ocsp.usertrust.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash 4fd30f3d7a520a47990f8132ef0d310f
fa41ef2aa7f046f816b9174c3e69ed5101f70c79
93df0aa3b6cdf79cd8a5498d74222f8c9e11cc91585887843bb5350dd441504b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 May 2023 10:34:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 17:52:50 GMT
Expires: Sat, 27 May 2023 17:52:49 GMT
Etag: "fa41ef2aa7f046f816b9174c3e69ed5101f70c79"
Cache-Control: max-age=371287,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cbca5d67a9fb52d-OSL
acuwell.com.au/support/Alldomain2023/index.php?x=x&a=tenco-mtl@slurpmail.net
27.54.88.193 0 B URL acuwell.com.au/support/Alldomain2023/index.php?x=x&a=tenco-mtl@slurpmail.net
IP 27.54.88.193:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /support/Alldomain2023/index.php?x=x&a=tenco-mtl@slurpmail.net HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 23 May 2023 10:34:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77; path=/
location: gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.#n=12528&c=&99642&fid=1&fav=1
X-Firefox-Spdy: h2
acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
27.54.88.193 548 B URL acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
IP 27.54.88.193:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash df31f30924ecb124073b3259d4fb8787
805366db194a62e75d01b0403956553f85362542
c026d53f977e5eb8e148d87d8bf5f8579f8cf1ae01540afcfc3b9f31dc8deb91
GET /support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&. HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 10:34:42 GMT
content-type: text/html; charset=UTF-8
content-length: 548
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acuwell.com.au/support/Alldomain2023/ico/bg/default.jpg
27.54.88.193 1.2 MB URL acuwell.com.au/support/Alldomain2023/ico/bg/default.jpg
IP 27.54.88.193:0
ASN #38719 Dreamscape Networks Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 1.2 MB (1151108 bytes)
Hash 5efc2b3dfffbd019548e9aede04ec1fe
5cacecc6d3765a9ca66ba8ab0fe40313c1bf9b3a
a6baa596c961ffab09d260ba7d7c743114ff7016e13e853b9b0f25bceac17255
GET /support/Alldomain2023/ico/bg/default.jpg HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 10:34:43 GMT
content-type: image/jpeg
content-length: 1151108
last-modified: Mon, 20 Aug 2018 21:42:38 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
27.54.88.193200 OK 1.5 kB URL GET HTTP/2 acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
IP 27.54.88.193:443
ASN #38719 Dreamscape Networks Limited
Requested by https://acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.#n=12528&c=&99642&fid=1&fav=1
Certificate IssuerThe USERTRUST Network
Subjectacuwell.com.au
FingerprintF2:87:2F:ED:B0:99:D2:93:F3:8F:96:7D:83:6B:72:F6:8D:8D:8E:9F
ValidityMon, 13 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 97c57cfbd34170b575dd0c8da5b2063c
14eeecdda1f0a167c8a4093b2f40102f5affc94c
fd6259532f9b9d656164c83494379f709db34c52df04cdb6c283631de64f711e
GET /support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c= HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 10:34:43 GMT
content-type: text/html; charset=UTF-8
content-length: 1478
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acuwell.com.au/support/Alldomain2023/ico/js.js
27.54.88.193 1.9 kB URL acuwell.com.au/support/Alldomain2023/ico/js.js
IP 27.54.88.193:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with CRLF line terminators
Hash a8fec9a1b58f7ae58c1b2e235312d60d
d4f8b0190fe69f29b685e1abcbc0ec65f6590de2
1bcbd711541fce74fc4c58fce450956c507db9e1e9d83af8f13ed448e114f9a0
GET /support/Alldomain2023/ico/js.js HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 10:34:51 GMT
content-type: application/javascript
content-length: 1860
last-modified: Fri, 17 Aug 2018 21:46:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
27.54.88.193200 OK 935 B URL User Request GET HTTP/2 acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.
IP 27.54.88.193:443
ASN #38719 Dreamscape Networks Limited
Certificate IssuerThe USERTRUST Network
Subjectacuwell.com.au
FingerprintF2:87:2F:ED:B0:99:D2:93:F3:8F:96:7D:83:6B:72:F6:8D:8D:8E:9F
ValidityMon, 13 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1062), with no line terminators
Hash e2d60c0f1acd0bd1e2ccb6d687b20bd2
a18feb3b69b2aa3b76e4d8228220199e968fab25
e0f599de407f9eab9e8e33f27555bd97bb2fd3ccfd6da8fcc201f19270df3596
GET /support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&. HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 May 2023 10:34:42 GMT
content-type: text/html; charset=UTF-8
content-length: 548
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
slurpmail.net/favicon.ico
0.0.0.0 0 B URL GET slurpmail.net/favicon.ico
IP 0.0.0.0:0
Requested by https://acuwell.com.au/support/Alldomain2023/gysqfl6l377ovzrfc72va4hxzt.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&.verify?service=nfpb=true&_pageLabel=smep_portal_page_login&timedOut=true&_nfls&c=&i=0&false=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&loginID=&.#n=12528&c=&99642&fid=1&fav=1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: slurpmail.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
acuwell.com.au/support/Alldomain2023/css/style.css
0.0.0.0 0 B URL GET acuwell.com.au/support/Alldomain2023/css/style.css
IP 0.0.0.0:0
Requested by https://acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /support/Alldomain2023/css/style.css HTTP/1.1
Host: acuwell.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
Cookie: PHPSESSID=eea01cd0e2da48917a11d0a3fdc7bd77
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
slurpmail.net/favicon.ico
0.0.0.0 0 B URL GET slurpmail.net/favicon.ico
IP 0.0.0.0:0
Requested by https://acuwell.com.au/support/Alldomain2023/ova.php?a=dGVuY28tbXRsQHNsdXJwbWFpbC5uZXQ=&i=0&c=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: slurpmail.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache