{"report_id":"ce7c280f-c55e-486f-8715-d873ff690783","version":6,"status":"done","tags":[],"date":"2026-04-24T13:53:10Z","url":{"schema":"http","addr":"accounts.login.idm.telekom.com.metropoleweb.com","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"title":"Telekom Login","dom":{"size":25771,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9301)","md5":"ec8850dd9e7f209404f10f7f8fd7e31d","sha1":"374cb82d86c5e5c0fdfa0ec1bf6291d2e2705a99","sha256":"e6ddca2c240bd6e02e932f4770fde88a4190f4f91c687d8b7f87a08554d9b344","sha512":"2a97145288aa7e504a05b50db4e8ccd45b013409f5ed900135a6eecc2453622d15de4efffe495c8bbab78c06d78a0edbce50612d1f65b82567fc1d05921ae9e6","ssdeep":"384:FNSRMqhL7/nB0L+WbQE5NDBqpTcJO9VBE:FNSRhhn/nOL+WbQEjUa89VBE","tlshash":"eec2c829a6f3002a7c43c0fef7ea7654763990c3d619cd79b98d53509fd2291489379c","dom_hash":"domhash1bdb8832d92ccc2580a0167ff55ffa4b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"accounts.login.idm.telekom.com.metropoleweb.com","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-29T13:53:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2007-07-09","domain_rank":0,"first_seen":"2026-04-24T13:27:12.204724Z","last_seen":"2026-04-24T13:27:12.204724Z","alert_count":14,"request_count":7,"received_data":526809,"sent_data":4067,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-04-20T05:47:47.109581Z","alert_count":0,"request_count":2,"received_data":815992,"sent_data":886,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-24T23:52:42.212415Z","times_seen":31301,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"22fb80153bbaae586fcfbd51b94bb57f","sha1":"a40cdd6f38af17765b50397f580c55973d7e1557","sha256":"899980da45d2ec9d1d239cbf33a04ae18be4341182bbf5b22548efc89f0888d5","sha512":"f59016266087031b3fba364c0285f41f6b86645d9ede536491daee60858200d1cfbc0687df7d978c114cc0a9b98b7cd6b12599159a4ed2f5d400ab2269629b67","ssdeep":"","tlshash":"b941951f96f310368233f03867bf1180257a90072a18cf1aba4c43546fe936554f3bea","size":2322,"data":"","first_seen":"2026-02-07T10:20:38.750964Z","last_seen":"2026-04-24T23:22:27.659104Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a87bcd5c9376efc93fb3ee4ff7dc3dc4","sha1":"78a95b7822bce20768d5c5b7600d1b13d3d4dcda","sha256":"187842764a83c5a3848c7667344ab43fc369c4b8c7b67658e7194d84006016a5","sha512":"a71f6b715caed5b4330cfc13d6104d90c090d22226c9b33fd2b7cbb2b26c491a0c27aab85be03076cde0a881a50282fc390ea495a1d937e30ae6be2b66242a76","ssdeep":"","tlshash":"dc115c7dbaf7327089b3e07423cfa100d2a5d0231540de81f9ed43152f94d18ae726ea","size":1023,"data":"","first_seen":"2026-02-07T10:20:38.75187Z","last_seen":"2026-04-24T23:22:27.660042Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/fonts/TeleNeoWeb-ExtraBold.woff","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/fonts/TeleNeoWeb-ExtraBold.woff HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":17185,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (563)","md5":"16fc193fd8ba4aed75ac27b6571e8a30","sha1":"22ac6a8e02559a8dbf33c9b85c107e6d4cfeba7b","sha256":"3ff44836d6f6cf004e6734de10fd242f8ebfbf705c9163d5b9184455cc3351db","sha512":"c82add1874237342f22fbe0bd2c48da1ffe2356b7209710552c158b52fa48618d250bb50020583d9d1db2bf19039ac3c046ae3c051fb61c421a60a595d89c23a","ssdeep":"192:dhwyyZz5lDilaQxpAHV+RZ7+3IkHHvY2+4NxfrTRvaJEyTycH8nmOWQ97gUbNsZq:dNSRM2m99tMhrME","tlshash":"1272d46aeaf311677407807d37ef76546a7dc017e205cd28ba9c53e84f8269148a3bec","first_seen":"2026-02-07T10:20:38.748566Z","last_seen":"2026-04-24T23:22:27.651847Z","times_seen":10,"resource_available":true,"data":null}},"time_used":891,"timings":{"blocked":294,"dns":1,"connect":140,"send":0,"wait":159,"receive":139,"ssl":156},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/images/favicon.png","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/images/favicon.png HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:46 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 10 Jan 2026 01:37:40 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 27882\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":27882,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 