{"report_id":"49a469f0-4a26-49d1-afb0-5ea58784eeb1","version":6,"status":"done","tags":[],"date":"2025-09-27T08:24:38Z","url":{"schema":"http","addr":"pc.easyspyphone.com/","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"final":{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"title":"EasySpyPhone"},"submit":{"url":{"schema":"http","addr":"pc.easyspyphone.com/","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":0,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-01T08:24:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"pc.easyspyphone.com","ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"domain_registered":"2014-01-03","domain_rank":1175962,"first_seen":"2025-06-06T19:05:35.987501Z","last_seen":"2025-06-06T19:05:35.987501Z","alert_count":15,"request_count":15,"received_data":275235,"sent_data":8585,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"faaa2040820a7f33cffbf3a28508e3cc","sha1":"ce821ee2697047d1fd2fb0ad488fcd76f0d029ab","sha256":"2a65b9227748f47cead28d024e402bd4fabc1fb2104fc56984bbc2cf060a7867","sha512":"50286eb170863ee73a96f4a1de175689d2814d044278ee08cb2e65d206ebc88441b7ca2a12953aaa777af0a2e9cb432d38a20c7416238188edfb54edd999e673","ssdeep":"","tlshash":"118000003c80c88b0a382b0322a2b32e2220c002a2c8bce232a00030a22b38b2828080","size":29,"data":"","first_seen":"2025-09-27T08:24:41.11109Z","last_seen":"2025-09-27T08:24:41.11109Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.min.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"b31148705067f042740beab16f8c5e55","sha1":"83c100d6eedaa1cd31d5ef4174c0ca5ccfffd5a1","sha256":"49341f93ed226067bcb0ef82efe8f0367aba617cf5172e1f75b7e461ce70cb71","sha512":"3f514ee679048f579168b9bafafff4346d4d6336b01be336deff8a993ae000828007757b1336c7a976b30c4612ba56d52173857dc94a2fa92d0c0fe6fd7fb3d0","ssdeep":"1536:r+DyCyw7SyxTIWvATvwNkENyfDJmlEIjm9Rnge1mzUQIdZQXNjuBZpdkqvAsj:rKmSTIYNkyUhtKXKZfkqvAsj","tlshash":"0063f9c9b6c67173c7e730b8246f420af13668aaa44c4854f06ce8e5bd74a59443bf7d","size":70476,"data":"","first_seen":"2025-09-27T08:24:41.08848Z","last_seen":"2026-02-14T06:34:21.804162Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":true,"md5":"a470bee0892396e7647b462c11ed1d67","sha1":"35c19f569c906a188c4a003a0996c7a231127e8c","sha256":"a5d86b572c647460b4958cd9bc5ab1372f968fe7e36b1a7d03cd8a5c978cc7b7","sha512":"1e5c34c24e4d9717570e8b2f907eb5a40d6213fb1f7528657151fe65daef977eca0a825680cc726ffc152448258396c46e53ed2f86ef347d0d55ba8855b0dc92","ssdeep":"","tlshash":"28c0122bbdd9d23449d287329905194276e163595748c05e91f16832b2059099a0edf6","size":194,"data":"","first_seen":"2025-09-27T08:24:41.112778Z","last_seen":"2026-02-14T06:34:21.817881Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/scripts.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"51a96267ea64b416ed9ce03f1a0741cb","sha1":"f7d15a5bc6727b00e086703ed63dda660c641e92","sha256":"26eebbab8751680c0b1e443c1fbfb4d2e43dae2fce303e4b7cf086625834aa79","sha512":"d7c9dcabba82f7683962d7d6c240b446e71a356122afbbb8c087ecb656edb0c6c7fc611d28a6639d547c49c62d3ba05ec7095196f4b4cec3c9f22509bdf7eed8","ssdeep":"96:Pz6pieSZKdCtFiCd2y1NgkVKB6KohrTfnqBQexy9H09TtER+rKX:4cfNhVjdh/f8xyyQ+ri","tlshash":"2bb1450af38c566612b632751c3967e63b3d962178415c29fc7884fc3b98e9a703bf24","size":5373,"data":"","first_seen":"2025-09-27T08:24:41.081785Z","last_seen":"2026-02-14T06:34:21.815115Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/dscript.js?v=1","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ea3e6b80ffcd086611aa93f7a39746e","sha1":"5f84bdef9e940e0bd7c7550fd148bdb929f3d869","sha256":"03e822de6872f0af4960437674d410ffdc138d6a99e6418a6addc21df085fff3","sha512":"2c8fc4f9459