Report - www.coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

Report Overview

Visited public
2023-12-01 18:41:42
Tags
URL
www.coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Finishing URL
coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
IP / ASN
162.159.134.42
#13335 CLOUDFLARENET
Title
404 Not Found | Coronado Chamber of Commerce

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
a.mailmunch.co	13220	2014-05-10	2016-05-18 13:12:47	2023-11-30 18:31:02	1.8 kB	64 kB	143.204.55.29
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	437 B	86 kB	142.250.74.168
www.coronadochamber.com	unknown	unknown	No data	No data	538 B	2.2 kB	162.159.134.42
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	1.8 kB	64 kB	142.250.74.100
coronadochamber.com	unknown	unknown	No data	No data	18 kB	715 kB	162.159.134.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	7.3 kB	364 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	942 B	53 kB	142.250.74.74
cf.mailmunch.com	138090	2011-10-28	2020-11-20 08:00:37	2023-11-20 19:15:01	462 B	3.7 kB	143.204.55.42
analytics.mailmunch.co	23183	2014-05-10	2016-06-03 07:44:25	2023-11-29 15:42:16	583 B	836 B	3.220.57.224
tag.perfectaudience.com	18353	2011-12-24	2012-10-11 19:08:50	2023-11-30 15:23:01	367 B	13 kB	151.101.194.217
koi-3qntbslp96.marketingautomation.services	unknown	unknown	No data	No data	1.1 kB	10 kB	107.178.240.224
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-01 08:07:42	446 B	34 kB	142.250.74.74
forms.mailmunch.co	13451	2014-05-10	2015-02-25 06:11:26	2023-11-30 10:23:02	376 B	1.1 kB	54.157.58.70
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-01 06:50:24	2.5 kB	603 kB	142.250.74.131
pixel-geo.prfct.co	15774	2013-05-06	2015-03-12 01:26:44	2023-11-30 15:23:02	812 B	767 B	34.250.12.61

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-01 18:41:26	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:26	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:26	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:26	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:26	medium	Client IP	162.159.134.42	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M2
2023-12-01 18:41:27	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:27	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:27	medium	Client IP	162.159.134.42	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M2
2023-12-01 18:41:28	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:29	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:30	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	162.159.134.42	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:31	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:32	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:33	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:36	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2
2023-12-01 18:41:37	medium	Client IP	3.220.57.224	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2
2023-12-01 18:41:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M2

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	From	Size	First Seen	Last Seen
	coronadochamber.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.22.2	ScriptElement	274 kB	2023-09-21	2025-05-09
Pretty URL coronadochamber.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.22.2 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 10:50 Last Seen2025-05-09 11:39 Times Seen245 Hash 2fc417c1e986d6295b90e1dbc23491cb 158771df38a3c373adc43fa9ff1a31b8999c665d 9d11051974ce27674b687dbb3fec1c919eee2f0a59366cce8294d9582a557bad Loading...

	coronadochamber.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.22.2	ScriptElement	2.5 kB	2023-03-07	2024-12-27
Pretty URL coronadochamber.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.22.2 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35 Last Seen2024-12-27 18:57 Times Seen190 Hash 3862fc9aff14ef77451f3e31cf9c0b82 9d2e257075f1ee65665b3e23994f23dca9042b27 cceb44ae76f84a02f9598cf9c339945ff502fa5e56269c86062d760c184069cb Loading...

	coronadochamber.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.26	ScriptElement	9.6 kB	2023-03-07	2025-04-22
Pretty URL coronadochamber.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.26 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57 Last Seen2025-04-22 08:25 Times Seen86 Hash ff9e4fa6d687cfa9e1bb37c30a53f017 a062e6b29fba852f35b31ddf6dd812d41435b615 5e7d497103edded53a71ceeba4bd814fb4cbbfdf9aaae65d29ebc1874cd4fa0b Loading...

	a.mailmunch.co/app/v1/popover.js	ScriptElement	9.0 kB	2023-03-08	2025-04-26
Pretty URL a.mailmunch.co/app/v1/popover.js IP 143.204.55.29 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:40 Last Seen2025-04-26 21:17 Times Seen950 Hash 488fc911395464db3d095307f57af46f 5f1072a7848089c4ac3fc8905743ef4f99b305d3 81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b Loading...

	unknown	ScriptElement	1.4 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 97a866719d9704e3507f8588dde268bc 6e2e0fbcd35ff82c63d4520489437985577233f1 e0a51a7ddd57e67ee911f6913e9efbce08fb73d31c8c28c073476a75f01f6cfb Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	47 B	2023-03-07	2025-05-09
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:39 Times Seen6876 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	2.7 kB	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash caed0f1e3f8fa5357c4dad5dc8f72ab3 21b98586891bcbf676f5ea60910ec165668dccee d0115110d548ceac4b2e9c899eb789d763f1f02ac8a7a73684c33719c24aaf44 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	739 B	2023-03-07	2025-05-09
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-09 11:39 Times Seen4620 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	206 B	2023-11-07	2025-05-08
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-07 23:57 Last Seen2025-05-08 06:44 Times Seen3589 Hash c41deaf84d1c74db489ee38837b25689 f4d1c111722f85c8a9f0faa06a7b2ac2a913fa17 ae799f59cd8fbe0017c3c8f659373021b7cf53d9f87b9e16ce738a4d9138cff9 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7	ScriptElement	69 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7 IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:42 Times Seen116168 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	100 B	2023-03-07	2025-05-08
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-08 04:21 Times Seen247 Hash 96d65da8360318832a9c5fd82d188a63 12149e4e64bbf3aabefccf4af8b0d2f5eb3db258 0bf1047a1cb9295531edb0799b2c6ca985f1c1471455f41358b8102f3138efab Loading...

	coronadochamber.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-09
Pretty URL coronadochamber.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-09 12:32 Times Seen105659 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	149 B	2023-03-07	2025-04-03
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-04-03 16:26 Times Seen55 Hash 337bf6a5dc5425e98a687f8f73806853 7a66ae314ec5e57674e515c8e41bfe2dcfdb4834 8153c1f09b030517cd3dbece9fb4d1a9b464b548be2b73614f798aa9f1961258 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	627 B	2023-03-08	2025-04-28
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:09 Last Seen2025-04-28 20:26 Times Seen43 Hash 918d35a064f43a211a74410cb8e97f6e df5f90ffb64f45b61dbf58236b721755e54e22b9 511d7adae3d83f5c7ee9d32320ff936dfc174992605c65d7b31937ab493d7256 Loading...

	coronadochamber.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.26	ScriptElement	138 kB	2023-03-07	2025-04-25
Pretty URL coronadochamber.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.26 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-04-25 14:10 Times Seen337 Hash 1e4e23b6992b571d42fc629fe71e66eb 1f98a44accf14f93b6ff84733c45b68d01debe17 0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58 Loading...

	www.google.com/recaptcha/api.js?render=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&hl=en-US	ScriptElement	884 B	2023-12-01	2023-12-01
Pretty URL www.google.com/recaptcha/api.js?render=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&hl=en-US IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:41 Last Seen2023-12-01 19:41 Times Seen1 Hash 82eb96e3473c6a6be4e2b4c4752297a0 f25f407b4105e97e667f56b3b741313168a31e52 b7be7f3fe83e03f9af0cb356a59191cd31e67a6dedae70c56dfa00a64fbcb950 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7	ScriptElement	52 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7 IP 142.250.74.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 026936954e556dfc8a6080a55996c13e 792ada2faa12ae0beb35f42ab4bffc6d7fa4a1d3 7726acf7e96cecf3daf48ffa17f6be9d136e2410cb787a7afe069cf2035f9731 Loading...

	pixel-geo.prfct.co/tagjs?a_id=168561&source=js_tag	ScriptElement	59 B	2023-03-07	2023-12-01
Pretty URL pixel-geo.prfct.co/tagjs?a_id=168561&source=js_tag IP 34.250.12.61 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40 Last Seen2023-12-01 19:41 Times Seen1 Hash 7597aa13621b16fa6af79e4a48a9b1e0 aca68c21c49bc81b1be20854301bea92be3da5a8 c1a5691de9a2df57911e1c7a921d17afe3a488f2f56935d55e04b22798820faf Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	390 B	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash cbb6cba2037a1ce2ede8fc7f3659795f 1085a04290a37201458ebbaedf20b46bc3fe9ccd dd212812a191cd0449476424bac6dee270bab6b35c393f9b4853a1f9fb556238 Loading...

	coronadochamber.com/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.1	ScriptElement	61 B	2023-05-14	2025-05-08
Pretty URL coronadochamber.com/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.1 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-14 06:54 Last Seen2025-05-08 04:21 Times Seen50 Hash fca4281373d5586e48db6f95cb1bbe8b a644e2befb356c4abf768e79a3572069a37c1f4e f597f9a25eeb007fa0f3669aace416273eb81be809d75cb9ce91eff1f48a9c12 Loading...

	coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5	ScriptElement	10 kB	2023-03-07	2025-05-07
Pretty URL coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-07 12:30 Times Seen506 Hash 1c813274b81cd25da4f5515fb9a020f4 a40f92f1073ed669da51cff3828cf2cf302fcbcc b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	153 B	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash d320792dd88a0faca3c331ab5d6b8243 877c0e8831106f5c0a16cbc10227d1960bdfc3aa e4252a35407c3388d2b5ad6763b502643f3d24d6034696eb80227a407f8d51c5 Loading...

	www.googletagmanager.com/gtag/js?id=G-MZW0N2P1CP	ScriptElement	246 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-MZW0N2P1CP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:41 Last Seen2023-12-01 19:41 Times Seen1 Hash 8069cbe986a3b8a670f466bae6fb5afb 1cf3c9f39b9c86aff3218f45ed33faa590930fc3 60232297a159e689d70e5440aa3bcdf01e0553780c10c67801acc7d3b512155c Loading...

	koi-3qntbslp96.marketingautomation.services/client/ss.js?ver=2.4.0	ScriptElement	12 kB	2023-03-09	2024-08-21
Pretty URL koi-3qntbslp96.marketingautomation.services/client/ss.js?ver=2.4.0 IP 107.178.240.224 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:54 Last Seen2024-08-21 09:35 Times Seen108 Hash 0487ebe14570243b2b4631d23894e8b8 e17c25cbd2c41a35e4bb6c6e12e92a6782cb74db 0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3 Loading...