499, 8-bit/color RGBA, non-interlaced","md5":"1863811c1749b03645de5f1af3cdfd03","sha1":"0c7d9c10d32020c1bc9857ad301b7956a73bb649","sha256":"93bb0b831b022774382eb5a348a597d86522768b9025463062fafa1c4f4250bc","sha512":"e1a94b4afc3af31cc154b0e7e0f5d1b82a2e8413f5dbda98b262302b243ab933fee2490ace9230e4a2321182a510615291cb5281dfd30b0bc316a816d76ef7a8","ssdeep":"768:+yrOwzL1CMWEg55hKGl/yNrG63hgdq/pZRZ:LrbCSOP1/0S2gc/hZ","tlshash":"03c2c0307d91fa31d7d7ef408296c29293aca85ebd8f85698b01ca52f037f9e655104f","first_seen":"2026-02-07T10:20:38.749493Z","last_seen":"2026-04-24T23:22:27.654659Z","times_seen":10,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-24T13:52:44.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4; path=/\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":17185,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (563)","md5":"16fc193fd8ba4aed75ac27b6571e8a30","sha1":"22ac6a8e02559a8dbf33c9b85c107e6d4cfeba7b","sha256":"3ff44836d6f6cf004e6734de10fd242f8ebfbf705c9163d5b9184455cc3351db","sha512":"c82add1874237342f22fbe0bd2c48da1ffe2356b7209710552c158b52fa48618d250bb50020583d9d1db2bf19039ac3c046ae3c051fb61c421a60a595d89c23a","ssdeep":"192:dhwyyZz5lDilaQxpAHV+RZ7+3IkHHvY2+4NxfrTRvaJEyTycH8nmOWQ97gUbNsZq:dNSRM2m99tMhrME","tlshash":"1272d46aeaf311677407807d37ef76546a7dc017e205cd28ba9c53e84f8269148a3bec","first_seen":"2026-02-07T10:20:38.748566Z","last_seen":"2026-04-24T23:22:27.651847Z","times_seen":10,"resource_available":true,"data":null}},"time_used":878,"timings":{"blocked":288,"dns":0,"connect":135,"send":0,"wait":168,"receive":134,"ssl":150},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 24 Apr 2026 13:52:45 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::md8nh-1775101186152-d45e2b42ab64\r\nlast-modified: Thu, 02 Apr 2026 03:39:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1937578\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=joDGM4VZzIusfnTQT1zRZLv8m9pIZyJkOEugXQRDGiLosVQJWI2IrIhRsHcDFd49jgp85%2Fel7xVPOyHdJgMF8AgLrtgifsH6IqESVfti7%2BtN9hUTKro8SWAXokQ8RKK3rDfFzHo%3D\"}]}\r\ncf-ray: 9f15971bdbb2a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-24T23:52:42.212415Z","times_seen":31301,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/images/bg.jpg","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/images/bg.jpg HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 17 Jan 2026 03:08:24 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 410796\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":410796,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1180, components 3","md5":"5bb5dd164f166fd41a8229c677431581","sha1":"ed2631c471cffe4b65200f489ccefb9e9ee2cee5","sha256":"ad1d8695e1595c989e0d0a0dfc1c89faf1da98a3ef8fe2f2d424eca4af7a11e6","sha512":"158843a78a3d4bca15c31bd3a34e510137f4f5cb0d327cb2aedabf5dfb1f35ae782be89f1e83da8e699e3dfd61abcaebba2b584f968565f2acb6c19de89251e3","ssdeep":"12288:8glFBrj373LyjwAEvvNgYFNVjBelTk8htj:hSySTk8hd","tlshash":"d7940289ff06039b5e1d2272d687b94a59604bdd7ca84dc889029d7ff6603c2cee359c","first_seen":"2025-05-29T03:29:53.545276Z","last_seen":"2026-04-24T23:22:27.657232Z","times_seen":174,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":422,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/fonts/TeleNeoWeb-Regular.woff","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/fonts/TeleNeoWeb-Regular.woff HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":17185,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (563)","md5":"16fc193fd8ba4aed75ac27b6571e8a30","sha1":"22ac6a8e02559a8dbf33c9b85c107e6d4cfeba7b","sha256":"3ff44836d6f6cf004e6734de10fd242f8ebfbf705c9163d5b9184455cc3351db","sha512":"c82add1874237342f22fbe0bd2c48da1ffe2356b7209710552c158b52fa48618d250bb50020583d9d1db2bf19039ac3c046ae3c051fb61c421a60a595d89c23a","ssdeep":"192:dhwyyZz5lDilaQxpAHV+RZ7+3IkHHvY2+4NxfrTRvaJEyTycH8nmOWQ97gUbNsZq:dNSRM2m99tMhrME","tlshash":"1272d46aeaf311677407807d37ef76546a7dc017e205cd28ba9c53e84f8269148a3bec","first_seen":"2026-02-07T10:20:38.748566Z","last_seen":"2026-04-24T23:22:27.651847Z","times_seen":10,"resource_available":true,"data":null}},"time_used":876,"timings":{"blocked":291,"dns":1,"connect":136,"send":0,"wait":150,"receive":135,"ssl":160},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/fonts/TeleNeoWeb-Medium.woff","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/fonts/TeleNeoWeb-Medium.woff HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":17185,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (563)","md5":"16fc193fd8ba4aed75ac27b6571e8a30","sha1":"22ac6a8e02559a8dbf33c9b85c107e6d4cfeba7b","sha256":"3ff44836d6f6cf004e6734de10fd242f8ebfbf705c9163d5b9184455cc3351db","sha512":"c82add1874237342f22fbe0bd2c48da1ffe2356b7209710552c158b52fa48618d250bb50020583d9d1db2bf19039ac3c046ae3c051fb61c421a60a595d89c23a","ssdeep":"192:dhwyyZz5lDilaQxpAHV+RZ7+3IkHHvY2+4NxfrTRvaJEyTycH8nmOWQ97gUbNsZq:dNSRM2m99tMhrME","tlshash":"1272d46aeaf311677407807d37ef76546a7dc017e205cd28ba9c53e84f8269148a3bec","first_seen":"2026-02-07T10:20:38.748566Z","last_seen":"2026-04-24T23:22:27.651847Z","times_seen":10,"resource_available":true,"data":null}},"time_used":850,"timings":{"blocked":280,"dns":1,"connect":140,"send":0,"wait":143,"receive":136,"ssl":148},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.login.idm.telekom.com.metropoleweb.com/assets/fonts/TeleNeoWeb-Bold.woff","fqdn":"accounts.login.idm.telekom.com.metropoleweb.com","domain":"metropoleweb.com","tld":"com"},"ip":{"addr":"162.240.144.202","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.login.idm.telekom.com.metropoleweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 19:16:07 GMT","end":"Wed, 22 Jul 2026 19:16:06 GMT"},"fingerprint":{"sha1":"89:04:1B:F7:80:07:ED:A6:7A:B0:F1:26:7E:A0:9C:AE:23:EB:C3:6F","sha256":"8F:74:0E:F6:AC:4F:C1:7E:82:BF:E8:06:D6:74:AD:29:94:63:19:2D:FE:F5:89:9C:CD:86:09:A4:B2:72:25:AE"}}},"request":{"raw":"GET /assets/fonts/TeleNeoWeb-Bold.woff HTTP/1.1\r\nHost: accounts.login.idm.telekom.com.metropoleweb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=0tie8rl1uf7brci9qitd5t4pk4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 24 Apr 2026 13:52:45 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.4.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]}],"data":{"size":17185,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (563)","md5":"16fc193fd8ba4aed75ac27b6571e8a30","sha1":"22ac6a8e02559a8dbf33c9b85c107e6d4cfeba7b","sha256":"3ff44836d6f6cf004e6734de10fd242f8ebfbf705c9163d5b9184455cc3351db","sha512":"c82add1874237342f22fbe0bd2c48da1ffe2356b7209710552c158b52fa48618d250bb50020583d9d1db2bf19039ac3c046ae3c051fb61c421a60a595d89c23a","ssdeep":"192:dhwyyZz5lDilaQxpAHV+RZ7+3IkHHvY2+4NxfrTRvaJEyTycH8nmOWQ97gUbNsZq:dNSRM2m99tMhrME","tlshash":"1272d46aeaf311677407807d37ef76546a7dc017e205cd28ba9c53e84f8269148a3bec","first_seen":"2026-02-07T10:20:38.748566Z","last_seen":"2026-04-24T23:22:27.651847Z","times_seen":10,"resource_available":true,"data":null}},"time_used":886,"timings":{"blocked":295,"dns":1,"connect":142,"send":0,"wait":153,"receive":137,"ssl":156},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-24","alert":"Phishing Block","trigger":"accounts.login.idm.telekom.com.metropoleweb.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts.login.idm.telekom.com.metropoleweb.com/","date":"2026-04-24T13:52:45.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://accounts.login.idm.telekom.com.metropoleweb.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Fri, 24 Apr 2026 13:52:45 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::426m8-1777038689757-c4b72c6b5854\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 75\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tt4sYvh59J6yEC%2F6w2qn5W%2B%2FOuRGm0f5M%2FQhZBd4ZH5%2Barmd%2FCacbOzwDJ9FvQnKq5ibwJxOFTgBiP9EU3M5gwt%2FrWBqiy3szi1Jeu9GUBn9J1j9BB7bTRxJ2tz6MrPBhVsfIzM%3D\"}]}\r\ncf-ray: 9f15971bcb89a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-24T23:55:26.771745Z","times_seen":14155609,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":13,"dns":0,"connect":2,"send":0,"wait":6,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}