdH7lopz6g8dM:1TqB+fg41/xvt4UcnZNVcoH3L8IAUXYH","tlshash":"74141259b575253d4a9bd5313736ea9fc0a2078b1293e73094c4dd3af8549c2e0a3d4f","first_seen":"2026-02-13T13:44:35.807496Z","last_seen":"2026-02-14T05:42:27.018492Z","times_seen":2,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/BillAndCoin2MummyMischiefRL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/BillAndCoin2MummyMischiefRL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59858\r\nlast-modified: Fri, 16 Jan 2026 07:05:58 GMT\r\netag: \"6969e356-e9d2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59858,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"40f23614b17f3d79857acaa39352cb91","sha1":"d6a12722a4d3d0ed532fa06db15a21cbc93a67a2","sha256":"f1b6ff9f5ba1e48b62ccdad30785a8e4594c948fda65ac5ff3c71cf0b067a474","sha512":"85afb3eeaf0a2e55d1e497535439592f9133894bdee3a87eb40d64727683ca5a3bc8231b61d70938737ff9ea21ecc37bc4c89d59af858386e2ba0ebcb79e54d3","ssdeep":"1536:ROE2/MGUokJxecRNAAy1HeU0VqALXSMb1xefQTaUA:RlHGT2Ar1HeU0VqALXS2efkaUA","tlshash":"e44302621a342df1d86c1ebe4cb96f9c18da28121e3b513fb2dc5e8b4e02590d8970bc","first_seen":"2026-01-27T00:01:43.026644Z","last_seen":"2026-05-04T08:23:06.156114Z","times_seen":7,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/SnakeArena2RL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/SnakeArena2RL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64175\r\nlast-modified: Fri, 16 Jan 2026 07:05:59 GMT\r\netag: \"6969e357-faaf\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64175,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"87b6fe91c6a694d3e28ec68e2234bed5","sha1":"a25a16a822af267099b5f3c9177b7ccf34932752","sha256":"f67298be190bb3c7618d713f2b99bba08157f1e3ee4ee53b98d8a7c4f7f3265e","sha512":"0abb5d55a0e654437a6510d149674603d3ce3b4b00ad0884279c81dedc1f49b5286590cbbd5dd2624579c9703686ae7ce9e7886fef0ef91c00b65d4811301698","ssdeep":"1536:PhdFn+sCUcAAcQIbPNewUnt/6vsmfuaWsDoY5+YmasrZ:PhdUsCVJUNewUnt/6vvfujXo+Ym9rZ","tlshash":"dd5301771d701bdaf5ce8cbd5991b87875d3878edb5901a833c482b3dc1a6b8c24b251","first_seen":"2026-01-27T00:01:42.945169Z","last_seen":"2026-05-04T08:23:05.994084Z","times_seen":7,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/polyfills.1d322f88bff78630.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /polyfills.1d322f88bff78630.js HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-8915\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35093,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (35093), with no line terminators","md5":"b6b303793148a52ac25d6083818e878c","sha1":"b9ea1199f1367dbddc09fef33409bbf53f1d6618","sha256":"f715ebca3b8bb3d7f5949e2be0921e81f428d7e85f73d754fa46d536395eb033","sha512":"23a509b1b73cb22f01562b75074d68e1bf14e6019a190591843a50b490e34b0e80340033323b8e5a1d2ddd23787d80ed9f53ac9a63c143353e9067dd543fe650","ssdeep":"768:WZKL5aGUIjImvY7dSu0NMrLDnvtcnSX0jQ3wo6eWehnGeivq/9Y+pPPMHpFxDKsY:aIM+zedc1LQ8ZWr3KytiTpQ","tlshash":"59f2f7d67392b0a28bfa55f5917f8007e63624a0784c88d8f15c98da3c3705a91a7f3e","first_seen":"2025-08-12T05:19:05.863114Z","last_seen":"2026-02-14T05:42:27.020271Z","times_seen":59,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/AnubisWrathPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/AnubisWrathPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56974\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-de8e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56974,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"bba747cacfc8da65251afce5dc429342","sha1":"11d3864d50b68d7c00e1984f7bf7e39e8caeeb9a","sha256":"042db45c1f3d7a2893ed4c9ab92514232f84f56b34dfc14f0b5ba0b1cdfabe6b","sha512":"b9ef10388154342fab58fec60e41233803c6258f3c3c79efc84d2861227b8a4401dadd5cf27e35460b05c27194a67c9e46a49d629bdee1a8d7ac200151ad16ce","ssdeep":"768:iW2igMXIREi71m/tQPusJ1c/iqPHm+G32ZytNvk0hQOGzwZhXFhaP+8uLjA5CY8t:cM4FM/QvWix+E28h+ALXFTjEtwH5nkgd","tlshash":"1c43f1b9377091c0fe2aa8b2292b4a0b6dc68b8627c7557cc521d891e277ec746f1325","first_seen":"2026-02-14T05:30:50.91334Z","last_seen":"2026-05-24T00:49:22.917454Z","times_seen":7,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/sounds/notification.mp3","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /sounds/notification.mp3 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5808\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: max-age=2592000\r\netag: \"69428756-16b0\"\r\nexpires: Mon, 19 Jan 2026 23:57:24 GMT\r\nlast-modified: Wed, 17 Dec 2025 10:35:02 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-01-19T23:57:32+00:00\r\nx-node: m9-up-gc69\r\ncontent-range: bytes 0-5807/5808\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5808,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural","md5":"9aa341af370c4e59155717260ba0f282","sha1":"0c1216ecead8d1409557c843d96202c063f3f252","sha256":"1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab","sha512":"e6663f8406d859a7ae65e6eb9512ed1e79244b8f5b2119823f80fed99c17dd4a086cc17083f3cd70b6dd990c39b3be80142f303a7c2a9fbb9302147e700fa5cb","ssdeep":"96:XYLRSqytFnbfWnHBaSvgEyZMZuiusJ0jQDrrQNw:IMTnbfGhaSvg/inqc0m","tlshash":"cac1297acc3c146fd81e88b53f3bb0c9421c61803a00d8e61c99bb5bd6b2ba975468d2","first_seen":"2023-04-05T14:05:33Z","last_seen":"2026-06-07T07:51:25.233766Z","times_seen":16402,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T05:41:51.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-6560\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25952,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22907)","md5":"587f2b9177f649fda1d34eab3699e1c1","sha1":"a8c2e22c71cc3a04676f4d281ef26927610c1a13","sha256":"1dfcb6b1f4aec4b9cf9538a09727f1ce9f5c8f12461a58632483d150f14e971e","sha512":"a7d9cb627093b4a8723baae0487e0128dfd1784dd68aa0097ba21a739f23d90206199c481b0741c7d6bba93cc7c6082504f08514260f484dbeade590814d6079","ssdeep":"768:tdXEn6nT3mEOYVGky55CK/sGN+k8a6a8iLOj7jiiMrLZBZCP:gn6nT3mEOYVGky55CK/sGN+k8a6aFLOH","tlshash":"d4c25007fda253aa2213e49b0840df67af737d32c43d015597132696767f48ef2aa3a0","first_seen":"2026-02-13T13:44:35.698586Z","last_seen":"2026-02-14T05:42:27.013428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":611,"timings":{"blocked":254,"dns":64,"connect":94,"send":0,"wait":96,"receive":0,"ssl":99},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/translations/en?pr=kometa","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/translations/en?pr=kometa HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: skip\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: skip\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":245,"dns":47,"connect":92,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/sec-tourn_desc-8.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-8.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63760\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-f910\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dc072608f71fac3ca5a13ccfd69ab97b","sha1":"90f5b49d2a293d06b63ff8533e5db6f1f780cdec","sha256":"6b97162c5ef45f5b50065f33f3feb6a7b7420825aee97d1f353c500ad2c24b0b","sha512":"7a275342ce587ace99d23789cbe68f5d0df55cf0049d2c816e89ff0a6ed8c36545a2bd085be9e13a4bfcf663442a56cf4560f322cc50f2e2a6628382e34175ef","ssdeep":"1536:tdKPv1hCLmBczqIrWOKyi6HaOQV2tctCFJRrWnUMouli40yANA:rKX1hEmkXmKhtVgxi40NA","tlshash":"c553022b1c7ad73abd2e10ec0407aa1d42a4f8151d3c60f9b72b0adaa1d2ddad534b07","first_seen":"2025-06-22T12:57:21.082167Z","last_seen":"2026-02-14T05:42:27.022056Z","times_seen":64,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/TreasuresofAztecPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/TreasuresofAztecPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 69564\r\nlast-modified: Fri, 13 Feb 2026 13:18:08 GMT\r\netag: \"698f2490-10fbc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69564,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"3684d5596a79b40c0c597305bafe16f5","sha1":"71367843b2d61c189d4a187172f20203218d027c","sha256":"460332f95e268142033bbadc537140487b1312e1c49ea09a748e01d5d1340d29","sha512":"b7e896cd327d563718b5aaddc6a403a651f885a97d4f4aeca6c7d96ffff77b0d39447c2d412a317ac35a56a3debbeb58ac81f5912cee3ea47f4b563d4512ddc1","ssdeep":"1536:xy/zC0Nd5MU0RztlveiYOSRn+cT49STsR8fYqiRIYFPyLh1E95eEbTj:x4mgdlmtRgOSh+cT4SlV9xLQ95eEb/","tlshash":"c76302f19a646dfaf57245b749923b0143f8f90dfa7b1ce893ca34822d24071bb0539a","first_seen":"2026-02-14T05:30:50.779232Z","last_seen":"2026-05-24T00:49:23.563541Z","times_seen":7,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/LePharaohHG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/LePharaohHG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72305\r\nlast-modified: Tue, 09 Sep 2025 10:49:01 GMT\r\netag: \"68c0061d-11a71\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72305,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"10da40d4241e3d0b472a4d3d1ba03dc7","sha1":"d4eab63ed662013fa0d88d1ec6297923d037da5a","sha256":"4d0bc9b29c0d7eb110ab8e90fc12605b8d429c3e0290059cadc3c19c509e8aca","sha512":"62643d86cb27190d38a4fca3ad127d0dae66f553949cee844bddbf4b63b047a60837678eb0922914ed38d1cce4e52d1a00f8106880e63873b5d36c850f115ddf","ssdeep":"1536:TgUNFIZitKAmQu1xJHt9r7g4oVeBSI+HhlG/JwSyZJX0Cg9Uncl:TrFsiAAmQu1xdtdJo1NhlCJwSkJkhOcl","tlshash":"21630254663f28c1a1d340b762228cca14deb73ac25d101e7db7bc640e87bae2c7cd99","first_seen":"2025-09-12T22:08:21.782031Z","last_seen":"2026-05-22T01:16:04.907955Z","times_seen":148,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/LeVikingHG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/LeVikingHG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 65713\r\nlast-modified: Tue, 09 Sep 2025 10:49:01 GMT\r\netag: \"68c0061d-100b1\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":65713,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"1dfe2c72e412452ba4974b03b30c6ef2","sha1":"dd0ffcc7a30094b3c1ad7f78c7e038ba960d5484","sha256":"90804bcba8e0cfde0896d3ec9b4175adcb4122f9f1cf68d7ec1bb67d64c9d7da","sha512":"a921d5e836291b7bfeda482f47f5e55aab904a8d73e89731fc3108126e65d5b39a0234fa68df7bb74de4abb5b4c61fd451dec335d62fb5831fd27004754e4c06","ssdeep":"1536:otCfjzL2gSHYZabdeNoRcQ95ge35vy4P4q:oYfjzL2gBawNoWVOQq","tlshash":"cb530257fc923acad219c1719f9d521c3df8c796872426fa23f0eae6418ac6137e518c","first_seen":"2025-09-12T22:08:21.696262Z","last_seen":"2026-05-24T00:49:23.250456Z","times_seen":151,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/vip-club.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/vip-club.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-404\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1028,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa51cbd98199cb9af0b270cfb131f898","sha1":"96da0d4cb8cb5cb2aab49bf78fbaee0b85ec00c8","sha256":"139f4d4c23062720da6e4923526c3f4f2e8ad7b3e58f4d7f97bc5db790f85373","sha512":"e4e36499764d998f468ee64e52213ca4ba6c3ee8e4e404760321df5059fc4d51300fbfe63e5742dd7260dfd250f7d7c3fd230cfa3486e781127cdc8ec0c11928","ssdeep":"","tlshash":"591102f7a3d4f0c2e513e3f0cb2a91a1e99b71f4aca7c15457a01f147a245d04b0ad64","first_seen":"2025-06-22T12:57:21.234052Z","last_seen":"2026-02-14T05:42:27.025378Z","times_seen":64,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/WildBanditoPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/WildBanditoPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66051\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-10203\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66051,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 382x287, components 3","md5":"aded5147c6e1f9d836b4b207e49fde7a","sha1":"d36e419a685a91267dc14cca86d7ed49b0f536e5","sha256":"c7bd342f32efdaceb8bea87974647d57cb67fb1a1827561e6f49bb1b208b719d","sha512":"67718214551e52d7fb3ae3b176f5f1a165da0ee83694a1355554fa6bdf4fc32e741975249935d51f127e7042c9250d68f4e5f7527cd5bc5b92740c92950e4bfc","ssdeep":"1536:UbFvYTZsgtCXp3SBfquTLLRq+GJFd0cF+Dyfu1Dpu:UJoZBt6ATLL0HucFqymW","tlshash":"c8530120972c7a9ff73d693bc441159a5eec6a3379fc51ca01d4a9bc8b24608a38c7e5","first_seen":"2026-02-14T05:30:50.817622Z","last_seen":"2026-05-22T01:16:04.768975Z","times_seen":5,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/search.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/search.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-38e\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":910,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f5a854785afda978a96ea6f5b5ee8bc","sha1":"f2a49a6b59bd659e580a9e3feaf3f5a6092c7e45","sha256":"f2efd3e71cadfbea169bfe3605e04606d486a6d1a6408c5cfe8c3a5bf37b0f1b","sha512":"965e7f8ba7d5420957303dcf17ee28d87ece5387dd9cf69677ddda066fba7176ce7c6691c63ecfaaff8fd071d0328c7ab017e0b069e8698c019a5a3374e45cda","ssdeep":"","tlshash":"851190f9f7a436d06893d7988c5f59667d3335fc6764874c8abe4a0033101fd45a6880","first_seen":"2025-06-22T12:57:21.009498Z","last_seen":"2026-02-14T05:42:27.026726Z","times_seen":64,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/locale-en-US-json.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/5f3ca08/locale-en-US-json.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3407\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-d4f\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:51:00+00:00\r\nx-node: m9-up-gc8\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10600,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10573), with no line terminators","md5":"fc00deaabfafd48080a08fc0d7f841b5","sha1":"3bf17f3bd75349b1ba1f9b78c6117fadd4620310","sha256":"be8a7243d87cc8bc1c523f0b10a41c149622c9c6af30b6a4e8231b1506cfd542","sha512":"1f3d4801665e172b54578e6d0d71f066c72df7244512cf00026104acbf6f21dab5de812d2679f56b2414ae7f40fd4963f61db75bc7bfc0893c8a3debf65638fc","ssdeep":"192:2P7mk/7Obf14M6bOIpUTPqZ8BijFLeEJK:C7H7ObdFkOIphZ8wjFCmK","tlshash":"af22d71ee7017f360fa613c3744f7b5376a480e592646cb5d89c826943b9bcab217b8c","first_seen":"2026-01-27T14:54:11.499444Z","last_seen":"2026-03-31T09:24:10.733781Z","times_seen":1154,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/PinataWinsPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/PinataWinsPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71426\r\nlast-modified: Fri, 13 Feb 2026 13:18:08 GMT\r\netag: \"698f2490-11702\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71426,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"b6305200e7547e19bbc906e4dad440a4","sha1":"e378db5cdc98df8ab147091c5228b59f4a677ec6","sha256":"831a7a3f9c57e8da60e89a765a2767157aafedd19a452a53bed97bec0b5496bd","sha512":"94831b7fd4147efb65a4a5f96ff240493c154617c7ebb0ad332973db2c25a6aefd608809028a3feb5f151fd877c2044547556db0b23646ed2f09c209bc97854f","ssdeep":"1536:2934OljBA53/zcSR11KPJJdtwWMC/T33OplwzwGUp4xlzor:2mgUbcS3oHwWlOlwzwGUprr","tlshash":"02630225010f46d0be2ff0b6ae71d9a9328ff64430a3d9c72ead7c45881d949b657e0c","first_seen":"2026-02-14T05:30:50.808007Z","last_seen":"2026-05-24T00:49:23.233921Z","times_seen":7,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/wtp/gelik.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/wtp/gelik.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 32298\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-7e2a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32298,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"14381ab8c87dc8f4f8cc0441677e675c","sha1":"29d9c5e26a34b77655102737f50b5e274838b4a5","sha256":"6b968ca73b4ed241cf42d3a6e4e4bdde326bfe3f908253b560dc75b650a8d0d9","sha512":"4bb7a82b642491b00622a6674a90dc806c9a30a9b09b37fd3de159f592365fb3b5b3fdbfcabafcf77a9e36325713d91064b4cc06a474853722f90fbcb68912e3","ssdeep":"768:OzDOsOb1Ltm/5rAhu+PhPQnqTfrzZ11OuNTNin5d:OzkQGhLPQnq8unin5d","tlshash":"6ae2f1a7d926b91e111fbf10eadf9e7b3702018fe332165f90a64d24f0ab653dd12221","first_seen":"2025-06-22T12:57:20.936551Z","last_seen":"2026-02-14T05:42:27.028237Z","times_seen":78,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/drop-and-wins.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/drop-and-wins.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41616\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-a290\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41616,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x311, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8b04038bcc7fa4fd5cdbfef3a772da60","sha1":"dff2014361d4c43797dfbbb0603890490de971b4","sha256":"907ee0c3ba2cd95d7c67458218833a8d60e67822b1baccc46dca3544ae4ceafb","sha512":"6ddf360192f624aa313f1a2bb0f3e63ee46a9fbe0a071e7307ed59031d45884f10a8317c1acaeaaf031ac7994718a8869ad7c570b00d6c710614a04474fdba6c","ssdeep":"768:2FbaA+UzYCYFjhn97OHZ4laeYCMeFH9MLYCmf6iFpvWflGbRFO15yfTOq:2FP+7hhnZO5W55pIUOYFObyrX","tlshash":"5913f19d82d3a33c9b27fb81a9505302112294710578933adf2bfa93adfb10fd395d99","first_seen":"2025-06-22T12:57:21.096948Z","last_seen":"2026-02-14T05:42:27.029094Z","times_seen":64,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/small-tourn_desc-10.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-10.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 39472\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-9a30\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39472,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 950x276, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"96f3bac0e4e78b9f6446f50f0c54c13f","sha1":"9f803f56d3037ebbe9f5695cb8cfde1486d171ba","sha256":"5b484ee71184da5f0f87532a9763fb3f892efb27f68dfa952aaf74006b0faa5e","sha512":"bbc1ba457de219b7acf75ea6fd4ff920a46fc805b7fabd20c055c83e8a4f9e11cdc9371534a9457e1e888a1104778773fc23084ca60d07e153cb3a16f8e405de","ssdeep":"768:ZVqvMm/8HU8x36J+x2uyRRzYcLyyecwyrjkgrTNlpbdThTs:Zov//7+x2vRzxW/yrjk4Jdg","tlshash":"d803f1c123cb8b9636373bf45d2a4b005f0a84c2221e1dd6eceb0246daef596a755d89","first_seen":"2025-06-22T12:57:20.989864Z","last_seen":"2026-02-14T05:42:27.02963Z","times_seen":62,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/DragonsTreasureQuestPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/DragonsTreasureQuestPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 70850\r\nlast-modified: Fri, 13 Feb 2026 13:18:08 GMT\r\netag: \"698f2490-114c2\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70850,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"80758cf1602906b97e7f0cdb19360585","sha1":"baaea1734eb429ad056b349dd780a842c6d0da74","sha256":"d807bbe290e80605d6455d3926ac0bd55efd6992a3578c5c2460be4a457d55aa","sha512":"d8ed4f0e73227fe3320334e7e8296b949f30168d47f8d51c5371206e9ed4bb94c9229f90198b748f71dd6e4a0ae26d0c2f3f04d933a0fa0cbf250925f51c1bfe","ssdeep":"1536:az8m17JddY1emK5L//7iPK+sBW67YopUZZfY/Tit6OGKx0Y:48m17Jz+/KcsBhFU7Ye6OGK3","tlshash":"766302b979dbdec06daf7fa4ee781d2420dcc37d12a458b704fa46ae035bb2a2c54144","first_seen":"2026-02-14T05:30:50.80583Z","last_seen":"2026-05-22T01:16:04.65412Z","times_seen":5,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/favicon/favicon-16x16.