Overview

URLchuckozeas.com/pdf/po_8016992470_copy.7z
IP 74.208.236.79 (United States)
ASN#8560 IONOS SE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 07:25:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert91
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-12-05 08:18:24 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
chuckozeas.com (34) 0 2017-09-23 09:26:18 UTC 2022-11-19 04:58:52 UTC 74.208.236.79 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.218.164.174
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-05 11:11:06 UTC 142.250.74.106

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 chuckozeas.com/pdf/po_8016992470_copy.7z Malware
2022-12-06 2 chuckozeas.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.cs (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/uploads/elementor/css/post-470.css?ver=1659814653 Malware
2022-12-06 2 chuckozeas.com/wp-content/uploads/elementor/css/post-459.css?ver=1668572866 Malware
2022-12-06 2 chuckozeas.com/wp-content/uploads/elementor/css/post-529.css?ver=1659814654 Malware
2022-12-06 2 chuckozeas.com/wp-content/uploads/elementor/css/post-521.css?ver=1659815323 Malware
2022-12-06 2 chuckozeas.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/lib/animations/animation (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquer (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runti (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.j (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints. (...) Malware
2022-12-06 2 chuckozeas.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers (...) Malware
2022-12-06 2 chuckozeas.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Malware
2022-12-06 2 chuckozeas.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?v (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5 (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe (...) Malware
2022-12-06 2 chuckozeas.com/wp-content/uploads/2022/07/COlogo-1.tiff Malware
2022-12-06 2 chuckozeas.com/pdf/po_8016992470_copy.7z Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed
2022-12-05 2 chuckozeas.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 74.208.236.79
Date UQ / IDS / BL URL IP
2023-01-29 11:18:55 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 08:02:39 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 04:54:44 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 01:42:00 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-28 22:31:10 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79


Last 5 reports on ASN: IONOS SE
Date UQ / IDS / BL URL IP
2023-01-29 12:45:24 +0000 0 - 1 - 0 mey-it.com/wp-content/uploads/2022/11/Fernwar (...) 217.160.0.211
2023-01-29 12:27:55 +0000 0 - 2 - 0 www.pstgmbh.com/app/download/9263958/aek50781.exe 217.160.0.251
2023-01-29 11:49:13 +0000 0 - 0 - 3 marquesvogt.com/main/main_hXKtlXjN118.bin 217.160.0.227
2023-01-29 11:49:12 +0000 0 - 0 - 3 marquesvogt.com/back/main_hXKtlXjN118.bin 217.160.0.227
2023-01-29 11:33:36 +0000 0 - 0 - 5 british-shorthair.es/axe/tWL/ 212.227.247.250


Last 5 reports on domain: chuckozeas.com
Date UQ / IDS / BL URL IP
2023-01-29 11:18:55 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 08:02:39 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 04:54:44 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-29 01:42:00 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79
2023-01-28 22:31:10 +0000 0 - 0 - 3 chuckozeas.com/pdf/PO_8016992470_Copy.7z 74.208.236.79


Last 2 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-07 09:48:46 +0000 0 - 0 - 90 chuckozeas.com/pdf/po_8016992470_copy.7z 74.208.236.79
2022-12-05 22:58:20 +0000 0 - 0 - 91 chuckozeas.com/pdf/po_8016992470_copy.7z 74.208.236.79

JavaScript

Executed Scripts (22)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (68)


Request Response
                                        
                                            GET /pdf/po_8016992470_copy.7z HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         74.208.236.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Content-Length: 256
Connection: keep-alive
Keep-Alive: timeout=15
Date: Tue, 06 Dec 2022 07:24:59 GMT
Server: Apache
Location: https://chuckozeas.com/pdf/po_8016992470_copy.7z


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   256
Md5:    41b21f36a7daa647c04db88b488ab0d7
Sha1:   dc184f34bf017b7419c694c812d0568eb4936056
Sha256: 8d9597e1f071989abb99a9ba23f3161cd5e198ec5e1aa3f8585124076a295475

