{"report_id":"2967e585-e44b-437d-b10d-fa6e2964f5f6","version":6,"status":"done","tags":["netflix","phishing"],"date":"2026-01-06T14:30:06Z","url":{"schema":"http","addr":"member-netlfix.mysch.gr","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":0,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"final":{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"title":"Netflix","dom":{"size":5869,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2278)","md5":"56f25d3892266e49c8a4a6b3ac2a9253","sha1":"1b627706467cbeb2d07a84e2d7b1ba5b1c4a3a22","sha256":"e92a1d557afc609cd98dc8bcba624496eb5ed2a2e179fa65d9ac713afa9a20cc","sha512":"9fc830a8f45b97f843f4cd22ae983e852f8b4d87a7ff663a17e849310fc7aaa52aa53fe91513c4f19c4459a977ece89890e72ad9f4ec6e5609fdd68378a88c1f","ssdeep":"96:n4/A/6n990H1uNaqU4yDITJdNuouvolOp53lo:aAE9k4/lud9o","tlshash":"85c1b871e2b4026b2c2381ce74d65fb238d28362d991128472fd4f5d0fdfc93c96aaa5","dom_hash":"domhasheef66b467457fe37a5ec7fd3053f8a4a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"member-netlfix.mysch.gr","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":0,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T14:30:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"summary":[{"fqdn":"member-netlfix.mysch.gr","ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-06T04:18:10.931463Z","last_seen":"2026-01-06T04:18:10.931463Z","alert_count":40,"request_count":10,"received_data":435667,"sent_data":5657,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-01-04T22:27:18.120727Z","alert_count":0,"request_count":2,"received_data":295754,"sent_data":1006,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f63dfbdcc649f13af4791a90e51f7907","sha1":"b3cacef9fccfa42aaebd61f046f2123eca598973","sha256":"60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf","sha512":"596f3f8f19042ded820221382ef41fc26d6b6a3392f0f1dab020b1fa49c71b48011edf045f14ba4fab494531ae0d056796eb80bccc561788fc48d14329c78b16","ssdeep":"768:QkN++EvGHWyOOY/JaAxOlU5iBNY5XPxyvTPBVRKwi/C9rfz7uxk6yH8Xae53XC7w:QpxY+t/Nhh+1d76KV2O9Ed","tlshash":"6f43b6563244b9330ade84e68172430bf7195d98b547816cb5bcacde2b7dc827273bb8","size":60577,"data":"","first_seen":"2023-09-22T01:14:35Z","last_seen":"2026-06-08T23:16:28.979018Z","times_seen":2022,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.2/dist/js/bootstrap.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://member-netlfix.mysch.gr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 17209\r\ncf-ray: 9b9be8ccfe610b59-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"eca1-s8rO+fzPpCquvWHwRvISPspZiXM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230119-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 2783903\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=y3wNO0HoXA5oB9QVXBJe5ebv3E9rCiFpOauSHK74UcB77CfNbeoEhLP%2FefMtZq0r0fLfzheys%2FdvNCAsnvGKyPqjNggwKDfzJXHbgegu8ZinZDIU2c9JptSP21idzu2DbbI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60577,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (60298)","md5":"f63dfbdcc649f13af4791a90e51f7907","sha1":"b3cacef9fccfa42aaebd61f046f2123eca598973","sha256":"60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf","sha512":"596f3f8f19042ded820221382ef41fc26d6b6a3392f0f1dab020b1fa49c71b48011edf045f14ba4fab494531ae0d056796eb80bccc561788fc48d14329c78b16","ssdeep":"768:QkN++EvGHWyOOY/JaAxOlU5iBNY5XPxyvTPBVRKwi/C9rfz7uxk6yH8Xae53XC7w:QpxY+t/Nhh+1d76KV2O9Ed","tlshash":"6f43b6563244b9330ade84e68172430bf7195d98b547816cb5bcacde2b7dc827273bb8","first_seen":"2023-09-22T01:14:35Z","last_seen":"2026-06-08T23:16:28.979018Z","times_seen":2022,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/images/bg.jpg","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/images/bg.jpg HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/assets/css/master.css\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 