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /favicon/favicon-16x16.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-6560\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25952,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22907)","md5":"587f2b9177f649fda1d34eab3699e1c1","sha1":"a8c2e22c71cc3a04676f4d281ef26927610c1a13","sha256":"1dfcb6b1f4aec4b9cf9538a09727f1ce9f5c8f12461a58632483d150f14e971e","sha512":"a7d9cb627093b4a8723baae0487e0128dfd1784dd68aa0097ba21a739f23d90206199c481b0741c7d6bba93cc7c6082504f08514260f484dbeade590814d6079","ssdeep":"768:tdXEn6nT3mEOYVGky55CK/sGN+k8a6a8iLOj7jiiMrLZBZCP:gn6nT3mEOYVGky55CK/sGN+k8a6aFLOH","tlshash":"d4c25007fda253aa2213e49b0840df67af737d32c43d015597132696767f48ef2aa3a0","first_seen":"2026-02-13T13:44:35.698586Z","last_seen":"2026-02-14T05:42:27.013428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/bg_desktop.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/bg_desktop.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 8986\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-231a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8986,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"31a914fe3846ca9eb31d7c3fbb31b050","sha1":"2dd41f8f9ec9c19e1e2954d2ba59f4d854931383","sha256":"4567da126c9c2b84d39840eb42037b716e72c89dca976d60e9de86162329c977","sha512":"d0e24702ff1e39dd217cee0989fcc8e0bfd0f2c6294bba2061da8e9e3f7c29b6df67837459656c736dd1ef7c9726776954595e08ee59de19adf7d83b314bd529","ssdeep":"192:DxttTcmmGfRJ3GAxfjVZyDWNT5SJ5qFO2Iq7/YYYYYYYYYYYYYYYYYYYYYYYYYY1:DvtTcMfr3FxanqFO2r/YYYYYYYYYYYYJ","tlshash":"a202af8363188af29d48d31128b8bc650199c125341fd47b4a22faa7c2a7b71f9d776b","first_seen":"2025-06-25T14:51:19.518822Z","last_seen":"2026-02-14T05:42:27.030662Z","times_seen":76,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/bg_mobile.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/bg_mobile.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 638\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-27e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":638,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"e9e7ad5e10b94ecec5ebcd3a96ba3300","sha1":"79a5637f3e787f95f22840c7d66769693fac8a21","sha256":"7a0b92fcf57cd4d2c07d91f8a1eef11f92e1b57291b8afe20c0c52d49beac68b","sha512":"5ff5949d78c67f42433e5a0eb0d233907f0a380cf200f48ac3ce3ddf481fa9cda4b231a386e3fd9059e26577b562b02fe13611e3ebf4f36ac4bfb826da94e64f","ssdeep":"","tlshash":"28f0dd4f832c607a79d3f891a7c587873d0f89a0e09f5451768ba3a450b66e51446ef4","first_seen":"2025-06-22T12:57:21.111513Z","last_seen":"2026-02-14T05:42:27.031667Z","times_seen":80,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/welcomepack.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/welcomepack.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 280096\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-44620\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280096,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7fb5bd7cac8f95afa08b49ed900c29bb","sha1":"37960313995a5ebf9725cd188610dbb1241367c8","sha256":"4f256ee2861be86bbeeb4e95b6fb2ac6daa612a60d7ae234dcc2ee3d7303ca14","sha512":"0a892c95f7c74e077f2bb2020de0ba15bfd31ecffee1b036af5edabc353784155c6eaa311639bf8ac34f57da54bc7cad9a5c018df93389805d505581cfb2b7c3","ssdeep":"6144:JLqE8NJTq2vK7M+PNPSBaRs1gFPchED/PGYeTQcjlsohaQnxI:JLqT3e2vKMyM8s1ukhED3ETQKsoLxI","tlshash":"d35423049a1c8437f591168f5781ee96becf734be2a9e70681aa7de832a07747fc3150","first_seen":"2025-06-22T12:57:21.216453Z","last_seen":"2026-02-14T05:42:27.032207Z","times_seen":81,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/ecopayz.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/ecopayz.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-166f\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"adc048ea24eac4cddaca1d246a678729","sha1":"b43921a8921566b6a9577cdb1bdd7a227fdf4512","sha256":"f0c9dceb77ae14050c497cadebb3b457d2390b3773c70bb23a97a273afae1a3e","sha512":"95d647c92eda1a160bd0a81fe5625d3726722432109fa5fa0420764e93a979548edf8bbb9ea4351423142e87d55abbee56af29ebf3940e7593434854a150dedf","ssdeep":"96:SJHwrwEB1ByzBfzm/Jc8TwqdEN45u/aMx86M8/1z9weTmMQMQu+DLZVLF:S1wd+V8dE7/aNIqeTpCLrLF","tlshash":"0cc1a3ec377893f4f54ad7ff872654b5340360feaa4589dce3a86c29a48155e1c84ac2","first_seen":"2025-06-22T12:57:20.997339Z","last_seen":"2026-05-22T01:16:04.978096Z","times_seen":145,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/astroPay.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/astroPay.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-1765\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5989,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"98a36d27b829e6de9be09abc8bab1cda","sha1":"c2122afd6703ae0013d0e1adbdd28c67ca74973d","sha256":"172c7dc8397760f691b6335433862132add82dcb72c3ee58b7d6f5d81a508699","sha512":"8cdad17709cf22c03fb25164bbfe5664903f5acc8c98f1ab7bb86cf53024decaddea8950fef8eb9af8c85bac7ed32afa34470cd4cfe89400482218a17b726272","ssdeep":"96:syqqHYHn7+X1/3PXnCq7do5h1ZBXJL2x4/sU5S/RFdeN2mjjM4KqL2VcmFCEc/Kd:suJX1vPn7dqzXJLBsSS/QFjM4h2imFCm","tlshash":"71c1b6e6537892bc45c79f5eef229951932fa0bab516c2c0ca6ddfa450c7c88f707850","first_seen":"2025-06-22T12:57:21.202247Z","last_seen":"2026-05-22T01:16:04.591477Z","times_seen":145,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/category?lang=en\u0026pr=kometa","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/category?lang=en\u0026pr=kometa HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/game/last?per_page=30\u0026lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/game/last?per_page=30\u0026lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/game/last?per_page=30\u0026lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/game/last?per_page=30\u0026lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5473,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"bd502eccfeb57644b18a8f1309c40506","sha1":"cd616170657bc3faa71c29631616614bb08e109a","sha256":"60685d95113aa2d1d044698aaa5db2829bf8cc2b98a69643b8c54a4e1988b0cf","sha512":"63bc95ef237afc536bc35a259d5f126565ba31e60b1ec8b629a778ba215a2ba11e2c95ea7981eb60602f2c8b941df80e0ce18773ea1e4c687237850cb9533ce8","ssdeep":"48:Y/PbLcep7ZjnNPH1hUs6vy8DPqNV7vIb1UY/kUT36:UPbLZp7hNf18yYCV7AOWK","tlshash":"97b155998f579dbf335033c019c377d72e6cb02b25c0cfd41165e8088daa96b6a77226","first_seen":"2026-02-14T05:42:27.03421Z","last_seen":"2026-02-14T05:42:27.03421Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/BaconBankrollRL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/BaconBankrollRL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 63942\r\nlast-modified: Fri, 16 Jan 2026 07:05:58 GMT\r\netag: \"6969e356-f9c6\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63942,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"ba2db2eafd1a7f7c1cebfef033a393ca","sha1":"4f9331b9201ad8b39c85b73a2e9c38d57f7f0fdc","sha256":"9114e93297f31d261633ab29ad1ec0b6357ce6b20f4220de3fb7273e57cc02dd","sha512":"4ea78fca54320d796cdf0c1f8746da5c6cd83e73562a980db3b0debbdc8939dfa7f934675e1cb7502306dba7d92dac459c6478f3477a0240a926f9feeb443f66","ssdeep":"1536:e+4CmcLJLEjKAHcFiynhb2ZH8/FEtiLGGBHf68D:j4CHLJWHcNRMt+BHfvD","tlshash":"035302de22a116e4f8c450d6858baaf075630d25d2bd54de74d8ce9c34438b7c92acfb","first_seen":"2026-01-27T00:01:42.997633Z","last_seen":"2026-05-04T08:23:06.137069Z","times_seen":8,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"vi-sber1-20.jivosite.com/ziqY8DLV0e?e4951856d326b2af","fqdn":"vi-sber1-20.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"37.18.110.91","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:57.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /ziqY8DLV0e?e4951856d326b2af HTTP/1.1\r\nHost: vi-sber1-20.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://kometacas596.click\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: eXRg6M+397+Job6E+ZkZYg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nConnection: Upgrade\r\nUpgrade: websocket\r\nAccess-Control-Allow-Origin: https://kometacas596.click\r\nSec-WebSocket-Accept: vLrcar4tZ1yyfC/RCDktavmmVgE=\r\nServer: hand/4.1.1\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":30,"send":0,"wait":30,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/main.70cab2177023b4c1.js","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /main.70cab2177023b4c1.js HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-21df5a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2219866,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b88deafa96930bba00c2d248a6815eed","sha1":"6fd40d50cbe41b677cd036d7622ccc471e193d6b","sha256":"dba1eb52b2b40d427e79527a017a81fb64cb8050b535e377001fcc85ebdd0692","sha512":"b71b68145ba59a163a3fddc2332e07e0576fe4a45059dd581bbc01cceee8590828c7f4b811bcc1b9d931ad75439f6830a0808aa6787e3c4fc26d718a5634afc9","ssdeep":"24576:zlGnVTpQAUiKIJDkyTf3ZS8kkTKrDloQymONWClgI6ei8k9STfY+Ymteg695/uMj:zlGnVTXKIJDkyTf3ZS8kkTKrDloQymOK","tlshash":"0c257da5a213f03537e7849a90b704c6b3782448f906859cf1bd8cec95edc9a7237b79","first_seen":"2026-02-13T13:44:35.764059Z","last_seen":"2026-02-14T05:42:27.035606Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/add-crypto.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/add-crypto.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 377692\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-5c35c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":377692,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e29f6590f44364194cf2999854154576","sha1":"bd85da26ba95a6334c88dd6d7a1f3f73e1f3da8b","sha256":"1abfdaca23aa574178f8ccf9fc6b65e4e80e73d1f810e02b98bcddad89c76381","sha512":"19859eb004a648134c1e1f9fb90eab42da4211d22d721a0b8c48a3f0b27ed323fbc1d6e72f37ee584894b97425897663e614bf68ba1047163f68c283eb29631b","ssdeep":"6144:qBEvTzHK8lHHdBXmz41VVSwlYezQJ2K3XuM0HM2KjAxsoDWMA2qn+T:Zfq8lHHdVI41Vrl7A2g50sVkbp","tlshash":"c08423c01b73ddce1a868d0e7dd25c57a40598c6aedb35a19f04cc9c293af0e9a36d87","first_seen":"2025-06-22T12:57:21.117199Z","last_seen":"2026-02-14T05:42:27.036366Z","times_seen":72,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/Kometa-cashback.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/Kometa-cashback.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 427804\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-6871c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":427804,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"40a5cb21a9b36e7eb6fffa4669684c32","sha1":"0a0714289c071b89487f891489abb549ab16b891","sha256":"2f088badc34897aece6763580470117d9beae08ca10f9758fd4db40b060db6a6","sha512":"a5cc2c76ff7c12f8bfbf7beb38761def13fc9df72032eb6f137d93599d36574409013b50b7b0557888230af2688853d01a493fa0b2a2d9bc864a169de894b8a9","ssdeep":"12288:QLGMqNne0CiSdwx/uBq4REyDZnxQx6SzGns:tneS9u8gDZm8s","tlshash":"eb9423c4fe7b131e30bb6322e68f1c25d477a124c22c632029562bb6f72556c17da9ed","first_seen":"2025-06-22T12:57:21.026004Z","last_seen":"2026-02-14T05:42:27.036877Z","times_seen":81,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/info/info.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/info/info.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-382\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":898,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c8c7ecd8eb43f97bc2fa7fc5cfdb0537","sha1":"babebace137a602e58ae56a50d39c17d7ac3d91d","sha256":"27294ec839cc164e338e5d4c41f4895ace888b6997bc3a9ea6bd69f9cad3b003","sha512":"d85230d1fc820aece06a92c5517e8a05c9b9c6b0745ae9d5035b73ffbf1a22a160cfc5eed15c65fc97dce90f5dc3bcbad12d8e86cf3ba03dafc6a0c1b4fcf854","ssdeep":"","tlshash":"971180f473ec8982194f4b79ce2169406e3b0af9f7c123e4baf0a554ab180e4885085b","first_seen":"2025-06-22T12:57:21.236701Z","last_seen":"2026-05-24T00:49:23.229467Z","times_seen":138,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/AviatorSP.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/AviatorSP.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46015\r\nlast-modified: Tue, 16 Dec 2025 07:16:44 GMT\r\netag: \"6941075c-b3bf\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46015,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"ae012f305ff52ffdf8e1ff9c3de22585","sha1":"5c12b86193304ee64a200de69e587bc10918eb99","sha256":"f6c131ae20f1548886636038a79a98ba4ec052161b17007ba1d2f26a937de3c2","sha512":"8a6a13a148aadca78d2172027773e603413814a06d7b6623ba777183d9d907134e3ab76dba6d9570ad250f1e095ef0d972796bedd9eca5389e3fedb92a9dad07","ssdeep":"768:7iHuRVYQDEZnLlfBOlUQ82szxzfxxR0UW1b1L7cBO4uuNExk58Ojc:7iHEYQIZLPO2pzxzpx26tuuSi2OA","tlshash":"132301c54a2bc589eec9d7e3d8d05d6b9fa9ffd0f8094848d4cbb10850864cf8bb9560","first_seen":"2026-01-08T21:50:24.2988Z","last_seen":"2026-05-22T01:16:05.069485Z","times_seen":6,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/AviamastersBG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/AviamastersBG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 71258\r\nlast-modified: Sat, 06 Dec 2025 07:36:45 GMT\r\netag: \"6933dd0d-1165a\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71258,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"6c47a51056562adb8ed7a34951e019fd","sha1":"dd001848690e398f7f491af637feb7801a0f23ec","sha256":"a91b143f10e330a101577e26e451c297464fbdceda7f132e697a40fc61402587","sha512":"99ea4e74a356181e8495444bb0f656ded24c0c38ca9588bae30b6e3b17bc380ee3a72901b580cfa02a99ee4584bf7f68f0277f815da020a9bef69651bfdc121e","ssdeep":"1536:xhCw+M4ceLct/8rGrJZ0AfQObQ8Zv4eoKdxINyiwr4N2g0UiZ/BVAq0:xhChMRJ/MGlkO88ckUDwrLZJW","tlshash":"f46302278777bdd433a09a7672878f8178eec6a2176c757c688a10bce47da12c7217d0","first_seen":"2026-01-08T21:50:24.263953Z","last_seen":"2026-05-22T01:16:04.842708Z","times_seen":6,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/MinesOR.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/MinesOR.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 201572\r\nlast-modified: Mon, 27 Oct 2025 07:28:16 GMT\r\netag: \"68ff1f10-31364\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":201572,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1760x1320, components 3","md5":"230b2b1e11609639497f027ac096e1c9","sha1":"d5d0bc3a07046ed7d356a025c1ea14a1d087d03a","sha256":"eb89fba37541666d384136b9ca1d5a47bdec73e6ac63a0db8303c8dbd0bf4831","sha512":"5b4d96182e0a7897ed95545d6a1f7a99943c4aa7fd2741792ef1710499193efae4f2d5bb9cce09238413f328f653542b09684454ee8475e8348c2d8bd7d239dd","ssdeep":"6144:0qrpWueeh0oGw/5w+ZHGdwm59y3znkJvNxRvM4ocq:0MUuR0oX/5wqHewm59NRRvM4o5","tlshash":"501412e649e5442fcb96c87d214070546334874d3f48988fa6870e36c66affab9f1b27","first_seen":"2026-02-13T13:44:35.770793Z","last_seen":"2026-02-14T05:42:27.039229Z","times_seen":2,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/TreasureTumbleDDRL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/TreasureTumbleDDRL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 64760\r\nlast-modified: Fri, 16 Jan 2026 07:05:59 GMT\r\netag: \"6969e357-fcf8\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64760,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"e0a5fa2bb67411ea5512848ee4dc7559","sha1":"ba3fbefbd82e8cdbac55acd09a574966ae758e6f","sha256":"5f373083bcea2496086558b271b3f0943d89b3c8b2ed1547723977d52c4987f0","sha512":"183b4249f4c11c6042bea7364c41e765c3638eb5bad8ebeeeb54f4c3a1bee284607e769be5e3992ad1b12d65c5c9fafff27b5cb9be7be432256794cee6e741dd","ssdeep":"1536:xlZpVoFLi2DmabnAUKPfyD9FAGgaOUeq0:xlDui2Dbw8KGgjUeq0","tlshash":"8d53026f11b465a57e9bee34a764ecce3ce5d33c72278e694eea300490cd091a5f5350","first_seen":"2026-01-27T00:01:43.024323Z","last_seen":"2026-05-04T08:23:06.027746Z","times_seen":7,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/mulish-latin-400-normal.163c0baceaf56d2a.woff2","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /mulish-latin-400-normal.163c0baceaf56d2a.woff2 HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/styles.a5da7c548c33834e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13508\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-34c4\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13508,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13508, version 1.0","md5":"dde2379a58b73aa459e27d560b35ee4f","sha1":"8eff2352acb3b2de206c0444f4f704ed46cfb134","sha256":"9e7fe0edbc32bbda00bdef6dc0241bc78277a37d4ceeab5991c64d11915746b9","sha512":"83ed52c35a95b663e71452a250675a71e1f4efed85d732cdc6781dd13afab1bfe852aaaeea765165f615bd2d153bec4ef167934d31c20d9632e18c87d89b1778","ssdeep":"384:qNfWn6GyNb3qnZTRAaSqnoNxnMKoaUzQwwcNlc:kWpRRDPo/MKUfXlc","tlshash":"7052e00e6eeb6923639f12f4c117254fc24bae01e78dc26e84450693aff38a3521910b","first_seen":"2023-09-17T10:33:05Z","last_seen":"2026-06-04T22:58:17.777554Z","times_seen":446,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/5f3ca08/chatcontainer.widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:42:06.