{"report_id":"69b552a5-63fe-4746-b15d-8c6e3c458c0f","version":6,"status":"done","tags":[],"date":"2026-04-06T12:36:07Z","url":{"schema":"http","addr":"support-help-netf.com/captcha.php","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":0,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"support-help-netf.com/captcha.php","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"title":"Are you human?","dom":{"size":12738,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1037)","md5":"79c09b759d0491bbe8b21d17c7b08aa6","sha1":"8e3ac8add8492a0694f0f570fec5aee0578310aa","sha256":"e98e25a15d6272e09c57f151037a1f2e427e1b440e0c025f825e4a0e36ea6f05","sha512":"466d1e7ebaf38f8cf92aefcf2056564c0ed9bd020293e7c0387cbac0f624a780e5b1a6fe5130206d3d150e089545b6c63c2d7c94c4d8521bab3d90ea1cd81756","ssdeep":"192:rTkG+PgIo5kWAh2+FQ6gCwDrXerCyJFtgjiIbaJaFMiRPj:rTkG+hJFiNRP","tlshash":"314295aa6ab310a57c13e7ba3bf746487722d0038909dd783ecc56584f86ae44c53f8c","dom_hash":"domhash7e64dac4ca5ddbead39e2024892c4503","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"support-help-netf.com/captcha.php","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":0,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:36:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"support-help-netf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"support-help-netf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"support-help-netf.com","ip":{"addr":"45.74.47.162","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T10:02:13.054984Z","last_seen":"2026-04-06T10:02:13.054984Z","alert_count":6,"request_count":3,"received_data":16642,"sent_data":1532,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"support-help-netf.com/captcha.php","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"91eaef356944fc6da79bed94426c049e","sha1":"95f190efadd4e1af8e5d03f3147b53ca22d40336","sha256":"c4952551bc78b5b2db97d862e1d56bc472ce592b4f56cc32a07488b7506a84b6","sha512":"076fa48c50784809a1adddde4287c2d76bbde18839ed7ae8328328512a1a78c36c3b7ce53674d317a44a0eafd75351eaf7bde650b77e72793d5c8ac2a32cb8c0","ssdeep":"","tlshash":"8b5111bb38b325950567bbbb236b82055031b1033c09ee95364e5e101f4baa93467eac","size":2527,"data":"","first_seen":"2026-04-06T12:36:08.947613Z","last_seen":"2026-04-06T12:36:08.947613Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"support-help-netf.com/captcha.php","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:35:45.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"support-help-netf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 13:33:47 GMT","end":"Fri, 03 Jul 2026 13:33:46 GMT"},"fingerprint":{"sha1":"3D:36:47:5A:FF:65:F5:95:2F:64:DE:36:31:B2:12:E5:A5:DB:7B:60","sha256":"92:1A:74:FB:B8:8E:2B:11:1E:E4:75:4A:A2:C3:21:B6:96:67:3B:51:2E:0D:7A:E5:58:F9:61:7A:25:C5:C0:01"}}},"request":{"raw":"GET /captcha.php HTTP/1.1\r\nHost: support-help-netf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 06 Apr 2026 12:35:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=3nbqc1fbe3sqg2pf6apth98vjv; path=/\nuid=user_69d3a8a1b28bf7.80789931; expires=Tue, 07 Apr 2026 12:35:45 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=Lax\r\nx-powered-by: PHP/8.2.30, PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13072,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1031), with CRLF line terminators","md5":"7136696c30558a26c1ffce42c5d20096","sha1":"9ba60ca2445c0e36f658a4e0a19d7ff76b152115","sha256":"f6ac59b4343f5639fecdd6b4292d78d35340cef647b7800969b9c5d8e4b6a6a4","sha512":"e0fd7a35bea0526f595aed3ae489cb104aa1bde2814b8ef26bb94604d2d5cc6906f802665551111ff37378f9c50be8511ded39202f222985b4507ab5b30e20e4","ssdeep":"96:7ufT4uzAcFJ1yFskK+RizvYexN/mBF9hpBGKoHgWO/QY0g64iPQKLtEVRkuw+Guq:GT4uzAU1ndxNUhpBGSotgji4ZkLg9c","tlshash":"0c42a72aea2014997433e3ba7fb2464cff235113970252b87edc66550fb69a48953fcc","first_seen":"2026-04-06T12:36:08.940582Z","last_seen":"2026-04-06T12:36:08.940582Z","times_seen":1,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":128,"dns":37,"connect":20,"send":0,"wait":21,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"support-help-netf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"support-help-netf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"support-help-netf.com/assets/captcha_image.php?id=cap_69d3a8a1b29a25.99911274","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://support-help-netf.com/captcha.php","date":"2026-04-06T12:35:45.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"support-help-netf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 13:33:47 GMT","end":"Fri, 03 Jul 2026 13:33:46 GMT"},"fingerprint":{"sha1":"3D:36:47:5A:FF:65:F5:95:2F:64:DE:36:31:B2:12:E5:A5:DB:7B:60","sha256":"92:1A:74:FB:B8:8E:2B:11:1E:E4:75:4A:A2:C3:21:B6:96:67:3B:51:2E:0D:7A:E5:58:F9:61:7A:25:C5:C0:01"}}},"request":{"raw":"GET /assets/captcha_image.php?id=cap_69d3a8a1b29a25.99911274 HTTP/1.1\r\nHost: support-help-netf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=3nbqc1fbe3sqg2pf6apth98vjv; uid=user_69d3a8a1b28bf7.80789931\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 06 Apr 2026 12:35:45 GMT\r\ncontent-type: image/png\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0\r\npragma: no-cache\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nx-powered-by: PHP/8.2.30, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":782,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 80, 4-bit colormap, non-interlaced","md5":"af77c170fd59894d41a438a64ae09008","sha1":"497bbd2205e3f423d7d70a512821ff5fc920d8ce","sha256":"fc96fbdb0d736d27e46519c07808e8a77790331e512c6cd1e81e89bb19af54e9","sha512":"111974da192a9068ca5f0e1086ae63709520049034576f528176f3192f2ac69db0e269229ea807a4b75de49eb5e97cec090f4ab3ac3534ebdf1f02b00a6db1e8","ssdeep":"","tlshash":"d60175c5ce5d90d6a1b5a7e910804384d755ca991513f3ef7601c971c661cd54ecda0e","first_seen":"2026-04-06T12:36:08.943722Z","last_seen":"2026-04-06T12:36:08.943722Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"support-help-netf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"support-help-netf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"support-help-netf.com/assets/img/favicon.ico","fqdn":"support-help-netf.com","domain":"support-help-netf.com","tld":"com"},"ip":{"addr":"45.74.47.162","port":443,"asn":9009,"as":"M247 Europe SRL","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://support-help-netf.com/captcha.php","date":"2026-04-06T12:35:45.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"support-help-netf.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 13:33:47 GMT","end":"Fri, 03 Jul 2026 13:33:46 GMT"},"fingerprint":{"sha1":"3D:36:47:5A:FF:65:F5:95:2F:64:DE:36:31:B2:12:E5:A5:DB:7B:60","sha256":"92:1A:74:FB:B8:8E:2B:11:1E:E4:75:4A:A2:C3:21:B6:96:67:3B:51:2E:0D:7A:E5:58:F9:61:7A:25:C5:C0:01"}}},"request":{"raw":"GET /assets/img/favicon.ico HTTP/1.1\r\nHost: support-help-netf.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=3nbqc1fbe3sqg2pf6apth98vjv; uid=user_69d3a8a1b28bf7.80789931\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 06 Apr 2026 12:35:45 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1755\r\nlast-modified: Tue, 21 Oct 2025 22:40:00 GMT\r\netag: \"68f80bc0-6db\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1755,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"3d194514babc5d7d010308a0f808ca51","sha1":"867e51e9b4a474c19da52d6454076c007a9d01f2","sha256":"7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a","sha512":"0f74161fa4324dab47e9152d8f771357506935ff028790c08d99bcb84d56ffe148995334e7da079a641994395d19b94615473846b932e44152a21c6ea6b7fc17","ssdeep":"","tlshash":"e731e9e05118afda2ce916cc091244bcdd5b6616c815dad1ecc9b4f82800f0ff5d5d9e","first_seen":"2023-04-21T18:59:15Z","last_seen":"2026-04-07T21:20:37.473385Z","times_seen":2753,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"support-help-netf.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-06","alert":"Phishing Block","trigger":"support-help-netf.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}