	unknown	ScriptElement	17 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash f366b2175f17fb5b70c8e170f6bee425 1c0cc2a08effdeeb8e137e83a5d2e2d6bf14d97c 53001803393acc5b31b7ccda828fa82d6a7537cd7bd9fce8f0d49131ac0ac2aa Loading...

	tag.perfectaudience.com/serve/612cf0098f7d90fe9c00048f.js	ScriptElement	12 kB	2023-12-01	2023-12-01
Pretty URL tag.perfectaudience.com/serve/612cf0098f7d90fe9c00048f.js IP 151.101.194.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:41 Last Seen2023-12-01 19:41 Times Seen1 Hash 9469d11726d8fac3f401a5f14d97513c bb9fa26ce22211c897e722d0390a6a323c021b48 fb2c093bfdc0c19f2171bde835e6d474eb881a268b2a5f8baf660765ecca2b7a Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	272 B	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 8b172800360cc4975a650847c58535d0 a6047d77e81a53e0cd1f26e332c51a8dd68ec0b0 5f8473b1f6eced2f5d2af066caa7300999d012f7aaf9f938d50215ee95eb0aaf Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	883 B	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 7af31c91bb27e0a3e0ff683ec8c00a03 d701ce76bfa78a12c6130829a1e8e397d1f045db 31c17316395566783fc3818f733a9c55919d03d759219f36c812979885215841 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	1.6 kB	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash a16ac882563b1eb77c49e7640d929932 d49e7568a8703c5aa871974012d18a3413300c7a efe392416ef51281b9226044b72d3061debd06507eb4e6b159f851cfd6fd6ff4 Loading...

	coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5	ScriptElement	66 kB	2023-04-07	2025-04-11
Pretty URL coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 09:06 Last Seen2025-04-11 12:13 Times Seen384 Hash b8adccf4a3b0c0165e62ea6c5ef3d0f3 20baace2981f1efa3181440f638c5502f7cc11bb b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650 Loading...

	a.mailmunch.co/app/v1/site.js	ScriptElement	26 kB	2023-03-07	2025-04-03
Pretty URL a.mailmunch.co/app/v1/site.js IP 143.204.55.29 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:36 Last Seen2025-04-03 00:32 Times Seen2046 Hash 433929c53828317eb14efdd800f5d81d 768d300703653fbb597486138f897aa4756a5a30 159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64 Loading...

	koi-3qntbslp96.marketingautomation.services/koi?rf=&hn=coronadochamber.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1701456091316&ac=KOI-4KC3XFZ3NS&ts=1701456091&pt=0&pl=0&loc=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&tp=page&ti=404%20Not%20Found%20%7C%20Coronado%20Chamber%20of%20Commerce	ScriptElement	148 B	2024-08-20	2024-08-20
Pretty URL koi-3qntbslp96.marketingautomation.services/koi?rf=&hn=coronadochamber.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1701456091316&ac=KOI-4KC3XFZ3NS&ts=1701456091&pt=0&pl=0&loc=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&tp=page&ti=404%20Not%20Found%20%7C%20Coronado%20Chamber%20of%20Commerce IP 107.178.240.224 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash a83b5f18ed4493b254087a7bbb1f022d 6320e4112cb65f0099ebfc21572a2554add25244 7d55784738ef051c18642a987a42ee82ee877938784d34deaeb855716ad6c32f Loading...

	unknown	ScriptElement	14 kB	2023-05-15	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 18:12 Last Seen2024-08-21 07:18 Times Seen4 Hash fe2f30151ecfed965c16af61396c4849 98867ce8a0b60fa3aea369e087a84b315e0146a8 52b0fc6a18bddf3a5029de7374ff70ef82c1d10cba87b56f84992cbd92b5efe6 Loading...

	coronadochamber.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-09
Pretty URL coronadochamber.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-09 12:32 Times Seen91885 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	coronadochamber.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.22.2	ScriptElement	898 B	2023-03-07	2024-10-28
Pretty URL coronadochamber.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.22.2 IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:09 Last Seen2024-10-28 19:46 Times Seen200 Hash 90bcd9dedce3bd4915347ea171fc3f36 84eed7633c0016b8531eaa785b027b8af1c3412c ea2c37aeb41baeaee24ac9757db4d1949d77f493212d9c9ecf52ebd4fdfb7850 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	8.2 kB	2024-08-20	2024-08-20
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 070bfa8ecffb66317dfa5b9a339547e3 7adfe97361a733ca0eb66d7d2dbc790c310a33e5 3cabb9f1737db39715c19a9a55b25bf0f542d067dc7e313392d61c89b002b738 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:02 Times Seen8451 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual IP 162.159.134.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 12:43 Times Seen4635932 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	110 kB	2023-05-15	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 18:12 Last Seen2024-08-21 07:18 Times Seen4 Hash 5cabe9ed8dd601769ced1671f857f081 7f5c324d08ce4a09684785d224883e122e00387a f4467c5d2b4cf6b23c3809c08d5fa84fc287843f28a64f69d0955587ba1a76d0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 86fb57c70ef7d70326609c71cd43927c	17 kB	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2433 Hash 86fb57c70ef7d70326609c71cd43927c aec6755b7f02d203affa5a6d3c9f2f8cc02e771a cebccfc98253a8fd5ee42a5467a15577f96302c6218f13ef74e5feeda9131e20 Loading...

	#2 Eval - 449c29ed97e48a517a49d8b169721a8b	17 kB	2024-08-20 17:09	2024-08-20 17:09
Pretty Observations First Seen2024-08-20 17:09 Last Seen2024-08-20 17:09 Times Seen1 Hash 449c29ed97e48a517a49d8b169721a8b a6762f41eaa3b95d8658885e44af23d41fa9c78c 4441616db40101a96b00441aa1745b565df039b25b0663ecfbc384bdf5a2cb46 Loading...

	#3 Eval - 628db24acc009d86f2438167bb5313dc	64 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2436 Hash 628db24acc009d86f2438167bb5313dc 8fbaee6a7b0d206711008ff0fbe43f120c5e109a a507aca4961371f71975d2a64e3897947cd0f0e86beefeb863e486192d0c7b62 Loading...

	#4 Eval - b8ef0c626a3799d61c2f5dfb72c83026	22 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2429 Hash b8ef0c626a3799d61c2f5dfb72c83026 998bdbd8494bcca0c83c7908943f57fe73d997c7 abf66c99bd5fc27402a011915567ef30148f986e622d8cf7d1e7151353ddc8de Loading...

	#5 Eval - a6e63655cf53028fde49ad2dea63ba8c	22 B	2023-11-18 09:03	2024-08-20 18:57
Pretty Observations First Seen2023-11-18 09:03 Last Seen2024-08-20 18:57 Times Seen2434 Hash a6e63655cf53028fde49ad2dea63ba8c 15f5f5baa58633fca42ff77e3a1c4a4970263ce4 5ff8f2431dc587e0315fb8ee39864fce7b5302f97fa95dcea284f181051e1b0b Loading...

		Size	First Seen	Last Seen
	#1 Write - c17d29c06287e4096b041be4cdd5c581	146 kB	2023-12-01 19:41	2023-12-01 19:41
Pretty Observations First Seen2023-12-01 19:41 Last Seen2023-12-01 19:41 Times Seen1 Hash c17d29c06287e4096b041be4cdd5c581 ddf916dc4512055ec0f0278db8e04ddf34cf29fb 758196d70266ee46a37e81fed329d2aab2ebfe53dce17bec9633264ce7190f8f Loading...

HTTP Transactions (74)

URL IP Response Size

coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

162.159.134.42

404 Not Found

48 kB

URL User Request GET HTTP/1.1
coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26345), with CRLF, LF line terminators
Size
48 kB (48380 bytes)
Hash
eb3df0aba15fd8bde809e32d20ca356a
860c718b908fbec07937f978338e530a588a7a35
21ee95037424dfd332905030ba4501409ea089cf10bffa6364d20ed7d4b955d6

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /holiday-parade.html%22,%22EventName%22:%22Annual HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 01 Dec 2023 18:41:23 GMT
content-type: text/html; charset=UTF-8
cf-ray: 82ed76c60f8556bf-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://coronadochamber.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ji3%2BP5RTgP8lFPCDhHj4wNd8hT8j3utXh%2BmY%2BfgS3cxlXmBmNvqjZ1FSNY3xLulK3Yo5emhnyzoifK1Etco%2FyzagBMuQPTOBez0pn8Z6rynN2SGONY5SdX0rRu2FhLOTw9Ei0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.mailmunch.co/app/v1/site.js

143.204.55.29

200 OK

8.4 kB

URL GET HTTP/1.1
a.mailmunch.co/app/v1/site.js
IP
143.204.55.29:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (26047), with no line terminators
Size
8.4 kB (8416 bytes)
Hash
433929c53828317eb14efdd800f5d81d
768d300703653fbb597486138f897aa4756a5a30
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

HTTP Headers

GET /app/v1/site.js HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 8416
Connection: keep-alive
Date: Fri, 01 Dec 2023 06:30:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Wed, 29 Nov 2023 07:36:02 GMT
ETag: "05de4f160ece1e48ba3130c394b6a111"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=172800
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kvcrJqtNhNlzki_e4HVQTjRpCGfC-GhxGHU37NofZ8eYyidIu9nrjw==
Age: 43862

www.googletagmanager.com/gtag/js?id=G-MZW0N2P1CP

142.250.74.168

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-MZW0N2P1CP
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85483 bytes)
Hash
8069cbe986a3b8a670f466bae6fb5afb
1cf3c9f39b9c86aff3218f45ed33faa590930fc3
60232297a159e689d70e5440aa3bcdf01e0553780c10c67801acc7d3b512155c

HTTP Headers

GET /gtag/js?id=G-MZW0N2P1CP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 18:41:25 GMT
expires: Fri, 01 Dec 2023 18:41:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85483
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/uploads/2022/01/Round-Logo_transparent.png