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/5f3ca08/chatcontainer.widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:42:06 GMT\r\ncontent-type: text/css\r\ncontent-length: 14861\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"698b2a99-3a0d\"\r\nexpires: Fri, 20 Feb 2026 13:51:31 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:49 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-10T13:51:31+00:00\r\nx-node: m9-up-gc230\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"30142f29f846e745dc58a8103d6c2edc","sha1":"765ab6186c158f91c5b02a45b3862f27becba1cc","sha256":"e83f8c3f545b4ebeb39d1586bd9cbb938500a7f857763f606b7b29dc3ddee040","sha512":"e37871fc0d6315e7705dcb70fe346cfb4ba1cd6c64d8d00759a3f3041f40c34256a030a5a8c0b8d4af89e94356e3f69e291d1a83f014905ae348ed9dd3ad200e","ssdeep":"768:2+XAQXgUyLSaZV0MKDhXeVrnIn7bwt0YRfSyq+kUH86Qj:2+XAQX4SaUHk0YR6p+BHuj","tlshash":"8173b462f6d0252df02bc536ece2bbb9643d901297231fbae644b734c78a5d7176260c","first_seen":"2026-02-10T14:36:06.544196Z","last_seen":"2026-02-17T17:00:15.678019Z","times_seen":103,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/styles.a5da7c548c33834e.css","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /styles.a5da7c548c33834e.css HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-20e28\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":134696,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4f65d22e6a478dd616080afc19abedfd","sha1":"f7483d6fa1280de516acdf83ea79a5bd62ea559f","sha256":"9512c0fa7b6689a80830038ab1f49b6666bdeb0e3ae768f8e9d72b51a7bf615b","sha512":"b5bec5d2a32cbc2e56eb28b95684adaeacb25c1f59ba773b26f07cd4b65e0ea573ee2c29e7d0063ef5c25eaf53f749e10c08bf9047d7b73820054deb019da479","ssdeep":"3072:qQ/WsHDSeVHjoTs3E3TnmCEoTac+lr4jLjS4iL5F51WLzTfTyWQbW0ZdOlpPOTQX:b/WsHDS+Hjgs3E3TnmCEoTac+OLzTfTp","tlshash":"46d31723e835e3a53b13d45362448fec53b8f818fb1726a4f157de0c6aca05ae1b6758","first_seen":"2026-02-13T13:44:35.695642Z","last_seen":"2026-02-14T05:42:27.041586Z","times_seen":2,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/small-tourn_desc-9.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/small-tourn_desc-9.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 459401\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-70289\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":459401,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 950 x 276, 8-bit/color RGBA, non-interlaced","md5":"5717d0effb765f1fb4381cf06499f263","sha1":"3f8ab05e7878563fe3ef4c5190ca1d9de32ec2b3","sha256":"af94f3abc19f69f37e8e929d739e54500a8755da0bd0cf94fc748efb5d3c31b8","sha512":"80d572c6121dc1741606862559bc72b2c8bb9a1d0d7551ec7fdc0827542681d2035c9632ead6a7fe8b6334c642661d7f5b73e73962b61f55eacddbb0a73b80b1","ssdeep":"6144:Hni+HIRKET4QzsHI1sMojkr/RM2ccjlN0me49+TqUEUB7kHGrcMxbghf/OVVloW2:/IEETLtvo4/qFGZe/LrnFghfGoWeKYe0","tlshash":"8aa4234386246a0559ee5cc710cb0d4adead22f927f8d15f52086f6aaf02f11dddb24b","first_seen":"2025-06-22T12:57:21.209623Z","last_seen":"2026-02-14T05:42:27.042375Z","times_seen":56,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"telemetry.jivosite.com/w","fqdn":"telemetry.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"87.242.88.149","port":443,"asn":208677,"as":"Cloud.ru","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:42:06.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"POST /w HTTP/1.1\r\nHost: telemetry.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 185\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":185,"data":"{\"event\":\"offline_invite\",\"widget_id\":\"ziqY8DLV0e\",\"chat_mode\":\"offline\",\"site_id\":2256902,\"device\":\"desktop\",\"visitor_id\":\"e4951856d326b2af\",\"widget_version\":\"183.9.0\",\"shard\":\"sber1\"}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: JivoTelemetry/0.9.7\r\ndate: Sat, 14 Feb 2026 05:42:07 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":106,"dns":0,"connect":49,"send":0,"wait":49,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/wtp/withdrawals.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/wtp/withdrawals.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 24278\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-5ed6\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24278,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"daa524b9868781c3148e9c9e3d777fb0","sha1":"75e1625b7c21a83fc344daf051d55bd6ad507552","sha256":"98b3c6ced29936dd214c59b5ecc2c08d12b19055ec80b8585008c8bf909d90fc","sha512":"d0601a209316f6f11234de179c0383311ed417eebb2eff343e204f6f31abdcd26811ef68aea113be517091464072002b654f2c6a7b3747256615a01d882eaa2f","ssdeep":"384:I1kGWSzuMgdjMsDJS7/wzdL4o7UjL5uldwsUmSPxsToJEj8jzvsPzukH6QKArDPS:MUU+dAslSbwz7qduldGmSG8qj80yklK5","tlshash":"45b2e158092ecec50c18b5fd94570dcc29facdd511bba2d14ec9a7890ca14b733f992b","first_seen":"2025-06-22T12:57:21.228494Z","last_seen":"2026-02-14T05:42:27.043199Z","times_seen":73,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"OPTIONS /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=43\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kometacas596.click/\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx-rc\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T17:34:24.203013Z","times_seen":16217467,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/tether.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/tether.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-ce7\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3303,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2b7623eec1db8da3ee0ab1aca15c81ea","sha1":"7376c1080dbcd43c0a87153b0f81738090c1ae67","sha256":"1c6845faee131c97bb9c586095cda10016abd0f82f8e704eb86d9fc219cace8e","sha512":"d5051c0cfce9a1bfa9defdedda8e79161eec3b601664c4382486409058fce507401b69055c48b4c39379d41edc97668935f40bf51c1f50bc717c980a016268c7","ssdeep":"","tlshash":"3c6193dc76a851fcb404f2ee2b0721693d0624fbbb684a50f62d4cde3996884cc84ef5","first_seen":"2025-06-22T12:57:20.92505Z","last_seen":"2026-05-24T00:49:23.610091Z","times_seen":218,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/wtp/cashback.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/wtp/cashback.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 45214\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-b09e\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45214,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"e91692478dc5f6979a8a15d51d8bbbcd","sha1":"0f3928f7655722cf844d83e9ac475923849aa0fe","sha256":"8e4e00d43eda40c574eeb94ade0c2a099e9def66feef83ed3d11e153f5a16a7a","sha512":"3bedc01f500110284a0c8916819532361c549b803ae8a86d9ce94f7bd297d1c26721882fcf323538836e9ae7ad153c107b97eff5145852481c64e2f46bae5a3d","ssdeep":"768:SGy7SgZOlPPUyRxLRF5K28Ef1B0LUur1YDk1nnHk1imQl0Nvk7Fgo:5y7SgFu9maf1BH8nnHl/01g6o","tlshash":"6e13f1eecc33433f50aeabc2faf934623d9915d59a7dc096476f5491bfab444223a108","first_seen":"2025-06-22T12:57:21.096095Z","last_seen":"2026-02-14T05:42:27.044059Z","times_seen":78,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/games?lang=en\u0026pr=kometa\u0026device=1|2\u0026page=1\u0026category=47\u0026per_page=48 HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4591,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"db3774a53aa610c49592c588316dd2da","sha1":"d56a067455ddd899e4447daf658efcc1f5a23dc9","sha256":"670fe5409fbc82384117ce3f425443a85bcd214fcbfd08f400013e32bc1c91b7","sha512":"1db1a11c7592f33a5e72c6dd253aa6b69ffd29009e9c569f1cb180270afe0d9a89ab3d3e965294dd7468e64d6fe32d3366d7390815f52abb4cb45aec9f79d2b3","ssdeep":"48:YPbg8bgchbgdbbg68Z3bgFrSEbgrY4bg7bgGbgKXbgQbgLbgk7Fbg/JKIXbgW7po:iBPobF8RwSEx4m53Xj6rwXhXtVNh9i","tlshash":"1291056645261cbfca1724b93f933fc6409c819a9adfef64418dcd0c96bc9f94907832","first_seen":"2026-02-13T13:38:46.522842Z","last_seen":"2026-05-24T00:49:23.256452Z","times_seen":9,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/jackpot.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/jackpot.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-620\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1568,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a4e89a0753176e69c7b10e5eb228f50","sha1":"d0369f1833402c8f3b8be020475afea464c4c3f0","sha256":"b5ed7d7f3aaad87c44f321de6a5f3de85b000d010d69cd67ef25ce65d407c838","sha512":"8966d6b16c4afc37f1753520633d5088d69351749cfa719e43bec32673c660f2f9e5bf4cc3143d19918cb54ce320fd35fefe2318d1ed3a55e29258624b041e10","ssdeep":"","tlshash":"c431cdba921ce2dc04cbefbccb36d4a1270e6091f9abd7a4d89e837104778d9d487414","first_seen":"2025-06-22T12:57:21.044943Z","last_seen":"2026-05-24T00:49:22.756717Z","times_seen":138,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/css/5f3ca08/widget.css","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:55.