297346\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"6885ed56-48982\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":297346,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3","md5":"52c4dc324b1d6ea1b7c9386943ce1f25","sha1":"b87d84305d22a782d07b54b544abd888344c6108","sha256":"d3577819f555a573df94db7a514b682703ac7f8771939c676b2816c1e7162510","sha512":"5c5119c2b8f63c801b229c23ab1d4ac84e34703da340ded2e0872afd7d055021315918e959ca50be1add97a78a783725faad619c598428e93792fcbf1652ce51","ssdeep":"6144:qEUKBHvNsVpZJBhz9yrmtWVrzsl3dQFZI7Mnaew:8iVsLt1sFMMnaew","tlshash":"7f542315f6b57c47c69718223531388b2a82d4d0cddcc4d83de126be68a36f426a7d1f","first_seen":"2024-06-09T17:44:11Z","last_seen":"2026-06-08T23:16:28.974808Z","times_seen":57,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":334,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/fonts/Medium.woff2","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/fonts/Medium.woff2 HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/assets/css/master.css\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 53940\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"6885ed56-d2b4\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53940,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53940, version 2.6554","md5":"ea769921b0cfa4fc6d4d1a2e0b1fa5ff","sha1":"34dcd2875c9752ebba6f894eb8d410e4958cc1b4","sha256":"9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e","sha512":"f0ee2f0c81a8253783306602b3d430be4ff2a33e075ab77cce6834d5a6452f2c64e7d395aa98b92d694d53ffc8da2bf5226528faf62de3a687911dfc279c39cb","ssdeep":"1536:cQYyppexSSgX9x6olOQ26mZJ/F6EIHhFsgHFkW/:cjw9X9/Yplg5HhrlkW/","tlshash":"7633f1039fcf714a08b7be7facca496b6059cdb7986a025fde3f498490117025a41e37","first_seen":"2023-05-02T12:35:36Z","last_seen":"2026-06-08T23:16:28.975991Z","times_seen":2373,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":321,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T14:29:44.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5 HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 2219\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":5963,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (2278), with CRLF line terminators","md5":"f1a090bbb2e24e4f619f71f422772352","sha1":"9a494fa4dbb9a292c689972bc793e879c16fcaec","sha256":"7ee8e410198c8d9f058b1666eda631741500a3ca3e3d15fad46f3da6a9ffc715","sha512":"da718858ece4a35f714012ce5129167d410f31f3e704c62bbe517caf845f54c3c7b2fe4d13a9c7b6753e643882d2b853a44d44bf21265a073acce006a4df00fd","ssdeep":"96:Dkx/bn990H1uNaqU4yDITSbNAvTtSoDNum:Yxh9k4/+lm","tlshash":"1ec1d770e2a40a2f1c3381de74d55ff2f8928361e641524472fd1b5b1ffbc5289abaa1","first_seen":"2026-01-06T14:30:09.148444Z","last_seen":"2026-01-06T14:30:09.148444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/css/master.css","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/css/master.css HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: W/\"6885ed56-11c0\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":4544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"83a1d18c0b59c36c7093ca48bc6dd759","sha1":"44e2eeca400165e116cccdd02e5bbc233dddec0d","sha256":"167cb65a8f638f105f7332df0ed13075581e9db333340f173f257649ce72ced0","sha512":"aaf7e838fd7d5dd784eedba30c3c50f26fe94a6ab52805fc1bb538f09567248b691bde695da1196a53ea46468a429361d1342e6929db5a7573ddbd1cd57cbf09","ssdeep":"48:uO8NNP3mDAgzm6KdEtpOabEVd+bw3Ad88T7qstluqw4liBTFPLH5vfZVFQ5XhSd9:r+LGOtd+M38NluV4QThLZvkdd5T2lTd","tlshash":"a8919a2ae285204772375b38b363573aee3e00a79201467d7bec36a86ff50954561fcc","first_seen":"2024-06-09T17:44:11Z","last_seen":"2026-06-08T23:16:28.977708Z","times_seen":57,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/images/screen.png","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/images/screen.png HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 