162.159.134.42

200 OK

45 kB

URL GET HTTP/2
coronadochamber.com/wp-content/uploads/2022/01/Round-Logo_transparent.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 796 x 796, 8-bit colormap, non-interlaced\012- data
Size
45 kB (44834 bytes)
Hash
db52116f13615fd9fb14a905b7015a9b
597ac55ec93f4f6632529a2bc346eff3c4bcd7bf
d77c47e2e8e6e6f7e2f6fdad2e381c0f4f0ce90a8c547fb824cdef1fc73d11c9

HTTP Headers

GET /wp-content/uploads/2022/01/Round-Logo_transparent.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 01 Dec 2023 18:41:25 GMT
content-type: image/png
content-length: 44834
cf-ray: 82ed76d4df6856cb-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "61e1ad15-af22"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 14 Jan 2022 17:04:21 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,2119e21df1e41206b4d0ded848d0d7ad9e9a40f87f2c5864582699046009c9a9
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,2119e21df1e41206b4d0ded848d0d7ad9e9a40f87f2c5864582699046009c9a9
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7%2BVg2tddYR8evQ5shlVKTgWWCcexPV7Sr4pWnieeE7NXAwlc56EC9hfO%2B83TVBJTdqGdHyaCMsnBfreraugPGbM99TsB9Hi9itXMWVZzEIwwUTnftbM3HYjjAfyrNqPmv66Yw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.26

162.159.134.42

200 OK

487 B

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.26
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (1042), with no line terminators
Size
487 B (487 bytes)
Hash
e38fe315f4b525e15c61ca5e9dcb839e
b09febab8d5cca18a61be26176f91dd9d7f26c10
c629444a1fd6f94e1e747dce6fc67382e33b134e93a876b699cf2937dcaaccc8

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.26 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d44ec85687-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"63c85b7a-676"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 18 Jan 2023 20:50:02 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ce4173b1faeee937f52419d31247c066c924a18bcf6a0edab86eec1c561b8a64
Cf-Bgj: minify
Cf-Polished: origSize=1654
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ce4173b1faeee937f52419d31247c066c924a18bcf6a0edab86eec1c561b8a64
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfIQ3AmZe6T7xeSVTUnjDdl6iAAAoxOG6jILrxlwPq46leGqc%2B%2FTeBZ9PQ6hDItN3bQFAaP8oXEtGzYk%2FnFT%2BXNG86eg9QaFxIi66HoByRkZK4OM2y%2B2ETkTh5GwYVSqh0Gy%2BEo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

162.159.134.42

200 OK

15 kB

URL GET HTTP/1.1
coronadochamber.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (57084)
Size
15 kB (14909 bytes)
Hash
99ab466e0866c823ae5db517d59cebd1
5595a586cbd42b31377681b9d35293278d75d336
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d44d17b509-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"654aed86-1add3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 08 Nov 2023 02:08:06 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,683d501374bef8a0907d64e88cb06e98b8261d0a2362b7d4042d29097995761e
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,683d501374bef8a0907d64e88cb06e98b8261d0a2362b7d4042d29097995761e
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOQVlxgJDMBRS%2FdaQXtuM9fqS0tHCQIXXE0wr5e4L1eqN91EadvPwZq%2F4wVBqAxEcnUWI0mmvUDmfWHIJy7T%2BXlkhAfGaywrZMNEEW%2F2JDBDcnuGVzYGrVm5rmZEfTT5BWvtRic%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/useanyfont/uaf.css?ver=1696513018

162.159.134.42

200 OK

175 B

URL GET HTTP/1.1
coronadochamber.com/wp-content/uploads/useanyfont/uaf.css?ver=1696513018
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with no line terminators
Size
175 B (175 bytes)
Hash
eda3fc34358410d612b54b168f47eed0
36f5ae17315d5bbf0a889af95926da6fd668696b
bc3db2cadf99f39ff55add5c47556f756bd6b96a5f3142f6a31ba16e4e884611

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/uploads/useanyfont/uaf.css?ver=1696513018 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d44dbd5688-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"651ebbfa-164"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 05 Oct 2023 13:36:58 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5b333dffc596bc0dde8d53948b813885ea17dcb2d9e9ef5401f06c5c11567a22
Cf-Bgj: minify
Cf-Polished: origSize=356
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5b333dffc596bc0dde8d53948b813885ea17dcb2d9e9ef5401f06c5c11567a22
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K64u%2BBvNX9MVMR2JSrZO3bSEIzy%2BWd2iZrXNGGhw8pHBVVSI0bITCBauzqn%2FPSp9Flt1zUbNoDsDbKSf6bSzbHm8wz7dY3DE4ltL4qu6i9JNC0wjzrMqCViwFTxFpHrfRz4Effg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.26

162.159.134.42

200 OK

3.1 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.26
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (19513), with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
61f38c0476f40331b3b05798fa1ee59e
1636ae4fe852929404e0a591f3d3e8b3294012f2
14641486871fc6955f0fa3938125c4562e808719e2d40f6632bcd438f6b02760

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.26 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d44bef56af-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"63c85b7a-4d49"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 18 Jan 2023 20:50:02 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,81273c4ce01e702a7d86c6a2faa3d7061b16aea70c30f765c450153ca5ade2ff
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,81273c4ce01e702a7d86c6a2faa3d7061b16aea70c30f765c450153ca5ade2ff
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9rJJO0XvICVbMV%2FQWNMG6J8W1l%2B0efXqEh7Tun7QlVF2PSZapLynRB2%2F15QqocX8n24rUa5tyVtD9ZPQjv%2FkEEh%2Frf27fBiYq6Dc3LZLG%2FH%2BCBmv%2BKRDqcuqO5s%2FuUWNx35XcI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5

162.159.134.42

200 OK

1.6 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (7327), with no line terminators
Size
1.6 kB (1649 bytes)
Hash
111bf2aff3acf49aa5d0ebea88302366
2eccd7ed4d5a72970fbe26a630e45303839ebf2c
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d44b0e5694-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"62059260-1c9f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 10 Feb 2022 22:32:00 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,671c4faa24ad0cdb772f51d70bafd3e1d842b65aa495121f010ceda0d202e038
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,671c4faa24ad0cdb772f51d70bafd3e1d842b65aa495121f010ceda0d202e038
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma2LYwj14qBXF5NLNQqswOPnI9hYtfCWqbOdA96VUnkrcn0cFHGO92PS3rMWV%2BoMTSPe3V%2FVQKuJtpP9SNGNva4Opni921S0V8IpZ4sq%2Fp%2BBChlWx1mk1O4%2Bvq3K6g4rdoA%2BFqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css?ver=1701101798

162.159.134.42

200 OK

4.9 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css?ver=1701101798
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (33793), with no line terminators
Size
4.9 kB (4850 bytes)
Hash
67ae24ce1c092f4e42de1bfd96372aa0
8c2731200814d45d4ae72d0fcded73f0b4738b24
51b5704237c8024857417ab4f15ae3437bcb8124cbcd8c18e7906eec1ad753fa

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css?ver=1701101798 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d45c19568f-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"6564c0e7-8420"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Mon, 27 Nov 2023 16:16:39 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4e4ad3b5b80d2bc86fd63fb5bd37c956674c7eb2e083a1739d2803bfc6ba8d7c
Cf-Bgj: minify
Cf-Polished: origSize=33824
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4e4ad3b5b80d2bc86fd63fb5bd37c956674c7eb2e083a1739d2803bfc6ba8d7c
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3h3uCtvmha3AdrbCwoN9EiRzh59mVQGb4W8qoxA5OdF7%2FIdtRiV94woANrSmzn3cPC59LOqVGAIllo8l5wmAOqb96h7Uvhp5u1uKpKeNVaU2e7LL11fvfjJ5H4FiUPT7tBC7Eo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.26

162.159.134.42

200 OK

3.0 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.26
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (20092), with no line terminators
Size
3.0 kB (3019 bytes)
Hash
38a980e0dacaa1d82b883aa75ea6eb77
af865b37fcc5f3dc507c54ef5333554e80fa4446
962eddc3189144dc1b872cdfe82d4dbf337e0e686d86f18dbbb8604a2700d5fa

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.26 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d57efab509-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"63c85b7a-4e7c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 18 Jan 2023 20:50:02 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,826518ad99bb9664e3cd336e15bfbc6539505724e18d4d42ce7a329fb9f0cc68
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,826518ad99bb9664e3cd336e15bfbc6539505724e18d4d42ce7a329fb9f0cc68
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9qEB3v4%2FvJJaRJSCxYiMWdv9TCF%2B98220FRFDJbiZ%2FihlTFwXxdpOEz6fOfKh%2BE%2FYwb7u6VUl8fnkjDrrYxJT5ZEruNmzpDYXpo6UGbu%2FLGBQTuIF53Oaq8eL%2BLBkt6eCcRAMM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

www.coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

162.159.134.42

301 Moved Permanently

1.2 kB

URL User Request GET HTTP/2
www.coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
gzip compressed data, from Unix\012- data
Size
1.2 kB (1240 bytes)
Hash
8529d1e35ae2689eb5b7ac3bfb4c2cff
3277e5c3879a623cb435ce4c86f6d71073f94ce2
3e81130959233e97a4f04de2c9a5eb54050ab772eaafe3682335b6a1ea8453b8

HTTP Headers

GET /holiday-parade.html%22,%22EventName%22:%22Annual HTTP/1.1
Host: www.coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 01 Dec 2023 18:41:22 GMT
content-type: text/html; charset=UTF-8
location: https://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
cf-ray: 82ed76bee8355688-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: MISS
x-redirect-by: WordPress
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKYMbzWmHfNPZ00xR8LRTb6M2h64uRMu%2BKEz32WKmBW963vwTIBVK88TaquFCOC3%2Bu8SG7sGDPs%2BbBiVJiAWK1eGyTRbmuvIS7uwNGNhKTnOuuaUj7LU3wbNPsizjVLRtkdbctRZ2cmg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

coronadochamber.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

162.159.134.42

200 OK

4.9 kB

URL GET HTTP/1.1
coronadochamber.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (13479)
Size
4.9 kB (4881 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d5adc05694-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"64d2f50a-3509"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 09 Aug 2023 02:08:10 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,51d31681c99d4a9ae0c3acdd51c992406aea596a904a2e8857af8ac1e9da1395
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,51d31681c99d4a9ae0c3acdd51c992406aea596a904a2e8857af8ac1e9da1395
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRmfeLP6gzOuMjdl203Mi3K18d0UnPUzKSCQHYNJMzLkg57KqS28pvhGgsvIHLJBoZz5SgqaWZzeYKFvVwp50Vo5ugq5i%2FNgXuH9lD9LyVxzYs2pfc8II01bbpq7LYyIsOdEI%2Bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

