{"report_id":"c8cab0e4-81a1-457e-be81-d8dc35d1a631","version":6,"status":"done","tags":[],"date":"2026-01-05T00:21:14Z","url":{"schema":"http","addr":"idms.telekom-web.email.acceflogins.shop","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":0,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"final":{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"title":"Telekom Login","dom":{"size":71332,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (625)","md5":"8e7e485a65d7aea73d855e77301c9704","sha1":"707b46ca17e0ebbccf644a39faeafed612c279c9","sha256":"33cf1447a47e16e653f84a0ea4b202d9fc6a8c6823ec9c3fd33e3169e264329b","sha512":"fe63fb743d1c652bd98ea3128d09333f93b420480d88b4a12693763859444738109cc704f45b14f3372d9442b97ded96051f3f697ba91a2775487a7b74dbe221","ssdeep":"1536:mV0BSyzdkVEZ6AvSz2jU3umlvN2kZAWp89WsPM7mhuSe9xQ:ki","tlshash":"8363fc51d2a714796a23413b1adeb440392fd073ce57ad0db99dcd148fba6be08e2e70","dom_hash":"domhash4edf89ca5c426c80e9cf3a9995775360","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"idms.telekom-web.email.acceflogins.shop","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":0,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T00:21:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"idms.telekom-web.email.acceflogins.shop","ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-01-05T00:21:14.583261Z","last_seen":"2026-01-05T00:21:14.583261Z","alert_count":33,"request_count":11,"received_data":1016444,"sent_data":5704,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/js/jquery-1.10.2.min.js","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"introduction_type":"scriptElement","is_inline":false,"md5":"11468602df014a21b203dc9bcd84d369","sha1":"2cf8733fe01e2d149140cb840595fa5d21769f93","sha256":"29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17","sha512":"e5e527b6a1808e474b7d64d3ce360db14b1a4871a5aee01185cbafab06ed6f40e50b4281acec12dc2fe8663296d4ce5032e40769aeb9f32d7a6c9aa4d2525e11","ssdeep":"1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:OGsKXAI2p0WP9bDrstfa5","tlshash":"be93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93113,"data":"","first_seen":"2023-03-07T01:20:48Z","last_seen":"2026-06-08T13:10:54.851335Z","times_seen":9559,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"introduction_type":"scriptElement","is_inline":true,"md5":"7672f6007a7bf3eb4817cb5961b74acc","sha1":"460517f40cafd8e9af695253583df9b849daf393","sha256":"059acebfacce287f5d3ac2abdeb81b32c6e0e724bf1164e62991ea5edb5e1b2c","sha512":"91b37e3845f958798f590f0b2c72012563d989d1a4708c34a27773500ad381da406fb078eb72395aa3c846a62b202d89824c08ba8f5cf7c0137a88016c67beb8","ssdeep":"","tlshash":"c4c04cad8c170af53f5888b2af2f122656a42a260087c459f19de10cbfc17a4816d8c9","size":176,"data":"","first_seen":"2025-07-18T08:10:53.349078Z","last_seen":"2026-02-18T03:38:49.379164Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/js/main.js","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c0315b0b43616507e96c5b4fbf5ba57d","sha1":"e8ef6ed8d4f9790c38a6c3ef974f9973807ac7c6","sha256":"4fbad073fa9c9352efd1f2e452dc760f6e69744e1618c14ec03e2f645362aecc","sha512":"e8057d2988e249d0e86c928d43cd61615df9fe830f321342278f53d72ed572c57111eedd8412bc54229621a9be5970e16c6155c5fe36e7539100df50453c0837","ssdeep":"","tlshash":"6141cf367141093a46eb2af222fbc3847e25c611de4752227ebcce5d4321cc1d936bc5","size":1927,"data":"","first_seen":"2025-07-18T08:10:53.348225Z","last_seen":"2026-02-18T03:38:49.374253Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/images/favicon.ico","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:52.