602\r\nx-accel-version: 0.01\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"25a-63ae590b58180\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 22, 8-bit/color RGBA, non-interlaced","md5":"3618aa278df055e9b308fdf0a9827fdb","sha1":"300a3c9e7f541144a9570e767e3374bbfa4f9fd7","sha256":"6f543c0edbca833491426866ee7f191539dcc6a1e04de7bafe6f91c6efaab94a","sha512":"4ff4b7efb636ae714109e9b9c859a184e92c5b2751b7486092a307fe407dc4b1cc5eb3f218875f8944bf21d9ee6f4704d7e4544332d84651289463f9e1c42fad","ssdeep":"","tlshash":"bcf062fe8b6a088cc7480032a79360805c9314cd4dc5fcec0e1224582f3d48d52147a3","first_seen":"2024-06-09T17:44:11Z","last_seen":"2026-06-08T23:16:28.979602Z","times_seen":54,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/images/footerrow.png","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/images/footerrow.png HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 385\r\nx-accel-version: 0.01\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"181-63ae590b58180\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":385,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 20, 8-bit/color RGBA, non-interlaced","md5":"db93e87eda2024ee430b4772c0a55796","sha1":"060ee435231441e9077e00cbf3d7500f911295c0","sha256":"eb35fe195b91eeaeb63fd5768075e279b8783c80b41d43293fd8a6f465220d9f","sha512":"a0d2093ca3ece271743d12929dc5073cd977170de08bda353beb958251443acc39a72696b9e916bf54dc93add5d6bb908b75da317519ac2c64ea7c80078ffae8","ssdeep":"","tlshash":"c0e0f8fb4e930c9cc24e4832cbd370006cf910c815d8e08824d2166d2a28ac2a3e2f62","first_seen":"2024-06-09T17:44:11Z","last_seen":"2026-06-08T23:16:28.974016Z","times_seen":55,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/fonts/Regular.woff2","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/fonts/Regular.woff2 HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/assets/css/master.css\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 53304\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"6885ed56-d038\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53304,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53304, version 2.6554","md5":"0bf3177f1fed6d953178221fba43c7e8","sha1":"83d9f039f1ba7209321c7da72d3dc6a9aa5e2ab3","sha256":"c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167","sha512":"76ebfc377313354b469aca9695cdc28bb76e8ff015156d0f2ddbb45c763d4822808014e8e742ba3dfa447981bbdd2b7603e852c77b78aa52ff8de452094ecf0c","ssdeep":"1536:t21aKxDJpWmqPuw/L5muh28j0JPVMib83e50+kPmb:t20uonjYm20MVM28uDIQ","tlshash":"d83301020c97d667910cca53e475a6bfbcc0c7c09a68d0d91a3ddb779b4b0ca8c9ea06","first_seen":"2023-05-02T12:35:36Z","last_seen":"2026-06-08T23:16:28.98102Z","times_seen":2491,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":333,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/images/favicon.ico","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/images/favicon.ico HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 9854\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"6885ed56-267e\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":9854,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"58f54d9ea15176671802bebeee4da4cb","sha1":"4ba1cb97814772435962f3ac25af0def81851735","sha256":"9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3","sha512":"32e6c1ac6220b03bafb9215e4db4cf91352573c34a82accc893b4c7d4d3194d495e241c2f814372930a988688492926fe1d9a5576d2e46378c9f6d1e927c71db","ssdeep":"48:5uZhmwr2VEbaA+8H3J7HZqH0S/DHDHp8HfH5gAaqHwMqHBVqH/6BqHAtvqHAAcqK:shm0AN6YHEOFtwVPmyqPmorAtAco","tlshash":"8a12a02710c35d6cfe016eb8d297ec3a517d40ddeefe82e79a81bd390612146a5cb8e4","first_seen":"2023-09-08T13:51:14Z","last_seen":"2026-06-08T23:16:28.981505Z","times_seen":2121,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T14:29:44.