162.159.134.42

200 OK

31 kB

URL GET HTTP/1.1
coronadochamber.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (65447)
Size
31 kB (30633 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d59dc656af-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"654aed85-15601"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 08 Nov 2023 02:08:05 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,268808019a581440a3576c9a60cad9405fa28771831063f72fe032b283daaebb
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,268808019a581440a3576c9a60cad9405fa28771831063f72fe032b283daaebb
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu6GKifBdfL0HCnWIOF8KC92vFeoibjyzJOdmOYcHSUdEHKaOQX4gvnWvgM9CgpiVe8pri4EVbnPqKcwn4%2FJ%2FgiVWPZsILeLkfuLSNMlvnAqSRCfIJDspicLVhM0Usf1MrJqr4Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.1

162.159.134.42

200 OK

84 B

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.1
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
fca4281373d5586e48db6f95cb1bbe8b
a644e2befb356c4abf768e79a3572069a37c1f4e
f597f9a25eeb007fa0f3669aace416273eb81be809d75cb9ce91eff1f48a9c12

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.1 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d5be57568f-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"65032d70-1aa"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 14 Sep 2023 15:57:36 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,8c71217a8f4ca90613d8fac26d69d96d0f383e8da418cca3d7c7bb97514dc260
Cf-Bgj: minify
Cf-Polished: origSize=426
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,8c71217a8f4ca90613d8fac26d69d96d0f383e8da418cca3d7c7bb97514dc260
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FW2gQDlIIjgjq%2B%2BRV%2BStBq0%2FLsgkZbF7wkp0E8jTxYxk2Nd5AKfzlh87IUjZjw9C70b4PPOMafdlTuHjF42QRGhvyhSA2WITNLoAjfKL96IVk%2F%2FpR1Qgu3wPA%2FjCE9xFAaoxtP8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.26

162.159.134.42

200 OK

36 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.26
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (65268), with CRLF line terminators
Size
36 kB (35691 bytes)
Hash
1e4e23b6992b571d42fc629fe71e66eb
1f98a44accf14f93b6ff84733c45b68d01debe17
0a75aa5bab9865958cd01d39856dc37e96491296ef55f5d2fdce2915b1ea1c58

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.26 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d6a8e05688-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"63c85b7a-21cea"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 18 Jan 2023 20:50:02 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,621249e62712041ac9a0c24b96c459c8017d23a1438dbeb86c20938976432de9
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,621249e62712041ac9a0c24b96c459c8017d23a1438dbeb86c20938976432de9
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXK5Mxq5TvC77ym3yUEYh%2FBcEupYYbaVTc0biRdDM7ip7t5avbM1Y6R%2BSJoXtOvJbEqzo3I%2BSPnU0CgTdst7i3%2FFvgtMWkP9tkgep1VAz2x6lNCo7AotXWOZU%2B5%2B0zWUhVdoKF0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5

162.159.134.42

200 OK

3.7 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (10001)
Size
3.7 kB (3699 bytes)
Hash
1c813274b81cd25da4f5515fb9a020f4
a40f92f1073ed669da51cff3828cf2cf302fcbcc
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d6a916b509-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"62059260-2712"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 10 Feb 2022 22:32:00 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,f5e177502261c93d25fb741c691c17d2b59235c463eff0d06ad7931f2a2f218b
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,f5e177502261c93d25fb741c691c17d2b59235c463eff0d06ad7931f2a2f218b
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4RCIIoh3qpbZ8bzwxm5Xs7sPxTw2vQbHlyDdZ0zBUc2vL0Y%2FQR6mh4YIZ%2BMoIJUrnfnlNS57KhQKUZCKP8It9L6s4ckmWSy7PXOl1yeGMDC78qdRRAUmPiaNsqZsth%2FOtaQzMM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.22.2

162.159.134.42

200 OK

1.1 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.22.2
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
HTML document, ASCII text, with very long lines (596)
Size
1.1 kB (1077 bytes)
Hash
3862fc9aff14ef77451f3e31cf9c0b82
9d2e257075f1ee65665b3e23994f23dca9042b27
cceb44ae76f84a02f9598cf9c339945ff502fa5e56269c86062d760c184069cb

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.22.2 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d6e84f568f-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"6515f57c-d15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 28 Sep 2023 21:51:56 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,736dc2b8ed1860842ce7ad2a7157711f2467f42da07557d6a86035a7cbdd1a5c
Cf-Bgj: minify
Cf-Polished: origSize=3349
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,736dc2b8ed1860842ce7ad2a7157711f2467f42da07557d6a86035a7cbdd1a5c
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2FEPr5V8aCbDYGNI9lwHsAl3ugB0hPEnhGZgeUfdVBDVjJ11NOkmuMkro3p55u2KV7st7PWTmsFFDHUMS5Q1Ecbyrvtb8a2qAVbkT5ZZv97773ftm603NwwLz85wXx4KGSX65Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5

162.159.134.42

200 OK

22 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
Unicode text, UTF-8 text, with very long lines (65451), with no line terminators
Size
22 kB (21488 bytes)
Hash
b8adccf4a3b0c0165e62ea6c5ef3d0f3
20baace2981f1efa3181440f638c5502f7cc11bb
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d6cff75694-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"62059260-10394"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 10 Feb 2022 22:32:00 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5335e7246f9c0ecf47518b73855fefe7caece3f4df4e68700da89d9449105732
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5335e7246f9c0ecf47518b73855fefe7caece3f4df4e68700da89d9449105732
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B4jeFiNwb3CYKkLvIqfkRiCrEPqUsEJI0z%2ButnlXZzByUjkYN8B92ZJXY9%2FnfqqeaPcLkDyn7dwWHeXvV%2FvN4HvlBjoDvl%2BFmklgU7WIPanRNrKpVglhBriZb%2FY7En15OKGxa0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.22.2

162.159.134.42

200 OK

71 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.22.2
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (65467)
Size
71 kB (71301 bytes)
Hash
2fc417c1e986d6295b90e1dbc23491cb
158771df38a3c373adc43fa9ff1a31b8999c665d
9d11051974ce27674b687dbb3fec1c919eee2f0a59366cce8294d9582a557bad

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.22.2 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d6dfae56af-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"6515f57c-42f83"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 28 Sep 2023 21:51:56 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ee7833459e78e0547c7754a96dd2f2a7624ba4379833a2b54601991ec1dba679
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ee7833459e78e0547c7754a96dd2f2a7624ba4379833a2b54601991ec1dba679
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvHrwkQ9G%2FwkJiNjIrUMEWDSETGof6h%2BMnC2L9oUya%2BBQzvlbIwWNR6%2FjYzoJFGnzEQ8P%2FDyYngbcprXTLmo32CVVG0uejzC57rWuWOSBxNYRS0G8S35Mfcx%2BuTDCH%2FV0%2F8YOJM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.22.2

162.159.134.42

200 OK

443 B

URL GET HTTP/1.1
coronadochamber.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.22.2
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (415)
Size
443 B (443 bytes)
Hash
90bcd9dedce3bd4915347ea171fc3f36
84eed7633c0016b8531eaa785b027b8af1c3412c
ea2c37aeb41baeaee24ac9757db4d1949d77f493212d9c9ecf52ebd4fdfb7850

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.22.2 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d7db83b509-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"6515f57c-53f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 28 Sep 2023 21:51:56 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,1515f9d714387f4018b5adfe16d3db1e2c98ddcad8b089dc7bde5247dfdf3b2c
Cf-Bgj: minify
Cf-Polished: origSize=1343
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,1515f9d714387f4018b5adfe16d3db1e2c98ddcad8b089dc7bde5247dfdf3b2c
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KshEIb0jz%2BPW2NRlHgelpDFSwAOlvhHSVW5vUh6aFK3gas80XbpWC8anvu9P0BSjKuai5V%2FuTQt2PyFOdy6%2FsTMZSnO%2BUJBTNtLwGiyRgWjoxEZd9rM8%2FJTicpzCuW4Vz2d1ios%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.26

162.159.134.42

200 OK

3.1 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.26
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (9646), with no line terminators
Size
3.1 kB (3123 bytes)
Hash
ff9e4fa6d687cfa9e1bb37c30a53f017
a062e6b29fba852f35b31ddf6dd812d41435b615
5e7d497103edded53a71ceeba4bd814fb4cbbfdf9aaae65d29ebc1874cd4fa0b

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.26 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d7cb245688-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
Content-Encoding: gzip
ETag: W/"63c85b7a-25ae"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 18 Jan 2023 20:50:02 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ad50c8f255d8918cbe1feaaa1a721cb4034beb8ef5779eb633da7986480450f7
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,ad50c8f255d8918cbe1feaaa1a721cb4034beb8ef5779eb633da7986480450f7
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtmwFuikRlxJK1U0I4B%2BgNvRNKWT7RLOME1HXB%2BZ1qg81wpFlAilPq%2FtpqeLV8TMz2aBQSm0Yh3mTL2rux9QptFxrwcEI%2Bl7cCMI19I2nnk5FH43jQ7rcCXOpDCrWhnU4r%2BROyw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41.css?ver=1701101798

162.159.134.42

200 OK

10 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41.css?ver=1701101798
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (57442)
Size
10 kB (10339 bytes)
Hash
e57306ff426f4b7b68ac94f22bb69e15
70322e162c65f8c262a386529bb035f3ad9fd9f2
947074314aa66759d6ad19561fc1b6004d2325f3f9c203ec1b612b8d03917de8