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /images/favicon.ico HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:52 GMT\r\ncontent-type: image/x-icon\r\nvary: accept-encoding\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: W/\"1536-6478588493ec3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5430,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel","md5":"8d3c1354a64ba28bdf05d7615d5521f6","sha1":"ef1324ebe1d8eefa4b5499ebfaa196f98cf2dd75","sha256":"f6f1859ba1d189f83e883ae9ce59fc4ea2ecc5bdbd97e1929d16896ce837f404","sha512":"68694fef47913ef0b1031c37eb0ba705df87d16e96ccde302307dfa60fcc7a441241ed9435ba2179baad9da288b3d45db1639e6f04ae476160cd75cedd88e2d2","ssdeep":"24:NL5irT39tmmmmprLrrp33tr76sKeSuCH7oIoof:XirT3drLrrp33tr7blSuCH74of","tlshash":"b5b1d80ca296c444c1c50ee4c9056df87aeb7c89d98ff1639acb7fbe7773128401661a","first_seen":"2023-04-10T19:16:18Z","last_seen":"2026-06-06T14:16:47.877924Z","times_seen":126,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/js/jquery-1.10.2.min.js","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /js/jquery-1.10.2.min.js HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 04 Jan 2026 01:05:03 GMT\r\netag: W/\"16bb9-6478588497d43\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93113,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072), with CRLF line terminators","md5":"11468602df014a21b203dc9bcd84d369","sha1":"2cf8733fe01e2d149140cb840595fa5d21769f93","sha256":"29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17","sha512":"e5e527b6a1808e474b7d64d3ce360db14b1a4871a5aee01185cbafab06ed6f40e50b4281acec12dc2fe8663296d4ce5032e40769aeb9f32d7a6c9aa4d2525e11","ssdeep":"1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:OGsKXAI2p0WP9bDrstfa5","tlshash":"be93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:20:48Z","last_seen":"2026-06-08T13:10:54.851335Z","times_seen":9559,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/scale-components.css","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/scale-components.css HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: W/\"e67e-6478588478942\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59006,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"e5fc0cdc293e6dd0ac67f880dd9dc297","sha1":"cfd084fcfab3c3a0334a63b55d4c8830dfaa5a5a","sha256":"ad04f6339e1395dff82fe93c1bcd8316d9d06e3aaa0e9962aa6d087dd2432acd","sha512":"a1d1a596b261d361be8bd3d5cfa4d407d07c12f4163d3a7724a16c42a982960bb7970be84951b2b6068f0f94874670f8f5e3cf56d8c3e38d0ed5f3f7083bd98a","ssdeep":"768:79mM3TdEJOce8g1nvPliB8Edt5e8qKe8qPB8Oe:79mM3Td0Vg1nvPliDdt5qKqP1e","tlshash":"8743be42e7c5d4a3b123447f6e4ef9e4e822a0235e884fabf1c5814e7587aa741d1f36","first_seen":"2025-07-18T08:10:53.341531Z","last_seen":"2026-04-02T19:40:32.032201Z","times_seen":41,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/js/main.js","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sun, 04 Jan 2026 01:05:03 GMT\r\netag: W/\"787-6478588498ce3\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1927,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"c0315b0b43616507e96c5b4fbf5ba57d","sha1":"e8ef6ed8d4f9790c38a6c3ef974f9973807ac7c6","sha256":"4fbad073fa9c9352efd1f2e452dc760f6e69744e1618c14ec03e2f645362aecc","sha512":"e8057d2988e249d0e86c928d43cd61615df9fe830f321342278f53d72ed572c57111eedd8412bc54229621a9be5970e16c6155c5fe36e7539100df50453c0837","ssdeep":"","tlshash":"6141cf367141093a46eb2af222fbc3847e25c611de4752227ebcce5d4321cc1d936bc5","first_seen":"2025-07-18T08:10:53.348225Z","last_seen":"2026-02-18T03:38:49.374253Z","times_seen":16,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/fonts/TeleNeoWeb/TeleNeoWeb-ExtraBold.woff","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/fonts/TeleNeoWeb/TeleNeoWeb-ExtraBold.woff HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/css/scale-components.