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:44 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=h7lt4d56o344006k7926nr7399; path=/\r\nlocation: app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nx-powered-by: PHP/7.4.33, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":5963,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-09T00:17:25.723561Z","times_seen":16254457,"resource_available":true,"data":null}},"time_used":766,"timings":{"blocked":171,"dns":0,"connect":82,"send":0,"wait":424,"receive":0,"ssl":86},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://member-netlfix.mysch.gr\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 33186\r\ncf-ray: 9b9be8ccfe5d0b59-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"38df4-HxOZgbm0enZu+gphu3ito1HxbEs\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230033-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1763370\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2tNcrxXN1hResWq%2BJy0sZMuh1Dz78FzB34Wq0vYOD4M2eoUzMEklRjd0ZJ%2FSiTjcfMJWmdraOnE2EN2MP9QHR7XKYyjvC3h5pJMmoYuVsKI9%2BNCWaa2BA%2FPzmgHiMzIytCU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":232948,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"cd822b7fd22c8a95a68470c795adea69","sha1":"1f139981b9b47a766efa0a61bb78ada351f16c4b","sha256":"3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df","sha512":"6f641c4b94ac03cb59a1d703b464442e21afe5268a4a4d6f0c70da41175ad21b4f61667ad38ea5af7909e5b00041da55da6980ff8bf4c1017d33253afe90c802","ssdeep":"1536:m9YnIWbn98fhRfvO5wlP7Qy9P3CV98IsYRElV6V6pz600I41r:pnIw98fsV986I6V6pz600I41r","tlshash":"c63482d6f590317d9ca7c1499681fefd8a6fa985cb1209a6f003776807cabd30962dcc","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-06-08T23:16:28.973497Z","times_seen":16528,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":7,"dns":0,"connect":2,"send":0,"wait":19,"receive":2,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"member-netlfix.mysch.gr/app/assets/images/footerlng.png","fqdn":"member-netlfix.mysch.gr","domain":"mysch.gr","tld":"gr"},"ip":{"addr":"194.63.239.145","port":443,"asn":8248,"as":"Computer Technology Institute and Press Diophantus","country":"Greece","country_code":"GR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5","date":"2026-01-06T14:29:45.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mickosmas.sites.sch.gr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Dec 2025 04:49:11 GMT","end":"Sun, 22 Mar 2026 04:49:10 GMT"},"fingerprint":{"sha1":"46:41:2E:DF:C3:AC:55:2E:6B:19:6E:12:DC:B3:C7:30:DF:31:42:BB","sha256":"7A:EA:58:5F:91:13:7C:E1:BF:B6:AA:80:8F:2F:CC:B5:BD:5D:D0:61:D9:3E:37:2A:E6:89:33:A0:15:95:D9:8F"}}},"request":{"raw":"GET /app/assets/images/footerlng.png HTTP/1.1\r\nHost: member-netlfix.mysch.gr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://member-netlfix.mysch.gr/app/index.php?view=main\u0026id=a82b727020fdd1b4c3f6e65340c68db5\r\nCookie: PHPSESSID=h7lt4d56o344006k7926nr7399\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 06 Jan 2026 14:29:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 908\r\nx-accel-version: 0.01\r\nlast-modified: Sun, 27 Jul 2025 09:11:50 GMT\r\netag: \"38c-63ae590b58180\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":908,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 22 x 26, 8-bit/color RGBA, non-interlaced","md5":"b2b0e0703abf5c18f39c31e3dae89ea0","sha1":"f5a15245897bad26dea701b6a61cdfffee23d80b","sha256":"5c1a6a1b15581ec115e4871306aeb835b869eabcd52584df2565747a3d5dc8e4","sha512":"fb8385f4a4fea0d97a965fd0e127d4b4292751bf4f0b56d1adc87109b20d6fdfc3cb34f91348110b1013166670e7c31cf5f6ba1faf9ee1f5cd9d96745303fcf8","ssdeep":"","tlshash":"1a11b7f8f71ca4a1f9438d609b4b7d057f5a08fc9bc08c900080c25e2831ac03249ab3","first_seen":"2024-06-09T17:44:11Z","last_seen":"2026-06-08T23:16:28.980171Z","times_seen":55,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"member-netlfix.mysch.gr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}}]}