d5cb390675e197a91cd94ffdd606d0fd06edda3a381f3fec2aeef22377181a153b5dd1394e33c6cad23381ec0592b5cb1c3c4ae7e4e770123d155","ssdeep":"192:hq87/q87IKG/hRTreOTGzUFyRszUFymD/HV/3/4e879ljyumtXeV3LN8YjRJtjd7:c8W8HwRO/Tx8/jyum8j1ZTUsqj+Fc2+A","tlshash":"c8322e55f3ad2ad921ba113a2d3ea1c4293d563338058cd1fc2dd068bf5ce5ea83ed09","size":11560,"data":"","first_seen":"2025-09-27T08:24:41.095209Z","last_seen":"2026-02-14T06:34:21.80637Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c0ecd30c68a24bc12058128d31d5eb5","sha1":"648b900ca576b517f1ce789c8716af529b9f5f38","sha256":"ba30a26ab78dd974d65848a3101e9a077f3a6c769ab72486c8bc11b68c608178","sha512":"969aee0f74dc0747460e2bffc7d19d4f1e2e5c4747fe71959529bc21e4032b2664af5068287f0b5ff5807bb66e8c9d1425906cb2d27d4af17fb8c81c29911d99","ssdeep":"","tlshash":"678000203c02c8830a382303222baa2e232080022080b0c030a00020b22338b2808080","size":29,"data":"","first_seen":"2025-09-27T08:24:41.114604Z","last_seen":"2025-09-27T08:24:41.114604Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.min.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"b31148705067f042740beab16f8c5e55","sha1":"83c100d6eedaa1cd31d5ef4174c0ca5ccfffd5a1","sha256":"49341f93ed226067bcb0ef82efe8f0367aba617cf5172e1f75b7e461ce70cb71","sha512":"3f514ee679048f579168b9bafafff4346d4d6336b01be336deff8a993ae000828007757b1336c7a976b30c4612ba56d52173857dc94a2fa92d0c0fe6fd7fb3d0","ssdeep":"1536:r+DyCyw7SyxTIWvATvwNkENyfDJmlEIjm9Rnge1mzUQIdZQXNjuBZpdkqvAsj:rKmSTIYNkyUhtKXKZfkqvAsj","tlshash":"0063f9c9b6c67173c7e730b8246f420af13668aaa44c4854f06ce8e5bd74a59443bf7d","size":70476,"data":"","first_seen":"2025-09-27T08:24:41.08848Z","last_seen":"2026-02-14T06:34:21.804162Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.cookie.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-04-29T14:08:29.226199Z","times_seen":15824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.cookie.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-04-29T14:08:29.226199Z","times_seen":15824,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"introduction_type":"scriptElement","is_inline":true,"md5":"adc55d3d02ac1d3b1c3dabc5e9a6d120","sha1":"602ffc86a675d6296fac042b41192dcfb8bec6c8","sha256":"aa3fda58cc1e3a20b76098ba76cc0fd66b65599ea9e803ec373758c18293de83","sha512":"fe00871b84e9d6535564a05a29d51b5d7192cd5b0239315bdf13655ad5537b55c806a78accc14378df5cba3841b63cc5403e4c3bce28f147c73194c9ef0f124b","ssdeep":"","tlshash":"97f0c078119e543107a348b5279a628139799607364bee44ff3c43c83f35d598950a79","size":612,"data":"","first_seen":"2025-09-27T08:24:41.116647Z","last_seen":"2026-02-14T06:34:21.819799Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/images/login/logo.png","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/images/login/logo.png HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 5058\r\nConnection: keep-alive\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"5058-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 97, 8-bit/color RGBA, non-interlaced","md5":"d88a693aa54099f2cb1ac72f86568bad","sha1":"728f0846989169a96d565198219c7254050bf831","sha256":"02304ec0238b31ab0eed54cecea02d8ea77efdd38a8b6f61f53db1b73397f772","sha512":"3478fe89f6a25390231e1af21eefa09b90fa6258420d2ba79b5a3d0e0fed044fce55d3077835c9ea434a4080fea2bfca7764d0cf01684196d034e38dc9eda598","ssdeep":"96:oSDZ/I09Da01l+gmkyTt6Hk8nTMr+DtFBjmyKQ/+vDpVxnAIt:oSDS0tKg9E05TMAtFBjmyn/+vDxAM","tlshash":"d8a19febcbf4589ff56df5331c87464acb26217c4257176c9d902cef2050d416bb1521","first_seen":"2025-09-27T08:24:41.072237Z","last_seen":"2026-02-14T06:34:21.805493Z","times_seen":4,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":152,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/images/login/bg.jpg","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/images/login/bg.jpg HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/css/logincss.css\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 43523\r\nConnection: keep-alive\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"43523-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43523,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 190x1196, components 3","md5":"4443a89c08162c0de95aa57f53950ad3","sha1":"59d167df7f932b4cf162681c2cc91b6d470ed227","sha256":"d9ac1e8cebeb0178a7a3beea9e6b88ca6f18bb09f77b1cf2266f5a48d580d53d","sha512":"358d581a16ae580ddcd202917088aa9af15d2c3e2768edf146f82334373477a60de63eb6b2bdf9e0943388dad8ead3242d374b13a10d19fce5ef14265b15a857","ssdeep":"768:RfA6aTa0JqP7pGwwnUD6ig+bhnhhmzWv58Skp16xClBlUU/33bsOb01Xldezmhup:qVa7pWgg6NmzG5mp16arsGO70mhuHkh6","tlshash":"bd13f12647fb02e9f6d1a4b2ac75da12321207fdca5c681ee2a8dfc04895a84536d3c3","first_seen":"2025-09-27T08:24:41.077133Z","last_seen":"2026-02-14T06:34:21.8159Z","times_seen":4,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":75,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/css/style.css","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/css/style.css HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"54683-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-29T15:35:16.745016Z","times_seen":14379833,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":109,"dns":0,"connect":36,"send":0,"wait":38,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/scripts.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/js/scripts.js HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"5373-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5373,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"51a96267ea64b416ed9ce03f1a0741cb","sha1":"f7d15a5bc6727b00e086703ed63dda660c641e92","sha256":"26eebbab8751680c0b1e443c1fbfb4d2e43dae2fce303e4b7cf086625834aa79","sha512":"d7c9dcabba82f7683962d7d6c240b446e71a356122afbbb8c087ecb656edb0c6c7fc611d28a6639d547c49c62d3ba05ec7095196f4b4cec3c9f22509bdf7eed8","ssdeep":"96:Pz6pieSZKdCtFiCd2y1NgkVKB6KohrTfnqBQexy9H09TtER+rKX:4cfNhVjdh/f8xyyQ+ri","tlshash":"2bb1450af38c566612b632751c3967e63b3d962178415c29fc7884fc3b98e9a703bf24","first_seen":"2025-09-27T08:24:41.081785Z","last_seen":"2026-02-14T06:34:21.815115Z","times_seen":4,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":109,"dns":0,"connect":36,"send":0,"wait":38,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/images/login/login.png","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/images/login/login.png HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/css/logincss.css\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 113219\r\nConnection: keep-alive\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"113219-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 346 x 650, 8-bit/color RGBA, non-interlaced","md5":"90e00928aa5cec474f56d6ee76004650","sha1":"d22ec9744293e1d58c63b4de8a72d88e9b564c07","sha256":"4938ba501cbf0958247e1a931fb37de6ad935a7bfec5854d50f670a2a160957a","sha512":"6f120b742feca7cd42da78dd9e7fb381c9a903ae591e841157890cf0ef8de625f839815a80b504b364cfb31714b4cba0cef660b6f7b38ced886c533ecc551094","ssdeep":"3072:0iOhkvaA5OKka0iPIgUEx/nXYnnCrJAL/yL1uRsJ:5vamfnSgfxvonnCFo/+15J","tlshash":"d3b31289622aae1b72ffb74b6cc3fdc49d458273a0e8dca31889683c79001778055d9f","first_seen":"2025-09-27T08:24:41.084817Z","last_seen":"2026-02-14T06:34:21.810949Z","times_seen":4,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-27T08:24:16.