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /css/5f3ca08/widget.css HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:55 GMT\r\ncontent-type: text/css\r\ncontent-length: 25386\r\ncache-control: max-age=864000\r\ncontent-encoding: br\r\netag: \"698b2a99-632a\"\r\nexpires: Fri, 20 Feb 2026 13:50:30 GMT\r\nlast-modified: Tue, 10 Feb 2026 12:54:49 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-10T13:50:30+00:00\r\nx-node: m9-up-gc81\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137137,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2774c9239097c91a13a487e24a2ebdda","sha1":"b813877552a6d1ef88821d7e8c10d5fe6b3d274b","sha256":"e809e1f3500cf65e2f23d75eeb5e033afcc6c60507326aa7b6405c2daf477f51","sha512":"296c752e5f47b72284e1fc5b33566e2f04549beb5884f7845bd5038ecd5e6d5f062c8acd9b3367f6ad3757d011c0e64f94562492741fa9ccfbd6d215f453ca53","ssdeep":"1536:iL5TTKsyA6h6SrhHDuVye262HSfpTyl6568+UlA4UUV6tFUPQxicOLOEDl6mc3o7:LL3S8S2oaU","tlshash":"ddd3e865ead2a53ce91e541ac8c5aa3ca63de102cf230dbbf744f3e147cb6e21276505","first_seen":"2026-02-10T14:15:11.570412Z","last_seen":"2026-02-18T06:03:42.216428Z","times_seen":215,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":57,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/translations/en?pr=kometa","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/translations/en?pr=kometa HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nskip: true\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:27:32 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112217,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d300767dd3ef65a17532672601b946f3","sha1":"2a5c3ce077e44790177dd7bb46c44568f5d6a0ba","sha256":"bd44709b334c5cae3520f6bbe2272a6abad50a9410791c7b7fba09723df65d73","sha512":"3ab60552caddbf873602343b4ae6575fd4d1fab922f0fd722d0c32eb49bbba409ac2d4a0ca847aac693094a14c2fd8a57cbdfc40a647b5de91db304790cd0e69","ssdeep":"1536:Iufmr38WOGc6mLNtUVugpA9WKSfFDG7/ZfAfl7X78B0W82eZ+8dnNSc/CCq9FfrL:1u78BNtUVugpAkRdqrR+AH3hvn2kH","tlshash":"4bb3089fe7881373179203d07a8f7bfabb6d50682321d5a478acc16c2359d365a739c8","first_seen":"2026-02-13T13:44:35.801852Z","last_seen":"2026-02-14T05:42:27.046494Z","times_seen":2,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/ThreeCrazyPiggiesPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.064Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/ThreeCrazyPiggiesPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 68644\r\nlast-modified: Fri, 13 Feb 2026 13:18:08 GMT\r\netag: \"698f2490-10c24\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68644,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"395936b41f1d389345a18b2d04364779","sha1":"ba123a85fa17e0f4cd1da1e9fb0244665b01bd99","sha256":"4f6e0c6c8908c2a5d958f6cde3b9d78fcccac14f2c0e08c0ee13c1a4cff739bf","sha512":"4d502deb73c31ac02322d024dc1e23c454fdeb81f7cd12597dada1ec45ece0e5a14ad054f6ef251f5e619d7d6bcd0d0bdea887698fdfe2f7b34bdc4dc63a9828","ssdeep":"1536:4/fvYOtsnweIngbHWIp7UQKsWxzw3YxCuRqHq/U/odf//:4/XYusweInkTSQKsWxw3YxCi/uodfX","tlshash":"ee630268c8822df5fb513bb9d4076e689bda9192307ab12b11cfd857fc239326a43c50","first_seen":"2026-02-14T05:30:50.89923Z","last_seen":"2026-05-04T08:23:06.102469Z","times_seen":4,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/WildBountyShowdownPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/WildBountyShowdownPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74381\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-1228d\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74381,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"c9dacd2fe5bdf78d51d0c5816c98205b","sha1":"a43d29a11e4f05d39e3548a720cc6bc72c14d4c5","sha256":"bbde4c79c4dbbe055a04dbb725c96c59e7c2df8dc50ad2c928a57d4f3a5dda7b","sha512":"3b911b01b7596a11eb171e89c11b2436b31f7012a8e6acf862b0d5fbd3fb803e2797472b439763f15c1610d702b61d415875922142f8214f99c89d0bea52e1f3","ssdeep":"1536:vFw/nWdK0PS517s7C6nxx1TtkldJdIRwOrp0qi+YlFAThe1OANtb:vFw/nWE15ps7C6xxlt6dP2wOdJYlmhe1","tlshash":"8573027761e9e5dff23b5b2fc698d31d0dea02a7322920ac018f00d9917516989e3f79","first_seen":"2026-02-14T05:30:50.832715Z","last_seen":"2026-05-24T00:49:23.314292Z","times_seen":7,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/mulish-latin-400-normal.163c0baceaf56d2a.woff2","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:52.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /mulish-latin-400-normal.163c0baceaf56d2a.woff2 HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13508\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-34c4\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13508,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13508, version 1.0","md5":"dde2379a58b73aa459e27d560b35ee4f","sha1":"8eff2352acb3b2de206c0444f4f704ed46cfb134","sha256":"9e7fe0edbc32bbda00bdef6dc0241bc78277a37d4ceeab5991c64d11915746b9","sha512":"83ed52c35a95b663e71452a250675a71e1f4efed85d732cdc6781dd13afab1bfe852aaaeea765165f615bd2d153bec4ef167934d31c20d9632e18c87d89b1778","ssdeep":"384:qNfWn6GyNb3qnZTRAaSqnoNxnMKoaUzQwwcNlc:kWpRRDPo/MKUfXlc","tlshash":"7052e00e6eeb6923639f12f4c117254fc24bae01e78dc26e84450693aff38a3521910b","first_seen":"2023-09-17T10:33:05Z","last_seen":"2026-06-04T22:58:17.777554Z","times_seen":446,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/logo.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/logo.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-e07\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3591,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8d33809c730c8e84f04d5a0772ddb04f","sha1":"0fdd959a0b026f40d8820a7b7958962e7fe7c4e4","sha256":"9192d941dda845685adf4a68a20c8f19b86feca407a6ba314071c5f34bd60422","sha512":"b710f9e86eb92529c920ca239ebad10891cc095e8d4b46e658af1ba99f63fe23ee468654be4f4d964628aa20d4dfcdda7e68d11218f00ed5ddd02dd8d4b3b13e","ssdeep":"","tlshash":"8271b1aad73df43fe58987addd18c46a22dd41eef988d36076189f1e14a51c10d48e90","first_seen":"2025-06-22T12:57:21.151909Z","last_seen":"2026-02-14T05:42:27.048305Z","times_seen":64,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/ethereum.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/ethereum.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-1c2c\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7212,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3fe499243090a7dc549b24c1b9429f7f","sha1":"3b2d21f6225ca42bdc073c72232d1a993b293b1b","sha256":"161524c2c8f622ae04f7cc826368f931e489fe7a990b68db701aa81dc8159f71","sha512":"cfa25450d0f995b67327ad5e9a1c6a516bb421a2b026257aa7e22ef9d96b166bf24db0e3a8c7a44b9c8bbfe2f16840b9a94f7fd3623786112d969c234775c5c6","ssdeep":"192:Ax6geMbCgSrnuVk5RnK7GdYZMlQXVNlLlN:x9gqumTdYSlyP","tlshash":"d3e1c7dd1f3107cce884d2fb6f2694d9318ac9fea5488885d3ba8d3aa4d14b44d5acc3","first_seen":"2025-06-22T12:57:21.20873Z","last_seen":"2026-05-24T00:49:23.070595Z","times_seen":219,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/MrTreasuresFortunePG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/MrTreasuresFortunePG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85367\r\nlast-modified: Fri, 13 Feb 2026 13:18:08 GMT\r\netag: \"698f2490-14d77\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85367,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"2e7c20cc329b1464869d826fcd9c29db","sha1":"6d962979e151669e0e24256c9a0f6a2081b6b44e","sha256":"f2585ad20a0bf6538c2389ff2ce6442915e995dece9919505f450d13eee7e474","sha512":"b5a911d193944731d8dcd9bf401c5090f54d3e9a1fec22e54927e2ec505fb1155753edd29249ffa1676d305f645e7041bcd2bb40d6e48c83e06ca8e0b21e51dc","ssdeep":"1536:YNn3S0CF7+EAAZb7HFUpq+xlfTFajytLPSVOk4xT0GKM+z+FO3n7Tii5t8QI:wnC0Cp+FAFepquFa2Mn4xIGK8FO37HTI","tlshash":"038302f8971231eaed768525cfd32f816698fb4164cdd8e683483f1db3a8480a9610de","first_seen":"2026-02-14T05:30:50.816462Z","last_seen":"2026-05-04T08:23:06.087489Z","times_seen":4,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/ZombieOutbreakPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/ZombieOutbreakPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 49948\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-c31c\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"983ae346bd81ff297b98d97a5d12271d","sha1":"04ba26c54a5a8cae258905cd4a525c6744347ecd","sha256":"a283406080b8126b1f683ae133dccb0fc77e3c4e734694acee82903e2faaa8e9","sha512":"28660a1381693bc30856c3ddbcb8513812766a610e6678ab743a52f0ea998ed45398bba793d69657b65cdd3488dd5153cf802a8dbce56b1f521c5a8a5aca60db","ssdeep":"768:LpUjeFhzAUliM7g4tWgLuxZpNBvYPrrgas8r27v3FRgl0ptJf8XLNJMqqT46k6hF:Lpq8OuLs5xDNqPnNC3rbTiRJMqB6DD","tlshash":"1623f16f6043d4e7a6174c940b1ceefe919620091cfce0bb85d68d5f7e7382855ac8e9","first_seen":"2026-02-14T05:30:50.791458Z","last_seen":"2026-05-04T08:23:06.152398Z","times_seen":4,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/FranksDinerRL.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/FranksDinerRL.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 61487\r\nlast-modified: Fri, 16 Jan 2026 07:05:58 GMT\r\netag: \"6969e356-f02f\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61487,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"21e86b59d710ab992258f03f6433de95","sha1":"0269ff87d7cefb663efa525fa16ff51c571a996f","sha256":"b420dd197064622c2f5de3078e11efb28be679785d947fecfe39a3b5543c4b88","sha512":"de6438bcc5c42b78d2a996afdfa8cab5f5df7a5127da71540cd671637a44216589a6a6141971ff0590ddf48f5ac93cd3a9bc8568c4ea6162d369cd99bcf4eed7","ssdeep":"1536:T/pbVzJ1x0mYm2rf0xB4kYFedG9JTn5D+82RmEOVjk5I1beIKAhsLw3b:T/FFbx6mqf0xB4ZA+T5D+Z1Ev1brzhsa","tlshash":"c85302d1391c9cdc0efe5aba8f17dc088ac0b657641eb5f6e4c71034ba43216c265a7e","first_seen":"2026-01-27T00:01:42.888817Z","last_seen":"2026-05-04T08:23:05.989651Z","times_seen":8,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/5f3ca08/chatcontainer.js","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:42:06.