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3631
Expires: Tue, 06 Dec 2022 08:25:31 GMT
Date: Tue, 06 Dec 2022 07:25:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1383
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 07:25:00 GMT
Last-Modified: Tue, 06 Dec 2022 07:01:57 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Tue, 06 Dec 2022 08:27:06 GMT
Date: Tue, 06 Dec 2022 07:25:00 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 07:20:22 GMT
cache-control: public,max-age=3600
age: 278
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WNLYXJD29EsxBcgMGgfS5zlMPSJKhcsuyDfQpe236SAefh87NVN44cUwQziTMQzK+HAC6hpEpcg=
x-amz-request-id: AAPDYBRFPA25DJEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 06:47:00 GMT
age: 2280
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 07:25:00 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 07:11:20 GMT
cache-control: public,max-age=3600
age: 820
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1366
Cache-Control: max-age=93878
Date: Tue, 06 Dec 2022 07:25:00 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:29:38 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iI4T1IsFy8EmmLRE9wMjrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.218.164.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BF0miBkBe27O4MjOQD1iWkFp9Yk=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 6051
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:16:17 GMT
etag: "17a3-5e416b00fe6a5"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6051), with no line terminators
Size:   6051
Md5:    1787ccb3d1d8e93d42790b792e0424fd
Sha1:   0aa761f70bbbfe08229c469bcb394269530c537a
Sha256: bbdb1eb69c6b5cbffaf1be2df2bcbd4a97d2823de9f4b856aae722900a5e27c7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 88932
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "15b64-5e4168e007f83"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   88932
Md5:    b7915926fe42d76e9c802353ab01dae4
Sha1:   3a8192a4312f25f53de25b100d62829c0f14d67c
Sha256: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 15672
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:16:17 GMT
etag: "3d38-5e416b00fe6a5"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15672), with no line terminators
Size:   15672
Md5:    ae085723cb5effbc73d92251f60aaa30
Sha1:   9c3f510afd2bf1ac508cc22e4f071697ec1f3290
Sha256: eee1ce2620eaf7f585a69794864001be0bde74b874d6a18b9f2d11f074229f2b

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 107993
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "1a5d9-5e5832e094718"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   107993
Md5:    4c3923551e9eca7e76a2f0269237ca61
Sha1:   41f6faea2dee3469d09878909b1fb3900872bdb9
Sha256: 5ba9e11db2bb2cd2b62b8502db6465fbc5f6ce1a490705c05692354f52d5a576

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-470.css?ver=1659814653 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 8728
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Sat, 06 Aug 2022 19:37:33 GMT
etag: "2218-5e597b6d2d19a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8728), with no line terminators
Size:   8728
Md5:    c632cc8d01d0578a6221d348886804ad
Sha1:   90c8e252b87bc411746a5308c870cbce2c54edfc
Sha256: eccc6aefa3bc2a168128d0789a6e12d217e79f52e634d21309c484074a6296f6

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-459.css?ver=1668572866 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 9707
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Wed, 16 Nov 2022 21:01:02 GMT
etag: "25eb-5ed9cc52a13fb"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6292)
Size:   9707
Md5:    86cc1511c0af81f7ebedac7d5f521b39
Sha1:   7e07f42eceea907640e0ecfe9b406828ae75a567
Sha256: 9e7c560baad5cdb74117c2da50b25537c2e25c80e56900a676d0c0df65e04697

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-529.css?ver=1659814654 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 1868
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Sat, 06 Aug 2022 19:37:34 GMT
etag: "74c-5e597b6e2b03c"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1868), with no line terminators
Size:   1868
Md5:    7c3409c9f93512e471a1b3a72694220f
Sha1:   0ca84444496e32add2dad2ab47a850bcf9c1bef8
Sha256: 835d019f656210e7009ae6429e1210a0ef121d605a3d831c83bf0581a1e883db

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 11530
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "2d0a-5e5832e8cfef2"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11487)
Size:   11530
Md5:    ba6fe1e75946ffd439cc2bde34db1fe9
Sha1:   a7043e417c12eae23da5f5ec95cabd4071d105d0
Sha256: 911f9eec6a662ae27d2517bc591b76c6922fbf71c3b7df5dc87033f393f9e55f

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-521.css?ver=1659815323 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 2221
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Sat, 06 Aug 2022 19:48:43 GMT
etag: "8ad-5e597debcaec0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221), with no line terminators
Size:   2221
Md5:    f2ad9cbfc3fe888aa8a5b4077ee01ee8
Sha1:   948412341a4fbeb3f0e053f54dfbbc9b2a1f07cf
Sha256: 7d25f50cf5a7d44750f99b4e713d774f1ca3e2da746a08a3bffd309b91a7ca38

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 89521
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Tue, 03 Aug 2021 19:40:34 GMT
etag: "15db1-5c8acdc06303f"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89521
Md5:    02dd5d04add4759122013c5ab4dc5cc2
Sha1:   a45a56e396ac549b4ff39b696ce9e0c16a7612de
Sha256: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 11224
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Tue, 03 Aug 2021 19:40:34 GMT
etag: "2bd8-5c8acdc06209f"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 29401
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "72d9-5e5832e8df8f4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (29357)
Size:   29401
Md5:    01c5855a652598321dea4bfa2ec1e21f
Sha1:   3454f410972cfdc4cb61b12a87cf698994225b74
Sha256: df3e33daacded2af2e85d9d2c323612c366aa621a55354890b6b5352165f06ae