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-41.css?ver=1701101798 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:26 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d568b05687-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"6564c0e6-12475"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Mon, 27 Nov 2023 16:16:38 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4af7ab5ea7f9122d34e2c005eddf17bb904655fb4b45d72a67cf59bb6a27a7f1
Cf-Bgj: minify
Cf-Polished: origSize=74869
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4af7ab5ea7f9122d34e2c005eddf17bb904655fb4b45d72a67cf59bb6a27a7f1
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p08QneMGqhrUk4Uw7VdCw3iERKMLRvwgrYeHIDk0TZji0PSsnoA3tbpZj8kj7GuTHVEsIHHG81iVjvIZMODf5FydW4Z7k6%2FWy0kEeHaurDDtu19To5CO2R7sXglGRqIUZ8GFsBo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:38:20 GMT
expires: Fri, 29 Nov 2024 02:38:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 144186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:35:53 GMT
expires: Thu, 28 Nov 2024 21:35:53 GMT
cache-control: public, max-age=31536000
age: 162333
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/antonio/v19/gNMEW3NwSYq_9WD3yHQiFQ.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/antonio/v19/gNMEW3NwSYq_9WD3yHQiFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Size
27 kB (26668 bytes)
Hash
6f304736c5f1c038428c1c84b575659a
d21157ef669144d846683d62502da79cdb33d199
9703055dc6ae7d71d3c084299adae8c32a8b273bdca8a6d94ad63572e2ed6dcd

HTTP Headers

GET /s/antonio/v19/gNMEW3NwSYq_9WD3yHQiFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 00:33:42 GMT
expires: Fri, 29 Nov 2024 00:33:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:49:04 GMT
content-type: font/woff2
age: 151664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css

162.159.134.42

200 OK

4.9 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (33793), with no line terminators
Size
4.9 kB (4884 bytes)
Hash
67ae24ce1c092f4e42de1bfd96372aa0
8c2731200814d45d4ae72d0fcded73f0b4738b24
51b5704237c8024857417ab4f15ae3437bcb8124cbcd8c18e7906eec1ad753fa

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:26 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76da5f5156af-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"6564c0e7-8420"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Mon, 27 Nov 2023 16:16:39 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,7dd7467721ce54cd9f2925984755050097228e081666664f6e05853ad7a1af82
Cf-Bgj: minify
Cf-Polished: origSize=33824
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,7dd7467721ce54cd9f2925984755050097228e081666664f6e05853ad7a1af82
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTLEaLcO98%2Bcb5dW3TnXhVXhkrCjw7PSIsEFxGNabhGcke%2BzozehvcBfitG1U%2FAx9rQlMtf72RLrjkQXuj6y48aLe%2BW%2FfkqRYVzsdFxll1msBt8msMaJZxMhMxCv73E06a9JZrk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24368, version 1.0\012- data
Size
24 kB (24368 bytes)
Hash
3f21cc571f829c20b868dd34ad1afe8e
8dd6d7d0edb1b5125001941e7eb4e830c3a1922b
67b5bd8b739dcff5e316b58adc9d75ca7543c5733755819b3bf244098f067b18

HTTP Headers

GET /s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 03:37:09 GMT
expires: Fri, 29 Nov 2024 03:37:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:21:28 GMT
content-type: font/woff2
age: 140657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xA.woff

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xA.woff
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format, TrueType, length 30436, version 1.1\012- data
Size
30 kB (30436 bytes)
Hash
b42baa5ea5da1e2af43562cc2d806467
38baf7d67e69fb420f00f84df2391acd191934e8
3ea719858208a90b81a103af90086f6a9a48d31effd3ee74678b69cadd3928ac

HTTP Headers

GET /s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xA.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:40:59 GMT
expires: Fri, 29 Nov 2024 05:40:59 GMT
cache-control: public, max-age=31536000
age: 133227
last-modified: Wed, 13 Sep 2023 23:21:31 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xw.ttf

216.58.207.227

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xw.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409\012- data
Size
32 kB (32040 bytes)
Hash
a9a6873426862889820d398de532ebc1
7c7d8553461f4512742624d89e74b8a42d8ceb54
9b411f0ae0c4260662e570e3b7a22e88dac70082cdec561c53214f95cc1c05cb

HTTP Headers

GET /s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-xw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:48:08 GMT
expires: Fri, 29 Nov 2024 23:48:08 GMT
cache-control: public, max-age=31536000
age: 67998
last-modified: Wed, 13 Sep 2023 23:21:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58i-wg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58i-wg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24120, version 1.0\012- data
Size
24 kB (24120 bytes)
Hash
02ff55f64d0e63fd4f5f2157f57c377f
7802db0d0a7fab8b0570821da1f39d417e503001
49b9ed73c65ddb953b95c809c5bf2e2d768aa0bec6fd283f3631b215c9a9795d

HTTP Headers

GET /s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58i-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 03:19:58 GMT
expires: Fri, 29 Nov 2024 03:19:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:21:32 GMT
content-type: font/woff2
age: 141688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

koi-3qntbslp96.marketingautomation.services/client/ss.js?ver=2.4.0

107.178.240.224

200 OK

5.0 kB

URL GET HTTP/1.1
koi-3qntbslp96.marketingautomation.services/client/ss.js?ver=2.4.0
IP
107.178.240.224:80
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (12260), with no line terminators
Size
5.0 kB (4988 bytes)
Hash
0487ebe14570243b2b4631d23894e8b8
e17c25cbd2c41a35e4bb6c6e12e92a6782cb74db
0e068a3b14939e7e082107ed425f54aa8100b20b1584de181abf6791a36564f3

HTTP Headers

GET /client/ss.js?ver=2.4.0 HTTP/1.1
Host: koi-3qntbslp96.marketingautomation.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 01 Dec 2023 18:41:26 GMT
Content-Type: application/javascript
Last-Modified: Sat, 18 Nov 2023 00:09:46 GMT
Vary: Accept-Encoding
ETag: W/"655800ca-2fe4"
Expires: Fri, 08 Dec 2023 18:41:26 GMT
Cache-Control: max-age=604800, public
Content-Encoding: gzip
Via: 1.1 google
Transfer-Encoding: chunked

fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrO96kg.woff2

216.58.207.227

200 OK

69 kB

URL GET HTTP/2
fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrO96kg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 68860, version 1.0\012- data
Size
69 kB (68860 bytes)
Hash
63c837a80b7c28f221f73fa585a57cc0
9dcfc144da1ccd4d79941bd9fd72bcf548288e1c
0fb12d22e915cdcc85d68617509d6f77cc00f91174fd1371d22fab147f5aa582

HTTP Headers

GET /s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrO96kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 68860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:34:37 GMT
expires: Thu, 28 Nov 2024 16:34:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
content-type: font/woff2
age: 180409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkBgv58i-wg.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkBgv58i-wg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23160, version 1.0\012- data
Size
23 kB (23160 bytes)
Hash
4fd07a93170cb1d4597937d2989075e1
cb7b6704377f2ad5773660a77dd0928425495b03
546ad5a2f89aac47ac40dc7cecfa6687b10885459e5eac57fdfc950762c2202e

HTTP Headers

GET /s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkBgv58i-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:12:47 GMT
expires: Fri, 29 Nov 2024 05:12:47 GMT
cache-control: public, max-age=31536000
age: 134919
last-modified: Wed, 13 Sep 2023 23:21:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff

162.159.134.42

200 OK

6.2 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
Web Open Font Format, TrueType, length 6152, version 2.4\012- data
Size
6.2 kB (6152 bytes)
Hash
7b72a741a8c6909f6037b51c8973db64
195bf95f0bfb83e9abd26fa84b2d04e26fcce59b
ef71c937db7d4381cd982493ff9728723d27dd44282cc5adef9e16bc7025ad26

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/base/modules.woff HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41.css?ver=1701101798
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:26 GMT
Content-Type: application/font-woff
Content-Length: 6152
Connection: keep-alive
CF-Ray: 82ed76dba8c95688-OSL
CF-Cache-Status: HIT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: "6515f57c-1808"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 28 Sep 2023 21:51:56 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5f4f43adcccb48df386a93b3125925bec6c1b80023461cdd66fe03e2c3b63b7d
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,5f4f43adcccb48df386a93b3125925bec6c1b80023461cdd66fe03e2c3b63b7d
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NMNmjegG2EZlvcvETXrye87lt17gUUqkymogkSUoPq0brrNwBkbxuK32nRG3t3yhu4%2Fq%2Fe%2BPA0Xwkb34Z9APmvGW03InPRNx9Dy0BSWTYQnien1ljazdgW95yCz1PFCbIw%2FXQ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 146950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/uploads/2022/01/cropped-Round-Logo_transparent-192x192.png

162.159.134.42

200 OK

32 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/01/cropped-Round-Logo_transparent-192x192.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31973 bytes)
Hash
722026953e6d95074ac94ca2e86398de
68cca9d19375ea4b20488a981dd14b63913be76b
a7834b16b84b760457a73c3e8ab7970f735f67af606fc823137158ff1d18d9c4

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-Round-Logo_transparent-192x192.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 31973
cf-ray: 82ed76dd3d480b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "61f80f19-7ce5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 31 Jan 2022 16:32:25 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,a96ae3abe2cadc41f98963de2b8130277e07c677489883310b75b8685562305d
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,a96ae3abe2cadc41f98963de2b8130277e07c677489883310b75b8685562305d
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUlLYZde7fZNDk0IDaIa9%2FzUC%2FFhmmoh0rVn%2FRfjSdqBFl7A1x3u97wj6rCm7jgwK%2BwCuUisW9CS50uh6KhUa0GwQN0nWPE7tD8tgMdRiMNOxXCgBDXkWbSX9KPG6CJn2w%2FzuBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

142.250.74.74

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32038)
Size
34 kB (33507 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 15:10:13 GMT
expires: Thu, 28 Nov 2024 15:10:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 185473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coronadochamber.com/wp-content/uploads/2022/01/cropped-Round-Logo_transparent-32x32.png

162.159.134.42

200 OK

2.5 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/01/cropped-Round-Logo_transparent-32x32.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2510 bytes)
Hash
97028048dd256713ecdfeb60f47c45e1
4f69171206cb21f96f11db5a930bd5d926e83958
8e0a807b78a341fe490716df0c97a0fad37eb9a3d618183f20732ef1dd8c7610