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/5f3ca08/chatcontainer.js HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:42:06 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 58233\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-e379\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:51:40+00:00\r\nx-node: m9-up-gc98\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":244146,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9f708963e8177d2b3d1a38dc4820f064","sha1":"3ea95e21bd9f5717ec847711825fe1bfc5650570","sha256":"fa5e4af61c2153dcf52ff929360102348261b28e5d9fd4823fc5ba33cf350dd3","sha512":"5e430e6d1fec1f540efe6292925e5d824472306a939e336a9893b995a1478836ba0b3447e1589e1fe68d8d13b1bd26a61c8ed5f109e6b50537e72eedfc6c6da9","ssdeep":"3072:1Hc0Og6iAPmTwF42omI9rXDe5Uiga8SrDcN:hc0UiOE9YZgaTDcN","tlshash":"40343ad071d0e8bc42e641daa43f6100f2292d2df409b958f3f8ddd9ab5598e2266f3d","first_seen":"2026-02-10T14:36:06.467051Z","last_seen":"2026-02-17T17:00:15.6702Z","times_seen":104,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/banners/win-15000000-lootbox.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/banners/win-15000000-lootbox.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 395196\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-607bc\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":395196,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"401e7195e5bb89825620d65e150ec99c","sha1":"f8216cbff4be600192536b6ed09d68ad4194544d","sha256":"34fb62a5e99ed593df60a3ef1a6b1629ea9ebf6896ea246691a946f582e77ba1","sha512":"6cfbc15b6ad2edadbc3d00f8c82ee0e05dc5feb593a17e14df4b0075ed993222f4b674b4cdd94d3e14758ec48c0bd0922f48ab443dc352764986181864ab5a4c","ssdeep":"12288:ErAm6TybOLF6YLXLdI/n5ap2iNVFoHTPqKp:EvbOTbGn02iuqi","tlshash":"ce84237341f449ee0126503b616bc8ab7e07de835d4ee8ed9fef98900ba25c5738d152","first_seen":"2025-06-22T12:57:21.016136Z","last_seen":"2026-02-14T05:42:27.052023Z","times_seen":81,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/tournaments.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/tournaments.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-6a3\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1699,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e15edb0047f98d1b64ce4a4d4a79c670","sha1":"9fffc6cf696913da48da33d1ab1703c4d9785e34","sha256":"5e8e6239d9dae59cf44a70227be537098b03dc422cad8aed17b24decf32b0c45","sha512":"15e8ff6bd2aabb1248d7eecf2085b37cf721942bd404f74461c1fc23a712e3869e72cb8f4464268b7d06595ea0d78e6bf01f2b4507263381786f78fdac14b2b0","ssdeep":"","tlshash":"803194ff4710f9c8f187cbbade132d21316968bd5d8282ca2570e6e0f830351c959c88","first_seen":"2025-06-22T12:57:21.026936Z","last_seen":"2026-05-24T00:49:23.309422Z","times_seen":137,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/footer/payments/interact.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/footer/payments/interact.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-55a9\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57e627c8fe520cf7fe6b7ba25697fe55","sha1":"4cfa9683305eee2075b9d4ffcee4e9575dda5838","sha256":"667d2b41d58cb58ea47f10ee14786069ee1625f861606772bd25bc980801642a","sha512":"865b8ad40bde7fc463caeabdd8470aff1794d15ca447fbb551d2ff8c71b5e572c764431482383735b52118849196d40fda3c6203b8bc0f52d67685cc4e9c6fb0","ssdeep":"384:faSlKW7ESNjUd4qT9v6KM2FlaD9+6cKUV3ecXko:fh7zNYdkKh+9At5ND","tlshash":"29a283e9173493dc98c7994fff32ed94531f64fab9a681c0896fdb58949b8c0fa06804","first_seen":"2025-03-08T14:29:59.761442Z","last_seen":"2026-05-24T00:49:23.45943Z","times_seen":220,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jivosite.com/js/bundle.js?rand=1770729112","fqdn":"code.jivosite.com","domain":"jivosite.com","tld":"com"},"ip":{"addr":"95.181.182.182","port":443,"asn":210756,"as":"EdgeCenter LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:53.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jivosite.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Sat, 05 Apr 2025 13:51:50 GMT","end":"Thu, 07 May 2026 13:51:50 GMT"},"fingerprint":{"sha1":"91:23:D5:42:EC:58:B2:51:EC:57:F6:5B:46:CF:F5:2F:07:F2:2C:A3","sha256":"15:FB:10:F4:11:BB:CB:AD:9E:84:5B:16:F6:74:34:08:80:C0:40:EC:9E:C7:48:9B:F2:28:5B:50:81:78:82:8E"}}},"request":{"raw":"GET /js/bundle.js?rand=1770729112 HTTP/1.1\r\nHost: code.jivosite.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 14 Feb 2026 05:41:53 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 339471\r\naccess-control-allow-origin: *\r\ncache-control: max-age=86400\r\ncontent-encoding: br\r\netag: \"698b2a9a-52e0f\"\r\nlast-modified: Tue, 10 Feb 2026 12:54:50 GMT\r\nvary: Accept-Encoding\r\nvia: 1.1 sharxy\r\nx-geo-shard: ya\r\ncache: HIT\r\nx-cached-since: 2026-02-13T13:12:34+00:00\r\nx-node: m9-up-gc98\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1539171,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3c0cc91f1a0e868e112b93f5e71d5361","sha1":"3fdc1b4c448334114515b0ca6f2f0f3d83e0eabd","sha256":"5dbc4be5ac058482599329a4e302477929d837c7cb5285bf069cbe4c38b8ccbf","sha512":"9d93bebe9a66d94ec97c199e346ce6ac03f70498b93d22015149090e3109d20c2aadd54fefdac43e4e30c808ab4d41555979d25c6de584481189217e569673f3","ssdeep":"24576:j5h1n2wU6C3nmrkmYIfH6+rlCrL3RhKfIapRuky+o7jm/5j9I/qd:jj1q3mtY4drlCsIapRuky+o3m/5j9Ii","tlshash":"c2254ac5b1c1f46502d355e6643b2009f23a285e7809b064fabcddcbfa6659e6233f39","first_seen":"2026-02-10T14:15:11.540974Z","last_seen":"2026-02-17T17:00:15.661685Z","times_seen":212,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":176,"dns":62,"connect":57,"send":0,"wait":58,"receive":178,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/mulish-latin-ext-400-normal.010c30bc62bc9d6b.woff2","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /mulish-latin-ext-400-normal.010c30bc62bc9d6b.woff2 HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/styles.a5da7c548c33834e.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 12612\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-3144\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12612, version 1.0","md5":"4f34f0c29ef320b535bc4a258318b5c1","sha1":"b75380be26940aec716323a8537ae4c1b2e4252d","sha256":"bd31d387808eab8b6d39d6cf8ce3c11cdc69e93df8a3998b8e218a9427d4b6e1","sha512":"fb4ad84d88ea933dfafcd04e9e736c3893e1e90b56850c7d76f77a4c618c34db4e331d152276071d3432f05a8fcb79d5ce377405fa133f296a075ea687f6c034","ssdeep":"384:rbBt7eesr8mpH68SNdMusAHQOhU0WEumyhv:XBtXBmFTSBwOy07yx","tlshash":"eb42d0721f8981a0d31a3878157f932f46ea9448f2741f04ab4fe320e19d997760fa67","first_seen":"2023-09-24T13:57:41Z","last_seen":"2026-06-04T22:58:17.755136Z","times_seen":75,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/new.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/new.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-244\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":580,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc24f925ce9f71141fd58a502bfbc9e8","sha1":"e22d7ba61603fdd9fa5128e2dda4c772aa341bc1","sha256":"d6e297afb36f8e26488ea2ddeeaa4a63fe69c0b65629bea22570be336b471061","sha512":"3d6925fd4876e62a5382d7645aa9343521935cff65c95fee33a677922b7baa7cde21bfd7caa412c9d6eb3a9c4b7119f9195eede3d382293a6fcd9511fa7fb1e1","ssdeep":"","tlshash":"01f0e1e1cb39e4c8e086493edf557ad8632720de59456989f264eb1ed1c6ac2d005494","first_seen":"2025-06-22T12:57:21.14658Z","last_seen":"2026-05-24T00:49:22.985802Z","times_seen":138,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/loyalty-main-page%D1%83.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/loyalty-main-page%D1%83.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 193194\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-2f2aa\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":193194,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"e30d65722a1e0ab97362f1ddcab6ba93","sha1":"372bedc9e895f655ce474135411a3e236cdcc23b","sha256":"798e2024eddca491811fc5758b3841ca785ec3631b79d76ec667f6b26066d016","sha512":"645c1ee8c56c264ebc46978c39bffca84f591f6f4c38a0bf86d45480c0ec693ecea06df869a443cc55b78343cf13524f9176dde452b0301bf5b07e224fd47193","ssdeep":"3072:UJc+tp+SBW/AStGPy5BQG8JXXeSioscoOWZ90mR39Hlg7W+KS7nFOxYJuIsmEpc2:UZtoXG85KXgVcVWn39HlMW+KSsxNdmE/","tlshash":"8b141242b4f06244f6fba81678f6ed2f00c8969592c2c0197fbeb61cbf534939b56483","first_seen":"2025-06-22T12:57:20.960181Z","last_seen":"2026-02-14T05:42:27.054986Z","times_seen":81,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":102,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/hot.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/hot.