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 18617
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:47 GMT
etag: "48b9-5e4168e0a4398"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   18617
Md5:    32beb68a374e3aeac00abdf9e12b84ea
Sha1:   b5d18aa625e8696dd9d07cd0869337717b211ae0
Sha256: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.8 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 18468
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "4824-5e5832e0dac21"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   18468
Md5:    4601ba55044413706c2022cb6c1c3d05
Sha1:   5103ec2fbb389568ebf5cfe4fd721f3df2ff7aec
Sha256: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3164
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:16:17 GMT
etag: "c5c-5e416b00f5a04"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3164), with no line terminators
Size:   3164
Md5:    e846984437ce810e4757bb0d935e67f0
Sha1:   0cd5ea1fde5aceba86a2ed59e77e35eff4acd2df
Sha256: 7f161501494bc2f199eaf414c3104318a00e2072f272ebce45540eef58cfb08b

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 25202
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "6272-5e5832e91e0fc"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25115)
Size:   25202
Md5:    046405de007ff73e52d17dab2af75258
Sha1:   887cfb8a9de27005875f6e1c1d1ead43bd0865c8
Sha256: 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 5184
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "1440-5e5832e9163fb"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5141)
Size:   5184
Md5:    f8bc14815676c9258a8f9a7e2f3bc01a
Sha1:   948e1e948c36c1cffbc377e7294c26583fd1403c
Sha256: 6f70f923b2ab16028477cab0d08b65bba7902871f49a4f6edda814da01c16449

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chuckozeas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 569633
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4957
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "135d-5e5832e0d3ec0"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   4957
Md5:    530dffbfb4c3efd2c496617d77fb2448
Sha1:   1197e6ba4ac2dace2a8a63c5283ed0b590610152
Sha256: 08c70fae8c5a06e27f90b3b8bac23c07318fe3ead7cebd2a7ac2e56a7a6c00e0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chuckozeas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 348891
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chuckozeas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 413740
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/bellefair/v14/kJExBuYY6AAuhiXUxG1N-Po3.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chuckozeas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 10:45:00 GMT
expires: Thu, 30 Nov 2023 10:45:00 GMT
cache-control: public, max-age=31536000
age: 506402
last-modified: Tue, 19 Apr 2022 18:49:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16536, version 1.0\012- data
Size:   16536
Md5:    65d798e0266b235b37ccaae445a545b7
Sha1:   a52d6c3e1467b284f48b51f672fbbf0c2a76f3a0
Sha256: 8ab33f207ba2d9ff4a6437c0298643dbd2012e7c7eb776f260b303e5b2b1cdd9
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chuckozeas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 474972
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size:   8000
Md5:    72993dddf88a63e8f226656f7de88e57
Sha1:   179f97ec0275f09603a8db94d4380eb584d81cd5
Sha256: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 32609
date: Tue, 06 Dec 2022 07:25:01 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "7f61-5e5832e0d1f80"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32569)
Size:   32609
Md5:    93702100295d778c25763497cca6523f
Sha1:   f03bbd609b28c89875882a1741ea27c6018f2d59
Sha256: dcf3add9ee30897e196931db9947cd4fa29f8b9244b49938f1590ed6fabe4002

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 07:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 6475
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "194b-5e4168e05de8f"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   6475
Md5:    61449413a42d2daaa79dbe7298b40e21
Sha1:   d86c474164c603084397bdc50fb0e469d28b5772
Sha256: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4910
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "132e-5e4168e065b90"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   4910
Md5:    b33ab4d5dcf02436276a717e9d1b7c18
Sha1:   f47b9a9c41b3b11c9dffabca22945727c3ec6566
Sha256: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 12198
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "2fa6-5e5832e0f9085"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   12198
Md5:    3819c3569da71daec283a75483735f7e
Sha1:   ecd40a5cc6f0b76200c454ca880210dc301cfab8
Sha256: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 20715
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "50eb-5e4168e080173"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   20715
Md5:    6aaf0a4e8eac131defea126f5b1b5fbf
Sha1:   24da0326af36303e5a1e9799a3c26f7a1077928c
Sha256: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 24382
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "5f3e-5e5832e905a59"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24339)
Size:   24382
Md5:    ff5bbf00d7b5473a5fd1c1e31dfbd84e
Sha1:   a6cbd8a5c28fa9bcae91e226703eb9772975a083
Sha256: c1f2c9125f50003e6bb8b4f64a762f326ecd3f7900211b8f8d62fe9471dace97