HTTP Headers

GET /wp-content/uploads/2022/01/cropped-Round-Logo_transparent-32x32.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 2510
cf-ray: 82ed76dd3d4c0b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "61f80f1a-9ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 31 Jan 2022 16:32:26 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,6fa264ab8c4f23f823699b78a2105d5a1b2ed362c8912920973a3a3c5cd4a768
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,6fa264ab8c4f23f823699b78a2105d5a1b2ed362c8912920973a3a3c5cd4a768
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2%2BpHdcIdiIyy0AsbqWONj8eCLPW2gcnrO8t%2BoyTuN9wxsKnhjJJ4HuGcYL%2BzdI%2F3JX8y65wr39W0uoaU3okw4%2BE4Mo4g7r222Po8abEOVor%2B4TfEEiSxdTQzKdxlLnLtWa55Ho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

162.159.134.42

200 OK

92 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
Web Open Font Format, TrueType, length 92084, version 2.4\012- data
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/wp-content/et-cache/notfound/et-divi-dynamic-tb-41-late.css?ver=1701101798
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:26 GMT
Content-Type: application/font-woff
Content-Length: 92084
Connection: keep-alive
CF-Ray: 82ed76dd7daa56af-OSL
CF-Cache-Status: HIT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: "6515f57c-167b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 28 Sep 2023 21:51:56 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,37ae56c519fd360c0842161679253a26a862fac38c82c60a2edafb85a090f8eb
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,37ae56c519fd360c0842161679253a26a862fac38c82c60a2edafb85a090f8eb
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJhkVsXToY%2B6FMATQVHD5KZsDBash9s9idhCMc5GEj6l8vWN0f%2FUwOivkT%2F%2FVTmEwlwv5fFql9FCjFBVqfI9gm0qsDb0%2F96J7hyfpZVAqeSsqp%2BW7COwlOv%2B9TCeEq%2BviZ8Phm0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/2022/02/Boeing-Logo.png

162.159.134.42

200 OK

17 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Boeing-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17012 bytes)
Hash
f60446346a5d25fdb526b4e8f01d9939
6a637669491e1e0d9b29b0520754dff8e2cff054
57ce6a2ff1f49b148513830d04b4c06bc6e312aaeac3aa917e3aa438a9097fe8

HTTP Headers

GET /wp-content/uploads/2022/02/Boeing-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 17012
cf-ray: 82ed76deae750b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 227863
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213ea02-4274"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:37:38 GMT
vary: Accept-Encoding
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,9ce0717eb04d1db5408121c0258fddba27703c0bedd9853b617b15b31de02ea3
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRtrg%2FyJYP3rY00Z73BDT6VV0L7LTWrfL0e21wZOMYcBxQrz%2FsAgfE9Me1KgI7TnmMcsN%2B6IZXBATB8f6PN3jMJt2gazfttF7uTGGxjyv3nujbqpM7A%2F6zct%2FuVEJYJeQ3iA7dk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/2022/02/Penfed-Logo.png

162.159.134.42

200 OK

32 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Penfed-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
32 kB (31907 bytes)
Hash
1b0e49438db6a1516fdf292d13a43658
c354d960a75b8d97d6d7b167808084a4332f45ad
e70e75cdef129fe6c338b16eb5652e46a219d88793acedd6331c3f134a8495c0

HTTP Headers

GET /wp-content/uploads/2022/02/Penfed-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 31907
cf-ray: 82ed76deae720b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 227867
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213e9ea-7ca3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:37:14 GMT
vary: Accept-Encoding
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4fa983fb02586914bc8b5893b3c479e2c17ccaee4dc5e32cb922bddd285960c3
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGnkzPZt%2FVd51oSxm1asL%2FozrXDUtgpEDRDq8qc8MO9U33cSSC%2ByUZJ8%2BgizbIuh7TLn4wDCkrpDJHZnLGp7ibvq8rYPsEaP0pbunr8omVtlDq0oqZz42Be29YMrISgyIVIyDKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/2022/02/City-of-Coronado-Logo.png

162.159.134.42

200 OK

33 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/City-of-Coronado-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
33 kB (33442 bytes)
Hash
657711cb261138703046831670c24a87
7d0b0336a071482d232407d1f3e4e45f802f89a0
8197ab1d3ed19da62811bc01944ba012665e6ddcf6c5236490ec9d74a1186a87

HTTP Headers

GET /wp-content/uploads/2022/02/City-of-Coronado-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 33442
cf-ray: 82ed76de9e630b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213e99d-82a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:35:57 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,c76c6b8eab2180fbf6189175672502abe40fdf94151355653e6cd505a995042b
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,c76c6b8eab2180fbf6189175672502abe40fdf94151355653e6cd505a995042b
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXQ59pW5qrCY0cn9EJjiJs221nHZXBP46bBx0nWEu7OXgSBFZaSx4udtDOFZAYAvO24eaMp95s6cIXWtszzcGHA%2BWFcDPgBrG0RReG5uoHFVZMCv5IPHZDU%2F8VhC5PnvnfyUI5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

a.mailmunch.co/app/v1/styles.css

143.204.55.29

200 OK

2.3 kB

URL GET HTTP/1.1
a.mailmunch.co/app/v1/styles.css
IP
143.204.55.29:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (21666), with no line terminators
Size
2.3 kB (2274 bytes)
Hash
0dc00eabdb4fbb318485a6b4fef03582
f8238604daba6e5417c98faebd16140e314c246b
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

HTTP Headers

GET /app/v1/styles.css HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2274
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Wed, 29 Nov 2023 07:36:06 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 01 Dec 2023 08:31:19 GMT
Cache-Control: max-age=172800
ETag: "732c21cbd877a039744027658e9db19d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uNU-MmkITT5fb-bje0FLE4W2IMZomlAAD5YA4Eos9OaffHbpO6M2ZQ==
Age: 36647

coronadochamber.com/wp-content/uploads/2022/02/Glorietta-Bay-Inn-Logo.png

162.159.134.42

200 OK

30 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Glorietta-Bay-Inn-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
30 kB (30448 bytes)
Hash
ee70d6c195b44fe206c76a3a46569659
23d073cc692be842528c0a5242d313be726583cc
c615ab36c4dfa82c1d6b24142bf3a98316243f1c248c7c9179474c0c06998a86

HTTP Headers

GET /wp-content/uploads/2022/02/Glorietta-Bay-Inn-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 30448
cf-ray: 82ed76deae760b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213ea18-76f0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:38:00 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4cf1ad11258b1ec13d7ed6d9e916a07eacb20eabb0b3530d7141feb6f49c10cb
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,4cf1ad11258b1ec13d7ed6d9e916a07eacb20eabb0b3530d7141feb6f49c10cb
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X001CwV%2BFyEVGKlDodRnO6s%2BWp6wleMHYS8fidZC7pnyQACzhGwcD7BzqI%2BA4XWySHUlHUqseBKdQ4J8uCMaBuvyUr2OoguOr1MzWiXZ0s9m1TTC373g3QGssJx%2BiHzR5JwkFB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/2022/02/EDCO-Logo.png

162.159.134.42

200 OK

27 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/EDCO-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
27 kB (26946 bytes)
Hash
08e25d10d6b760a7738136d6a02da802
2eedb47400ba26e37c37bdd4bb2da39619c06e5e
b9c5c25803bdf6290f637615573dcd59b743d5fea6e8dcb4b3221994987658e4

HTTP Headers

GET /wp-content/uploads/2022/02/EDCO-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:26 GMT
content-type: image/png
content-length: 26946
cf-ray: 82ed76de9e680b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213e9b8-6942"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:36:24 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,a443388c57a44277d1ab3ec548b2e81ba9c68478951c2da98f36fb33e4191bcf
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,a443388c57a44277d1ab3ec548b2e81ba9c68478951c2da98f36fb33e4191bcf
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1l6Wi%2Bv0FzeUP2G34se0uzropgKPpwRhmM37dmYNTpcWArajNo9r8heKGDwxSrvuCoOEfKx2uqYveXonjafHRCZiqf0770A0C2EzEx6KmdGlPn%2BmG7Ud%2FEg3AvHD%2BmCgp4RXV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

coronadochamber.com/wp-content/uploads/2022/02/Hotel-Del-Coronado-Logo.png

162.159.134.42

200 OK

16 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Hotel-Del-Coronado-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
16 kB (15950 bytes)
Hash
f464201e1115699f2b5aa1c3195f69c1
6f870be19321b40d1c77b9f4c4880d5d26c68489
6d2c8f14fe5bea6e0a1169f470593afbf0673730d91f129fc9f8a0ed1af6b95e

HTTP Headers

GET /wp-content/uploads/2022/02/Hotel-Del-Coronado-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:27 GMT
content-type: image/png
content-length: 15950
cf-ray: 82ed76deae6e0b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213e9d2-3e4e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:36:50 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,8424c30d4dadf66ed104c0ade5ca325dbbd7745824a4fecc2516fc774ec0b5ea
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,8424c30d4dadf66ed104c0ade5ca325dbbd7745824a4fecc2516fc774ec0b5ea
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIlQ7JdY8Pb2%2FLjCktEUZ17o20WaRs7L7xDxHimdI189R38CW42Nc6H85ArSz2d6dntAoV6UqCGcZiOVHA118D9vFp5j67lJj9VaVs2JbwtK7hjHw6ulkb91NBjuw78DfW5nluY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

forms.mailmunch.co/sites/1000387

54.157.58.70

200 OK

130 B

URL GET HTTP/1.1
forms.mailmunch.co/sites/1000387
IP
54.157.58.70:80
ASN
#14618 AMAZON-AES

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
JSON data\012- , ASCII text, with no line terminators
Size
130 B (130 bytes)
Hash
ec73fb7398f6bfe9aa1848693bc9448f
cfa98be85e4e86f491b0a8f383e62d8fbacb5e6c
50832b2ff5f095ed211218cfe0f71c44bd2f19b60c3bf414e4fbd623e52f81ee

HTTP Headers

GET /sites/1000387 HTTP/1.1
Host: forms.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cowboy
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701456087&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=DqVCuTvm1rMVUNznKnqI2wu4YfM0T2ZbLc2cX5HNSbs%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701456087&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=DqVCuTvm1rMVUNznKnqI2wu4YfM0T2ZbLc2cX5HNSbs%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Content-Type: application/json; charset=utf-8
Content-Length: 130
Etag: W/"82-z6mL6F5OhvSRsKjzg+Ytj7rLXmw"
Vary: Accept-Encoding
Date: Fri, 01 Dec 2023 18:41:27 GMT
Via: 1.1 vegur