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-1c3a\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7226,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eb3ba9023fa787286797622bddc92b75","sha1":"6f7937716df7b17c4af10e585da1ed241c382155","sha256":"e3eb5eddd056852d9231c8c28ea312a26f41e27f62a34de5a6fee370b9994264","sha512":"0bd6a49d9b9ed48128deae65c899ff852fde42e9b77708ca96ab47c86d967b89834d60521d8765ed54751c9f9a1dc8ab4570f233441d4ad75beca0293cbed07d","ssdeep":"192:JwzJxB59Mx0Qgr9Pzg5XWUh15uek59Mx0Qgr9Pzg5Xj:JMKdgrdzg5GO5Ttdgrdzg5z","tlshash":"cde1dd060354d77c6a86c50cce32a1a6369b14cef2efa0eceab39641f4475f5d274938","first_seen":"2025-10-28T14:54:47.394935Z","last_seen":"2026-05-24T00:49:22.620696Z","times_seen":15,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/BattlegroundRoyalePG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/BattlegroundRoyalePG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72001\r\nlast-modified: Fri, 13 Feb 2026 13:18:06 GMT\r\netag: \"698f248e-11941\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72001,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 464x348, components 3","md5":"7206d04880d27c462586b730ec8e1afc","sha1":"c2d49e21d38f53986652d44ddf3a18f42b244f90","sha256":"997ddb414435246d39f32a6bcb65974f9657be2fff4af5f8a3af8af678a6270c","sha512":"dde0709b80ddf6febbb665a0c94a3d45e63515d7d03cb746237dc402780e8d0e4d772642233f84becab7a79b26d35feef8000a8c323e1a5f8ed884ce4e0a37c6","ssdeep":"1536:cU2RWTPwdUmVFlUSRc9Svb9N0YlEtTKHxbZKLQICnvyrE1Y:cUBTotVFzRRlXrlICvq1","tlshash":"3463121b16c1194f73aba4a4cdb65d8bc8d31b2dd3622591d8c686a1fb3cce53e4843e","first_seen":"2026-02-14T05:30:50.822078Z","last_seen":"2026-05-22T01:16:04.648741Z","times_seen":5,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/bg_main.png","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/bg_main.png HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/styles.a5da7c548c33834e.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 17304\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-4398\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17304,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"62706bc8b5d9d4ade922f3a7f093a959","sha1":"ee6df196e64020009878c84b7bca012c8a5b894d","sha256":"12b335ee9d70bbf7f5b56eccb07c4b2266d672896e737bcc7c3668264d3171a9","sha512":"002660356581c0bb95b97dfe89dad21828011e6ef18f73ae16271617facf439a602c44c5a18c63c25a10317cbd96158c6a9b81fc778a7a203a39dc29676e08db","ssdeep":"384:PKVwOCBom5K8Lvs7z34NQOuyF5xchaDnIWmVomKfPBHkFk/fcJNU:DL7L01DJWs4BAJ+","tlshash":"5472adfef18f954673e3e1cb10e5488ca603a094f47e2f8bdf59b0642d85406236d8ae","first_seen":"2025-06-22T12:57:20.975336Z","last_seen":"2026-02-14T05:42:27.056757Z","times_seen":83,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/categories/rocket.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/categories/rocket.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-566\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1382,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e1c0341cbec88eb6c9a871222f5a4de","sha1":"7eca055c14289a64ceff32cea6e190bea17b4f20","sha256":"9dfdbe962b955d376dcc1e291d6d6863623c51e5bfec9d0a3a65976df400b402","sha512":"d9e7914c7ba0d990cebf7d7e18abf82191c225cff96d4c62c3d028df502428852f98430db18285f11dccb4fbe3b5a9ac28d64ef36b2d288ba6e2198a95194a00","ssdeep":"","tlshash":"e22102d75168934da9cd961aef60eed5332ea07fb1fa80c19c5f161c624aed1f006060","first_seen":"2025-06-22T12:57:21.037098Z","last_seen":"2026-02-14T05:42:27.057237Z","times_seen":129,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.kometacas596.click/api/tournaments/kometa?lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY","fqdn":"api.kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.kometacas596.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"70:13:E6:67:39:01:12:20:C5:E7:1E:B4:7A:50:E4:71:02:5C:85:34","sha256":"A9:EF:91:AA:01:53:33:26:FB:A8:21:80:D3:E1:2F:C7:6D:12:29:45:F2:F1:8E:DD:51:27:7C:58:A7:A0:04:C3"}}},"request":{"raw":"GET /api/tournaments/kometa?lang=en\u0026pr=kometa\u0026key=MZmWqJFpvmOKruZRO5dmzAoOY HTTP/1.1\r\nHost: api.kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://kometacas596.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5779,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"55d44805a85c7f48ab711f4b2e640429","sha1":"75d551c4bd0e53d5f1141d7d236bd9bbbff908be","sha256":"fdb2523dfddd02456502c97e5eb382b3a056efda336778b5bf0189cfe6efc812","sha512":"c8f33762a03174d3f600b9e92d49638d958e0acaee6cadaa01a0613e739518f5f2e93336617379dbb6fd573ffcae9de1ea9ba26d65df72d680b1595759fc4fcb","ssdeep":"96:mc6CqJQKoREWHbzGDfAW1qt7EF6qJEjyM7ozPW7rbiAfIQ3DctGD5r64JbjP6ADg:mtzFqtY3EeQWactA5zbjCAJCTKvm","tlshash":"e0c164b842a922bdf297f6747f9be6f01669700ec2c4c88d96bdcc0c548457e4ab16f0","first_seen":"2026-02-14T05:42:27.058003Z","last_seen":"2026-02-14T05:42:27.058003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"api.kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"api.kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/tournaments/sec-tourn_desc-9.webp","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:54.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/tournaments/sec-tourn_desc-9.webp HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 451440\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\netag: \"698841a1-6e370\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":451440,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 420 x 600, 8-bit/color RGBA, non-interlaced","md5":"02f69cf9e61c3405bb08808c6003b3c3","sha1":"9a8f34003bbc659d6873f938605846612e5d618b","sha256":"0848ebc90bbc0e7d437f1b34484fe8e9195fc585f0c74abf0bdec22c1efe5628","sha512":"e9220439952ac25e6165957f9aa117da4a3f2264ade33034e73d7190d50eca2b6cf803d9096c2b37fb7a2acfaff1b1eb532fda4d055b414e9f68b5989b3dba32","ssdeep":"12288:dCmpfZiuKibE73bFhmsgEsDkKun3Z4aRDCeu:dLpfZiVi2FfWun30","tlshash":"0ca423a8d968747188f9d5352397d0e20b38112be7fb35bb5b46bde13295cb08f51238","first_seen":"2025-06-22T12:57:21.037982Z","last_seen":"2026-02-14T05:42:27.058932Z","times_seen":56,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/assets/img/icons/play.svg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:55.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /assets/img/icons/play.svg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:55 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 08 Feb 2026 07:56:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698841a1-1b4\"\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":436,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4fc5a576140e5f382849f839911cdc79","sha1":"87a8d2c5adf8db75db685a4c1b2e42954d10a1fd","sha256":"fa9e09f5a8f4ee8040af6d12e5bd9e7076c1501c199427519cc090605aab3422","sha512":"3377dbc96a3dbb01ce07f225dc97c0c6b3eba25ffec4e2edda7d629415514a582d3ef362b3417fdd1db5099982a0a51f9f25000c180ff47f6e7f17360513b558","ssdeep":"","tlshash":"1fe0ab90c99ce6b0e4161fb0e93c69f9a4653090b6180ae84bf02bb8b830cdfd04ad85","first_seen":"2025-06-22T12:57:21.095257Z","last_seen":"2026-02-14T05:42:27.059465Z","times_seen":64,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kometacas596.click/games/ico/FortuneTigerPG.jpg","fqdn":"kometacas596.click","domain":"kometacas596.click","tld":"click"},"ip":{"addr":"85.121.149.180","port":443,"asn":0,"as":"","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://kometacas596.click/","date":"2026-02-14T05:41:56.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kometacas596.click","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Feb 2026 10:46:55 GMT","end":"Wed, 06 May 2026 10:46:54 GMT"},"fingerprint":{"sha1":"A4:5C:69:2B:3C:9E:64:E4:1B:83:34:61:74:71:47:05:AF:AA:B7:94","sha256":"E7:B4:46:89:DD:5F:6F:EE:09:BF:97:84:AC:8A:27:4C:48:E3:3A:18:AB:FD:64:83:90:89:70:E3:E9:64:2A:31"}}},"request":{"raw":"GET /games/ico/FortuneTigerPG.jpg HTTP/1.1\r\nHost: kometacas596.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kometacas596.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx-rc\r\ndate: Sat, 14 Feb 2026 05:41:56 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 74221\r\nlast-modified: Fri, 13 Feb 2026 13:18:07 GMT\r\netag: \"698f248f-121ed\"\r\nx-content-type-options: nosniff\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74221,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 440x330, components 3","md5":"2187c0e0d09986e4009999397d81012b","sha1":"c4fff49e460eb18df16b5a9533749f3c502135b9","sha256":"d4c77aaba2b79d5e24ce64e67b1012e30457162e77693f6736e365f2c79c0ef0","sha512":"e1eb156ab0984a3c5bd3fe48305f124da0a77331fa882b567e0a7c4de13f4ce4b838222baa1b94f059f4ebce5a22f58369f9b119af5e4eafb02365ea0da92fad","ssdeep":"1536:E/04Exvd8m99iM7wJCwrzXQ1slg+7cDkqkbvKvlRTKgX:E/lExvd889iM7Hwrs1VbDkqialRZ","tlshash":"527302169454b9c6f971797b5c73e6d70cf9e61220e89cd958cd39e2f90efe23240290","first_seen":"2026-02-14T05:30:50.871626Z","last_seen":"2026-05-24T00:49:22.594022Z","times_seen":7,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-14","alert":"Phishing Block","trigger":"kometacas596.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"kometacas596.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}