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 19142
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "4ac6-5e4168e05de8f"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   19142
Md5:    57459b58fd7665a5e20b2345463df9c9
Sha1:   71c3b177ad1412d5e0b56d99f18bc345148df88b
Sha256: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 10222
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Mon, 18 Jul 2022 16:06:46 GMT
etag: "27ee-5e4168e066b30"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10222
Md5:    f270dd1f483179fdcfb29ce5f91aea13
Sha1:   166661187a97f0b6b685ec4dbdff871e9824168f
Sha256: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 07:25:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 07:25:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 07:25:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 07:25:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3550
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 07:25:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:21 GMT
age: 34601
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8749
Md5:    dcb8fe0c4ba323ab2483fa290c291051
Sha1:   6706e02d6b95edc3a33c951f07d04b0fb7415b77
Sha256: 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6nXJg548cHz0REe43NepPeMmnFBAiWO_Fwy2PCKbco4XhNZnBs0Jhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
age: 34690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8997
Md5:    9fda84db003d0cfc70d73dcb6a3763dd
Sha1:   5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
Sha256: f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 32561
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15732
Md5:    b5e953213b7b13b8ee202406147fac52
Sha1:   67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
Sha256: cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
age: 34690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4905
Md5:    17c7b7e3a4e6f3ad9ccf7f42c400749c
Sha1:   76432db96e8280e24da56670fba8f8f80a95ab31
Sha256: f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 32513
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8978
x-amzn-requestid: eb1d3e42-f07c-4b92-983e-a40e2e2eda31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWdTE5goAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6abb-734e39b84aeb2370277122f0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtVWLjbbjO2z-TlZqURPHGqbMJOSNd0yEFuYUnE3FGVmypSDqxaXwg==
via: 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:17:59 GMT
age: 423
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8978
Md5:    dd0fdca9dfb3e18fcbb5c89e12922da7
Sha1:   d8acf7053a01df2c503c734d52070ff4802d5a01
Sha256: 61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 21417
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "53a9-5e5832e9069f9"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21374)
Size:   21417
Md5:    67c1d82ac2cfd1677a10d157824ccf21
Sha1:   1552a6d961bd0854ebd6b1a4603cab6bbe511bc7
Sha256: 6cc88f6ecc4a347b5cede85aca7e298a306aad67dfd4d80a59e66d254f513ba8

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 40477
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "9e1d-5e5832e0d1f80"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40438)
Size:   40477
Md5:    ab2ed7a7a595bde264a98935f0f50c7e
Sha1:   9cb6ee07b4f060ca17df0700fe98ad73df60af09
Sha256: 37209a2b751204dc01191986b6ef47f27463285de8a341729c514d70a19a90fe

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3305
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:48 GMT
etag: "ce9-5e5832e90893a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3262)
Size:   3305
Md5:    e811ff2b37b77bfc5e786b40674f1634
Sha1:   16585cfa82e28500c7fb1a697c5b8e926fbcfbbe
Sha256: 8911e6a3ff3d3a56c8a3db257ecbe82ab3e4122ab639b5636ed30ab3441650b1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1359
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Fri, 05 Aug 2022 19:07:39 GMT
etag: "54f-5e5832e0d2f20"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1320)
Size:   1359
Md5:    083ce337e105ea4d7912d4971b806d16
Sha1:   122eb6a00622b1a47d718398144556d42ceb4dc7
Sha256: 614e57d8baf22e4620facc881d1ce45b2f001481387ef37febbbaa4a4125980c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://chuckozeas.com/wp-includes/images/w-logo-blue-white-bg.png
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
link: <https://chuckozeas.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   4119
Md5:    000bf649cc8f6bf27cfb04d1bcdcd3c7
Sha1:   d73d2f6d74ec6cdcbae07955592962e77d8ae814
Sha256: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/07/COlogo-1.tiff HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/pdf/po_8016992470_copy.7z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         74.208.236.79
HTTP/2 200 OK
content-type: image/tiff
                                        
content-length: 1509736
date: Tue, 06 Dec 2022 07:25:02 GMT
server: Apache
last-modified: Sat, 06 Aug 2022 02:28:51 GMT
etag: "170968-5e58957de001c"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /pdf/po_8016992470_copy.7z HTTP/1.1 
Host: chuckozeas.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         74.208.236.79
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 06 Dec 2022 07:25:00 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://chuckozeas.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /css?family=Lato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPrompt%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBellefair%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chuckozeas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 07:25:01 GMT
date: Tue, 06 Dec 2022 07:25:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---