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Dec 2023 07:57:18 GMT
expires: Sat, 30 Nov 2024 07:57:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 38649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 146951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 117440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.mailmunch.co/forms-cache/1000387/settings-1701453433.json

143.204.55.29

200 OK

743 B

URL GET HTTP/1.1
a.mailmunch.co/forms-cache/1000387/settings-1701453433.json
IP
143.204.55.29:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
JSON data\012- , ASCII text, with very long lines (1416), with no line terminators
Size
743 B (743 bytes)
Hash
5af635b5135468b984b8d24e1722f286
f5019e5ee2e55995c5a5a7c94e80cee85f3ab34b
5638c6a0013394661a43bdbfc8cd104feffde9a77edba7dcfbbdd3b091149872

HTTP Headers

GET /forms-cache/1000387/settings-1701453433.json HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 01 Dec 2023 18:41:28 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Fri, 01 Dec 2023 17:57:21 GMT
ETag: W/"5af635b5135468b984b8d24e1722f286"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=31556952
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 05RhD2O-oYIZ4jzV2c5pugWLKR9PraH8MznsNdmegR_H4ym1igE4Dg==

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 112387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.131

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:42:11 GMT
expires: Mon, 04 Dec 2023 23:42:11 GMT
cache-control: public, max-age=604800
age: 327556
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.131

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:52:16 GMT
expires: Fri, 29 Nov 2024 01:52:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 146951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.mailmunch.co/app/v1/popover.js

143.204.55.29

200 OK

2.3 kB

URL GET HTTP/1.1
a.mailmunch.co/app/v1/popover.js
IP
143.204.55.29:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (9035), with no line terminators
Size
2.3 kB (2274 bytes)
Hash
488fc911395464db3d095307f57af46f
5f1072a7848089c4ac3fc8905743ef4f99b305d3
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b

HTTP Headers

GET /app/v1/popover.js HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2274
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Wed, 29 Nov 2023 07:36:03 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 01 Dec 2023 08:30:41 GMT
Cache-Control: max-age=172800
ETag: "dda40d5d677f6b285b9f2a5e7f6189af"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o8-XQ7DV360GjQa-bAOfDjb-RyC4WvSUoMvP4qXKCZXv9CHQKYFsxQ==
Age: 36646

a.mailmunch.co/forms-cache/1000387/1092467/index-1674075604.html

143.204.55.29

200 OK

46 kB

URL GET HTTP/1.1
a.mailmunch.co/forms-cache/1000387/1092467/index-1674075604.html
IP
143.204.55.29:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30641)
Size
46 kB (46483 bytes)
Hash
c17d29c06287e4096b041be4cdd5c581
ddf916dc4512055ec0f0278db8e04ddf34cf29fb
758196d70266ee46a37e81fed329d2aab2ebfe53dce17bec9633264ce7190f8f

HTTP Headers

GET /forms-cache/1000387/1092467/index-1674075604.html HTTP/1.1
Host: a.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 28 Nov 2023 20:16:42 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Wed, 18 Jan 2023 21:01:01 GMT
ETag: W/"c17d29c06287e4096b041be4cdd5c581"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=31556952
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tco-BOWaxdgd434ukXe5eZO7Qf0K43frNiAI3sjP_GldkHUO79Ha2g==
Age: 253486

fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

142.250.74.74

200 OK

49 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
49 kB (49120 bytes)
Hash
147be695a29d2a5e6438cf800f670ce0
8eb9cdfbd63aa12f574c7bb1ca3827eba801f1f9
89766342aa2848933dc650646b6235be48fd1ff54badf1e689be003151f24eb5

HTTP Headers

GET /css?family=Open+Sans:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 18:41:27 GMT
date: Fri, 01 Dec 2023 18:41:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/3
fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28076, version 1.0\012- data
Size
28 kB (28076 bytes)
Hash
876d74bcd0a927aba5be92bf7993f1aa
1ffc2b292eb17625a33feaf5460e84d137846811
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada

HTTP Headers

GET /s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:20:29 GMT
expires: Thu, 28 Nov 2024 21:20:29 GMT
cache-control: public, max-age=31536000
age: 163258
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://coronadochamber.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 135629
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

koi-3qntbslp96.marketingautomation.services/koi?rf=&hn=coronadochamber.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1701456091316&ac=KOI-4KC3XFZ3NS&ts=1701456091&pt=0&pl=0&loc=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&tp=page&ti=404%20Not%20Found%20%7C%20Coronado%20Chamber%20of%20Commerce

107.178.240.224

200 OK

4.1 kB

URL GET HTTP/2
koi-3qntbslp96.marketingautomation.services/koi?rf=&hn=coronadochamber.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1701456091316&ac=KOI-4KC3XFZ3NS&ts=1701456091&pt=0&pl=0&loc=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&tp=page&ti=404%20Not%20Found%20%7C%20Coronado%20Chamber%20of%20Commerce
IP
107.178.240.224:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGlobalSign nv-sa
Subject*.marketingautomation.services
Fingerprint81:4A:15:01:CF:B6:3C:58:EF:D6:00:9A:F9:AF:83:A0:B4:A5:57:50
ValidityMon, 05 Jun 2023 14:01:36 GMT - Sat, 06 Jul 2024 14:01:35 GMT

File type
ASCII text, with very long lines (10792)
Size
4.1 kB (4061 bytes)
Hash
568f58b61964b2a48fb33efd39b88d81
0d94d92b7c0e9273462182bfa0d6c30561c43b86
1e53a5499b7429325f1a620b3f6e1973bd39d8d9ac5738ee2c99ddaba8956fe8

HTTP Headers

GET /koi?rf=&hn=coronadochamber.com&lg=en-US&sr=1280x1024&cd=24&vr=2.4.0&se=1701456091316&ac=KOI-4KC3XFZ3NS&ts=1701456091&pt=0&pl=0&loc=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&tp=page&ti=404%20Not%20Found%20%7C%20Coronado%20Chamber%20of%20Commerce HTTP/1.1
Host: koi-3qntbslp96.marketingautomation.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 01 Dec 2023 18:41:27 GMT
content-type: application/javascript
vary: Accept-Encoding
pod-hostname: koi-54599cdfff-sqtkm
p3p: CP='This is not a P3P policy! See https://www.constantcontact.com/legal/privacy-notice/ for more info.'
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 01 Dec 2023 18:41:27 GMT
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pragma: no-cache
set-cookie: koitk=202312%7C656a28d7966f4a56052a3871; expires=Mon, 28-Nov-2033 18:41:27 GMT; Max-Age=315360000; path=/; domain=.marketingautomation.services; secure; SameSite=None
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cf.mailmunch.com/partner/mailmunch/logo_branding.png

143.204.55.42

200 OK

3.0 kB

URL GET HTTP/1.1
cf.mailmunch.com/partner/mailmunch/logo_branding.png
IP
143.204.55.42:443
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerAmazon
Subject*.mailmunch.co
Fingerprint13:E8:B8:A6:20:67:1C:38:33:76:D9:24:AE:BE:D3:7C:54:38:F8:A7
ValiditySun, 26 Nov 2023 00:00:00 GMT - Tue, 24 Dec 2024 23:59:59 GMT

File type
PNG image data, 301 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3019 bytes)
Hash
9b53f488aacdce3693ba93861ca034cf
eb65b4bd0e143c9c4944fd88e4fd2b928d9c985f
60615cf3ddf0b34046ce24ba4a0f5a5c352c10a9ae6e03043b93f8e0f5c6b509

HTTP Headers

GET /partner/mailmunch/logo_branding.png HTTP/1.1
Host: cf.mailmunch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3019
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, DELETE
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Last-Modified: Mon, 31 Aug 2020 12:20:46 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 01 Dec 2023 11:35:34 GMT
ETag: "9b53f488aacdce3693ba93861ca034cf"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G4OUeIcdBWoprBvXWM1HmgjSvqmVn6yiS4p6kcCWUs77BPhe4cu-8g==
Age: 25562

coronadochamber.com/wp-content/uploads/2022/02/Loews-Logo.png

162.159.134.42

200 OK

13 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Loews-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
13 kB (12812 bytes)
Hash
7806eb111cf2450b62d6b265373ab45d
1969ddfce35f294f979031ec84517482dc7e1a09
7452f079fa6982b2f093b5949c8b95ba3edf1920708658f78933dad15361c6a3

HTTP Headers

GET /wp-content/uploads/2022/02/Loews-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual; _ga_MZW0N2P1CP=GS1.1.1701456091.1.0.1701456091.0.0.0; _ga=GA1.1.1187220246.1701456092; __ss_tk=202312%7C656a28d7966f4a56052a3871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:28 GMT
content-type: image/png
content-length: 12812
cf-ray: 82ed76e67cd10b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 227857
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213ea31-320c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:38:25 GMT
vary: Accept-Encoding
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,2826a84307a7332a2087ee45289728eac0885df32ce6f50f5e9cd6c0ff557ece
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhALE8iAZBPTS4AUB9XkO3rpgipH9hI3ONu2wr9UhbrVdtcPI8uAWn3es1xGg2hn3Ycw3jaC1qoiwCC2G5itYcN2tQV8thKvwLCaM3m3eXgq16xB3t%2FRuL2CnqckDFiy0QxYBLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

pixel-geo.prfct.co/tagjs?a_id=168561&source=js_tag

34.250.12.61

302 Found

0 B

URL GET HTTP/1.1
pixel-geo.prfct.co/tagjs?a_id=168561&source=js_tag
IP
34.250.12.61:80
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tagjs?a_id=168561&source=js_tag HTTP/1.1
Host: pixel-geo.prfct.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=168561&source=js_tag
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_p5UJxVMZ6SnY4Hsgf; Max-Age=63072000; Domain=.prfct.co; Path=/; SameSite=None; Secure;
Content-Length: 0
Connection: keep-alive

pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=168561&source=js_tag

34.250.12.61

200 OK

59 B

URL GET HTTP/1.1
pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=168561&source=js_tag
IP
34.250.12.61:443
ASN
#16509 AMAZON-02

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGlobalSign nv-sa
Subject*.prfct.co
FingerprintE1:86:28:66:2D:4A:4A:65:0B:F0:FD:02:89:19:53:1E:9B:D9:04:8F
ValidityTue, 31 Oct 2023 19:06:11 GMT - Sun, 01 Dec 2024 19:06:10 GMT