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: font/woff\r\ncontent-length: 66432\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: \"10380-6478588476a02\"\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66432,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 66432, version 0.0","md5":"5734da39304090cb495eeb606df63f93","sha1":"f2194298a4a22f2d05aba0891f1ef04d26ea8578","sha256":"57e63f0bdefcf32d37bafd97b735cf4e86baffdba971dfb180e99395d1ff6e3b","sha512":"643f90d93942b1a284af71bda550e67aed9b04359b30ed61c0e2534e5600bbdecdb2d1521de4bdcf4bbb58335ee5da878e06338a67c37bdd7fa5364e366c8558","ssdeep":"1536:1MGegOn0krC6GahKRonfr60CL9hCQwucbWhlCZbvdUlPmDh/+:1MGhJ1aMynZCeccfFUlJ","tlshash":"265302ec4cbe441cafd43e9d58eb134f32823709c652ac5845d2759d22adae3b14e7e8","first_seen":"2023-11-30T14:14:26Z","last_seen":"2026-05-24T15:59:07.692558Z","times_seen":105,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/fonts/TeleNeoWeb/TeleNeoWeb-Bold.woff","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/fonts/TeleNeoWeb/TeleNeoWeb-Bold.woff HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/css/scale-components.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: font/woff\r\ncontent-length: 67164\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: \"1065c-647858846be21\"\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":67164,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67164, version 0.0","md5":"25affce608e05060c9c43e6863ad70c3","sha1":"d0ce3d4476cbf1c777ba9242037233729ae6d305","sha256":"845e3dc8eec80ab6f18939f24638fb0acf80abd65d5a8c093912b7413b3e0d8a","sha512":"602b2b5762aebb9e59e313838a832a0c5025c2369cc9906e6221021406d757be926222fd49955eda3b2d09522bb0971248b7478580b45a69634353f3ae423900","ssdeep":"1536:qYLk/BomA+AjGiM9bjM81h5f0S5YlBRO2/63h/+:RgcjG1bw+0DTV/6U","tlshash":"2e6302bd89f880475851a1721f8fa7f0a5911800955bf413c39dfa82bf9bde84a14beb","first_seen":"2025-04-19T12:06:05.955151Z","last_seen":"2026-06-01T20:35:28.098039Z","times_seen":106,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T00:20:51.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:1.10.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":74277,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (595), with CRLF line terminators","md5":"d5cbce66a2e46111250c8f946df0a5da","sha1":"159ab945fb3f01940a28d232e7dab47cea13c654","sha256":"66d38e88c4682d0607e1fcde6d58ded75c50def916485a70902d0e7c3b5d7a1d","sha512":"6bf4098ed4aad74741b744828c9f2f6078b1fa4eeacea80c098418eb32eef3ce619957829b92dedfbd8c877d74a3feb499fa327cae99a94f7ca266845dbc33f0","ssdeep":"1536:LyR+TzsahyB2bNITsn8xQ/3iIqnh2NHmZ6CS8TYhKLGSzDIu:3nM","tlshash":"0173ec11e29664795633823b5be9a040f92fd273ca538e0eb9bccd164fb66b509c3d70","first_seen":"2025-07-18T08:10:53.346809Z","last_seen":"2026-02-18T03:38:49.371615Z","times_seen":8,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":137,"dns":42,"connect":33,"send":0,"wait":57,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/login-26.16.0.css","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/login-26.16.0.css HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: W/\"18ddc-647858847d762\"\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101852,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"60937875f0e5f87bf4b131b44d510db7","sha1":"ec5d2c6b10dac546f4c61e85b8fcbee29494faf1","sha256":"aee7e3033127ddcaf21e1fbf96e1920b5fe6652704940457e6bf0247c833baeb","sha512":"a6eae59b25d6cfccb59e51b5a09251edab6e9341a4f77df481b0e7e096d111abc506b168e4a003efb7778979d5e4be2c54a33c1c5515344d7b6f20d9b7a8acae","ssdeep":"768:UzGS9HxajZgYMwmdFarnDp2knEBKzuqMASAWg1x/401meUMsh2W5rxaUzGS9Hxah:OGS9HxIvmLqr1x0GS9HxIvmLqTJ","tlshash":"dca3fd02aa8345a2b477403f3bcff5d77531a06b5e85fe5af5ca410a0f4a2a721d1e36","first_seen":"2025-07-18T08:10:53.342423Z","last_seen":"2026-02-18T03:38:49.375403Z","times_seen":16,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/images/bg.jpg","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /images/bg.jpg HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/css/login-26.16.0.