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:16 GMT\r\nContent-Type: text/html;charset=ISO-8859-1\r\nContent-Length: 2\r\nConnection: keep-alive\r\nSet-Cookie: JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8; Path=/; HttpOnly\r\nLocation: https://pc.easyspyphone.com/mlp/\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/html; charset=ISO-8859-1","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-29T15:35:16.745016Z","times_seen":14379833,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":110,"dns":0,"connect":36,"send":0,"wait":38,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.min.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/js/jquery.min.js HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"70476-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70476,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (833)","md5":"b31148705067f042740beab16f8c5e55","sha1":"83c100d6eedaa1cd31d5ef4174c0ca5ccfffd5a1","sha256":"49341f93ed226067bcb0ef82efe8f0367aba617cf5172e1f75b7e461ce70cb71","sha512":"3f514ee679048f579168b9bafafff4346d4d6336b01be336deff8a993ae000828007757b1336c7a976b30c4612ba56d52173857dc94a2fa92d0c0fe6fd7fb3d0","ssdeep":"1536:r+DyCyw7SyxTIWvATvwNkENyfDJmlEIjm9Rnge1mzUQIdZQXNjuBZpdkqvAsj:rKmSTIYNkyUhtKXKZfkqvAsj","tlshash":"0063f9c9b6c67173c7e730b8246f420af13668aaa44c4854f06ce8e5bd74a59443bf7d","first_seen":"2025-09-27T08:24:41.08848Z","last_seen":"2026-02-14T06:34:21.804162Z","times_seen":4,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/css/logincss.css","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/css/logincss.css HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"2041-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2041,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"7384e3d2067ecf4a330a391477f71246","sha1":"08d2fb4e58e2e9cf5c16684baaf60c4130b8ea11","sha256":"5f7ec606835b2dcbb76b815fe0694d227dcfa8ec1ffd6b01199dc7955e9fef2f","sha512":"657e70ec667c40225f4754985a75af939cf7e4d3acd9aa2464f6a75cd1e77b9b898137da5df347139c7227bf3dd7ce95ec3b38f86bfc0805cd772cededf1f2ec","ssdeep":"","tlshash":"0841ae67e741384ff11b803a5f9c8698793b5ca7b88fcf6b6864576dc1082b91904b1c","first_seen":"2025-09-27T08:24:41.091781Z","last_seen":"2026-02-14T06:34:21.808445Z","times_seen":4,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":103,"dns":0,"connect":34,"send":0,"wait":35,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/dscript.js?v=1","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/js/dscript.js?v=1 HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"11560-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11560,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (385)","md5":"3ea3e6b80ffcd086611aa93f7a39746e","sha1":"5f84bdef9e940e0bd7c7550fd148bdb929f3d869","sha256":"03e822de6872f0af4960437674d410ffdc138d6a99e6418a6addc21df085fff3","sha512":"2c8fc4f9459d5cb390675e197a91cd94ffdd606d0fd06edda3a381f3fec2aeef22377181a153b5dd1394e33c6cad23381ec0592b5cb1c3c4ae7e4e770123d155","ssdeep":"192:hq87/q87IKG/hRTreOTGzUFyRszUFymD/HV/3/4e879ljyumtXeV3LN8YjRJtjd7:c8W8HwRO/Tx8/jyum8j1ZTUsqj+Fc2+A","tlshash":"c8322e55f3ad2ad921ba113a2d3ea1c4293d563338058cd1fc2dd068bf5ce5ea83ed09","first_seen":"2025-09-27T08:24:41.095209Z","last_seen":"2026-02-14T06:34:21.80637Z","times_seen":4,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":113,"dns":0,"connect":38,"send":0,"wait":40,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-27T08:24:16.