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 410796\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: \"644ac-6478588492f22\"\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":410796,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1180, components 3","md5":"5bb5dd164f166fd41a8229c677431581","sha1":"ed2631c471cffe4b65200f489ccefb9e9ee2cee5","sha256":"ad1d8695e1595c989e0d0a0dfc1c89faf1da98a3ef8fe2f2d424eca4af7a11e6","sha512":"158843a78a3d4bca15c31bd3a34e510137f4f5cb0d327cb2aedabf5dfb1f35ae782be89f1e83da8e699e3dfd61abcaebba2b584f968565f2acb6c19de89251e3","ssdeep":"12288:8glFBrj373LyjwAEvvNgYFNVjBelTk8htj:hSySTk8hd","tlshash":"d7940289ff06039b5e1d2272d687b94a59604bdd7ca84dc889029d7ff6603c2cee359c","first_seen":"2025-05-29T03:29:53.545276Z","last_seen":"2026-05-09T19:56:20.093758Z","times_seen":175,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/fonts/TeleNeoWeb/TeleNeoWeb-Regular.woff","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/fonts/TeleNeoWeb/TeleNeoWeb-Regular.woff HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/css/scale-components.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: font/woff\r\ncontent-length: 66600\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: \"10428-647858846fca1\"\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66600,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 66600, version 0.0","md5":"ce17d96d9bb01e038c50978592cfc69c","sha1":"250f7e7536803eeb6d20350efa8f54ad379f09ca","sha256":"19da9c1badf7913448c569ea95117f6975b6e55588508aa570f9bedc2d2efd28","sha512":"21f608ba488e589ada172d932ea58460c0a42ddd12fbdabc581cf08972fd250c7d5872029a4db3f58e8caa93e5155482dafb8915e8608a21aaa166f4fbbd79ce","ssdeep":"1536:6p0bGbjTbjG+cB2/R+jP1hRz9Iu/CWRFii0D/jeeKZl+pCh/+:6i6bv/+2J+N9I513DrJKZl+7","tlshash":"db53021b27366823dadd7578783a0b41d70b0b7860e5a991e33916b235acbcb90f5f70","first_seen":"2023-11-30T14:14:26Z","last_seen":"2026-05-24T15:59:07.757869Z","times_seen":121,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":36,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"idms.telekom-web.email.acceflogins.shop/css/fonts/TeleNeoWeb/TeleNeoWeb-Medium.woff","fqdn":"idms.telekom-web.email.acceflogins.shop","domain":"acceflogins.shop","tld":"shop"},"ip":{"addr":"37.9.175.196","port":443,"asn":51013,"as":"WebSupport s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://idms.telekom-web.email.acceflogins.shop/","date":"2026-01-05T00:20:51.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"idms.telekom-web.email.acceflogins.shop","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 00:00:31 GMT","end":"Sat, 04 Apr 2026 00:00:30 GMT"},"fingerprint":{"sha1":"ED:F2:A9:DD:03:05:16:0C:84:A3:D5:22:EF:4F:1B:B0:B7:A4:2C:AB","sha256":"85:D3:E6:C3:23:DE:F6:6D:F0:9F:BA:74:4E:EA:38:73:BD:59:DC:56:F8:CC:37:2D:F5:DD:A6:1A:F2:95:CC:A5"}}},"request":{"raw":"GET /css/fonts/TeleNeoWeb/TeleNeoWeb-Medium.woff HTTP/1.1\r\nHost: idms.telekom-web.email.acceflogins.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://idms.telekom-web.email.acceflogins.shop/css/scale-components.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: openresty\r\ndate: Mon, 05 Jan 2026 00:20:51 GMT\r\ncontent-type: font/woff\r\ncontent-length: 67124\r\nlast-modified: Sun, 04 Jan 2026 01:05:02 GMT\r\netag: \"10634-6478588472b81\"\r\nalt-svc: h3=\":443\"; ma=86400\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":67124,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 67124, version 0.0","md5":"ade89526b134edc70ab0838608665e3b","sha1":"408b8be1433b939328d93f45e7e39ae34f8f1907","sha256":"f1224867c8aa165e9dbce514bdeb5eebdb5d7a9d0f7f6e416ea0b4bd9579116d","sha512":"ef4c91ff3940474ed62404db886d4300e742fa264972a1cc4eddb9c7c8609c6d9d66d54d6389602d2f81063a69318929cfa6f36562612bcda271b1e101e89fa7","ssdeep":"1536:6bnPVFvXFrrWrQ9x3zf5RhzzBDBrFQttbYZA4n7wd56gL9h/+:0P3FrKs9Z5/mHbYi4n7wdRy","tlshash":"cc6302730c2be644d26d98b88b6af3c1931b1610afdbfd544f8dc7540a42be5a738b52","first_seen":"2024-08-19T17:05:58.661515Z","last_seen":"2026-04-09T11:10:49.365193Z","times_seen":98,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-01-05","alert":"Phishing Block","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"idms.telekom-web.email.acceflogins.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}