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/ HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:16 GMT\r\nContent-Type: text/html;charset=ISO-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; Path=/mlp; HttpOnly\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":275,"size_decoded":0,"mime_type":"text/html; charset=ISO-8859-1","magic":"HTML document, ASCII text","md5":"d193cc91a58fa5af8563a461dc2093f9","sha1":"c8052055ec094aa45a522a0b53c11dfd2be490f3","sha256":"abb77f246a69c4e3d23549fb65e70b526bb2b48b96e21b3577543e2ef955f217","sha512":"61f5be95364c8f8fc0d937cb684477419cc558ebe0fbd6d92be9de29727c3721ba1f9454038e5b141fc869f2ad9af7d85729d4766510c2d609bc065a5b4d2600","ssdeep":"","tlshash":"56d095636c0fb503271187e07dad340945924d01fca8bd70d1768ffe9c5c52590b3e81","first_seen":"2025-09-27T08:24:41.098054Z","last_seen":"2025-12-04T09:19:48.814532Z","times_seen":3,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/images/sicon.ico","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.easyspyphone.com/mlp/","date":"2025-09-27T08:24:16.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/images/sicon.ico HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:16 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 2844\r\nConnection: keep-alive\r\nExpires: Sat, 04 Oct 2025 08:24:16 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"2844-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2844,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"922db5c87a629adabfe749f146b73bd6","sha1":"5013762709f04bbb2ae0159499393600fea69f4d","sha256":"29f3554d450d898bd9980b55b7c6e0e002358d2df0fbb6e890dbdc49dbca0903","sha512":"abbaa67eb29b460e79a229684536b266d6883162e359fac344e341935db74c85f525af7dd28693020616b4b8c97299e6e92a23744dbb9ad5854bf0ef092922cb","ssdeep":"","tlshash":"10515b29b045fbe9d30b1e1e4e81e54105069f36313973ff9f848732a1c718a724ed68","first_seen":"2025-09-27T08:24:41.100463Z","last_seen":"2026-02-14T06:34:21.807241Z","times_seen":4,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":0,"dns":0,"connect":33,"send":0,"wait":34,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pc.easyspyphone.com/mlp/","date":"2025-09-27T08:24:17.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/login.jsp HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pc.easyspyphone.com/mlp/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: frame\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: text/html;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Language: en\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4239,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (718), with CRLF, LF line terminators","md5":"b00b5ba8529659a773f7e15f41eb7884","sha1":"ea3c4bea0076c970f5082b16e9a0caa80bb610e6","sha256":"316c74377755327f2e13d9efab21ad03ad26b5c2ebb2fc1f61a69e011350038b","sha512":"f21e74bd06b8a2ea5b828fd1c04b250e3ae37904507a4f17ea29c19b0c238dc0d70b30c29ea50ecf1fd2e165f7789e66c160312b7df50af0ab79a3f7ac8e2265","ssdeep":"96:R4OiVkOtG4gKOaacvUkatoBZ4Sb+hmEM6alu:KOYkOtG4gKl5vpJ+Sb+rMru","tlshash":"ee9177186cc9d52311a341e466b3ba54fdd58217d346cd08f3fc42aa6fa6f894c33299","first_seen":"2025-09-27T08:24:41.102292Z","last_seen":"2026-02-14T06:34:21.814336Z","times_seen":4,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":116,"dns":1,"connect":38,"send":0,"wait":39,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/js/jquery.cookie.js","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/js/jquery.cookie.js HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: application/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nETag: W/\"3121-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3121,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"ff516650b7cc361e06ab22516b6f10ace63cff721158449d881965f82cb0c7bdb6bd6a","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-04-29T14:08:29.226199Z","times_seen":15824,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":101,"dns":0,"connect":33,"send":0,"wait":33,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/images/login/btnLogin.png","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pc.easyspyphone.com/mlp/login.jsp","date":"2025-09-27T08:24:17.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/images/login/btnLogin.png HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/login.jsp\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; style.css=9; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:17 GMT\r\nContent-Type: image/png\r\nContent-Length: 3607\r\nConnection: keep-alive\r\nExpires: Sat, 04 Oct 2025 08:24:17 GMT\r\nAccept-Ranges: bytes\r\nETag: W/\"3607-1757529638000\"\r\nLast-Modified: Wed, 10 Sep 2025 18:40:38 GMT\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3607,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 280 x 56, 8-bit/color RGBA, non-interlaced","md5":"0781082f53bfc792ca801b2bdee5b58f","sha1":"31b94b099edc6a2f33a3df25fc4882cde43eef5b","sha256":"ebcadabc7d2891a7f6f55e522d97650cba13c89077422c06136e28ea87a6ec06","sha512":"4b816c655f46f724e9e1bc63010023f71c8d24e4abd56c0ea5015213288f9c0597ec132407cefe6416066e8997a165ab064cd5436683e23004a96674873fc639","ssdeep":"","tlshash":"3c715cd9265ac6e8b4c47bead36141b6d25350a0cdf4cf1ca0bf9be6841c53c342d886","first_seen":"2025-09-27T08:24:41.106979Z","last_seen":"2026-02-14T06:34:21.80975Z","times_seen":4,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":152,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc.easyspyphone.com/mlp/login.jsp","fqdn":"pc.easyspyphone.com","domain":"easyspyphone.com","tld":"com"},"ip":{"addr":"172.232.205.158","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Italy","country_code":"IT"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pc.easyspyphone.com/mlp/","date":"2025-09-27T08:24:16.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pc.easyspyphone.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 04:35:20 GMT","end":"Thu, 11 Dec 2025 04:35:19 GMT"},"fingerprint":{"sha1":"95:81:0E:BA:33:BF:DD:6A:25:B5:23:F8:D2:5B:37:C0:8E:15:A2:79","sha256":"24:84:6C:96:88:F6:C9:01:81:15:07:22:D4:C9:83:53:73:1D:E3:57:20:35:96:BA:91:50:01:D0:1A:B5:2F:97"}}},"request":{"raw":"GET /mlp/login.jsp HTTP/1.1\r\nHost: pc.easyspyphone.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pc.easyspyphone.com/mlp/\r\nCookie: JSESSIONID=08938C52CDDE7690FE62B0B8007AE359; JSESSIONID=1317185D18CEEF25BF566CA2D1BFF1A8\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: frame\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nServer: openresty\r\nDate: Sat, 27 Sep 2025 08:24:16 GMT\r\nContent-Type: text/html;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Language: en\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4244,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (718), with CRLF, LF line terminators","md5":"85d093ca126ef1e252ea7d785269e0d3","sha1":"796591e6ee7b8b3410b6355f5295195eb41b9abd","sha256":"b0223fb0fb8d65357416af9d3e4b9b2392c4b8c6224a8c3e2c353933f464e6a9","sha512":"2514bd6fd1d24b9dc0485091c42dfa318229a6e20483c50a8888fd869b7656e87bf454eaa7f05ec846f19c2574f48bbaab3e6e5c5c5c4f869aac392d0588b9c3","ssdeep":"96:94OiVkOtG4gKOaacvUkatoBZ4Sb+hmEM6alu:WOYkOtG4gKl5vpJ+Sb+rMru","tlshash":"c39177186cc9d52311a341e466b3ba54fdd58217d346cd08f3fc42aa6fa6f894c33299","first_seen":"2025-09-27T08:24:41.109329Z","last_seen":"2026-02-14T06:34:21.813263Z","times_seen":4,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"pc.easyspyphone.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}