File type
ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
7597aa13621b16fa6af79e4a48a9b1e0
aca68c21c49bc81b1be20854301bea92be3da5a8
c1a5691de9a2df57911e1c7a921d17afe3a488f2f56935d55e04b22798820faf

HTTP Headers

GET /tagjs?check_cookie=1&a_id=168561&source=js_tag HTTP/1.1
Host: pixel-geo.prfct.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://coronadochamber.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Content-Type: text/javascript
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Set-Cookie: pa_uid=pa_PyzDOw9Pu4r3wQLDY; Max-Age=63072000; Domain=.prfct.co; Path=/; SameSite=None; Secure;
Content-Length: 59
Connection: keep-alive

coronadochamber.com/wp-content/uploads/2022/02/Port-of-San-Diego-Logo.png

162.159.134.42

200 OK

17 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Port-of-San-Diego-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17204 bytes)
Hash
a3850200c8b80b3442dc175d0d51a023
34010f58194899e2b44f24ad1f4cdd9e32e22314
0094850f896903c700d9e00855d20c44fc88f76a2b7381ae8380b5d335a64940

HTTP Headers

GET /wp-content/uploads/2022/02/Port-of-San-Diego-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual; _ga_MZW0N2P1CP=GS1.1.1701456091.1.0.1701456091.0.0.0; _ga=GA1.1.1187220246.1701456092; __ss_tk=202312%7C656a28d7966f4a56052a3871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:32 GMT
content-type: image/png
content-length: 17204
cf-ray: 82ed76ff9cb40b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213ea47-4334"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:38:47 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,835d871c94c6e15b53c475e1bdf64d03fcf96e7b916513e0ec8762e809406a33
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,835d871c94c6e15b53c475e1bdf64d03fcf96e7b916513e0ec8762e809406a33
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtR7fVil4auF%2FRDi7bfDscXMxJgWB2VQBH1UgxSFfQ%2BNyhn4G0jfqaDhT725XNXwrfMe1yNjhXpnB7jwXSYXK1FxPA58RNGxGbpyLzawyHyY6zB369%2FoZA3ZeoC2v9o%2BTYlHhOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

analytics.mailmunch.co/event/?site_id=1000387&widget_id=1092467&event_name=views&cache=1701456097532&referrer=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&visitor_id=be258b42-8f5a-454d-bbdd-f66aa52661bc

3.220.57.224

200 OK

35 B

URL GET HTTP/1.1
analytics.mailmunch.co/event/?site_id=1000387&widget_id=1092467&event_name=views&cache=1701456097532&referrer=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&visitor_id=be258b42-8f5a-454d-bbdd-f66aa52661bc
IP
3.220.57.224:80
ASN
#14618 AMAZON-AES

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M2

HTTP Headers

GET /event/?site_id=1000387&widget_id=1092467&event_name=views&cache=1701456097532&referrer=http%3A%2F%2Fcoronadochamber.com%2Fholiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual&visitor_id=be258b42-8f5a-454d-bbdd-f66aa52661bc HTTP/1.1
Host: analytics.mailmunch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Cowboy
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701456092&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GPElFfm6Jq12IT06a1mD31VU%2FWa5s5ZOVWgFIhLsUXg%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701456092&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=GPElFfm6Jq12IT06a1mD31VU%2FWa5s5ZOVWgFIhLsUXg%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: image/gif
Date: Fri, 01 Dec 2023 18:41:32 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

coronadochamber.com/wp-content/uploads/2022/02/Ferry-Landing-Logo.png

162.159.134.42

200 OK

32 kB

URL GET HTTP/3
coronadochamber.com/wp-content/uploads/2022/02/Ferry-Landing-Logo.png
IP
162.159.134.42:443
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectcoronadochamber.com
Fingerprint16:27:BD:3A:01:F6:61:AA:A7:E5:6B:5D:A9:78:E1:F2:4E:C0:10:E8
ValiditySat, 28 Oct 2023 19:42:46 GMT - Fri, 26 Jan 2024 19:42:45 GMT

File type
PNG image data, 500 x 250, 8-bit colormap, non-interlaced\012- data
Size
32 kB (32001 bytes)
Hash
d7acbfea3a3eb59fb2d5311dbc170f0e
215f40574f8ede781566fc20d9adf6a9521be7e1
d19e2cb9ed81d8da0b624fb3c1407a86accd3db55314f79bbdefb7288ba6ae42

HTTP Headers

GET /wp-content/uploads/2022/02/Ferry-Landing-Logo.png HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Cookie: __ss=1701456091316; __ss_referrer=http%3A//coronadochamber.com/holiday-parade.html%2522%2C%2522EventName%2522%3A%2522Annual; _ga_MZW0N2P1CP=GS1.1.1701456091.1.0.1701456091.0.0.0; _ga=GA1.1.1187220246.1701456092; __ss_tk=202312%7C656a28d7966f4a56052a3871
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 01 Dec 2023 18:41:36 GMT
content-type: image/png
content-length: 32001
cf-ray: 82ed7718d8950b41-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=2592000
etag: "6213ea5f-7d01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Feb 2022 19:39:11 GMT
vary: Accept-Encoding
cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,da4bdb9b1240778cc7e30e3a47186c91f55ce705ba5df0a83e353d7b0b11e50b
ki-cache-tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,da4bdb9b1240778cc7e30e3a47186c91f55ce705ba5df0a83e353d7b0b11e50b
ki-cache-type: CDN
ki-cf-cache-status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
x-content-type-options: nosniff
x-edge-location-klb: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXVctn8U7SNlilLe5yHu906%2FSlVE3ETxIUAZMqv8Kzi1lwYuWAIHZvZ3X35QUuQLeJvICw1paUhVG8QSkNRKggsC7uRgtmOp5CRrU7tpnI1%2F6slXDtcg1fGcAGxB0GtD%2B%2BNQbvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.100

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 01 Dec 2023 18:41:27 GMT
date: Fri, 01 Dec 2023 18:41:27 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api.js?render=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&hl=en-US

142.250.74.100

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&hl=en-US
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
82eb96e3473c6a6be4e2b4c4752297a0
f25f407b4105e97e667f56b3b741313168a31e52
b7be7f3fe83e03f9af0cb356a59191cd31e67a6dedae70c56dfa00a64fbcb950

HTTP Headers

GET /recaptcha/api.js?render=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&hl=en-US HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 01 Dec 2023 18:41:25 GMT
date: Fri, 01 Dec 2023 18:41:25 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Cabin:400,700&display=swap

142.250.74.74

200 OK

2.5 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Cabin:400,700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2604), with no line terminators
Size
2.5 kB (2544 bytes)
Hash
700c8ba3d14288eed6a9ec1a4e327b1b
0c48c41340f55470cc11437d38401edf4dfc21e2
0892a582240212261e3982ba3199b41aa43cde69c08deaa5b3edc44c28dcf1d9

HTTP Headers

GET /css?family=Cabin:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 18:41:27 GMT
date: Fri, 01 Dec 2023 18:41:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

coronadochamber.com/wp-content/plugins/divi_extended_column_layouts/style.css?ver=6.4.1

162.159.134.42

200 OK

14 kB

URL GET HTTP/1.1
coronadochamber.com/wp-content/plugins/divi_extended_column_layouts/style.css?ver=6.4.1
IP
162.159.134.42:80
ASN
#13335 CLOUDFLARENET

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (13954), with no line terminators
Size
14 kB (13954 bytes)
Hash
66cf1537a8d3c6a012155c3c91762d7d
c9c024292b7189c64f27d49307d9278d201bab52
71fb176869d106c2ac5d59125c8e2ffa60647a8a26e60e87bbf98373b93d2ebf

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M2

HTTP Headers

GET /wp-content/plugins/divi_extended_column_layouts/style.css?ver=6.4.1 HTTP/1.1
Host: coronadochamber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 01 Dec 2023 18:41:25 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 82ed76d59f605688-OSL
CF-Cache-Status: HIT
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, s-maxage=2592000
ETag: W/"616de238-428a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Mon, 18 Oct 2021 21:08:08 GMT
Vary: Accept-Encoding
Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,d1b9be8a18692f56baa6f72039233b976bd0777f89518b65f6b0ee6d727fb3de
Cf-Bgj: minify
Cf-Polished: origSize=17034
ki-Cache-Tag: 4d2ca0a6-87ae-4e73-b238-4379bb8662f1,d1b9be8a18692f56baa6f72039233b976bd0777f89518b65f6b0ee6d727fb3de
ki-cache-type: CDN
Ki-CF-Cache-Status: HIT
ki-edge: v=20.2.5;mv=3.0.1
ki-origin: g1p
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7hJEDW0CnC4MuHCunccPusftnHmqDjlL9b1xbFn8bDoVrnEJ%2FE5VbksbA%2ByBn8Twjuzc9tcEhV4ICKDF6FeuNMY%2BC%2BuQIfqtOPurIT42ToAVi8vW2RwqOKyRUSDUeqJxn01vqQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7

142.250.74.100

200 OK

61 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52426)
Size
61 kB (60972 bytes)
Hash
afa3410ec0bcf88de26cf389929a1e69
c20159e1b1f54aa109438a84170221e3b024612a
71f36c45763eb952dcd6fb9ae432928b88c7a386ad162deb949cd744fbeebe0e

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Lc1beIeAAAAAKDcfHzLuaglp65UxlSOAvBVkqw8&co=aHR0cDovL2Nvcm9uYWRvY2hhbWJlci5jb206ODA.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=df67p0256qz7 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 01 Dec 2023 18:41:26 GMT
content-security-policy: script-src 'nonce-VNDVsJO54Rs-9R-25rMuFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tag.perfectaudience.com/serve/612cf0098f7d90fe9c00048f.js

151.101.194.217

200 OK

12 kB

URL GET HTTP/1.1
tag.perfectaudience.com/serve/612cf0098f7d90fe9c00048f.js
IP
151.101.194.217:80
ASN
#54113 FASTLY

Requested by
http://coronadochamber.com/holiday-parade.html%22,%22EventName%22:%22Annual

File type
ASCII text, with very long lines (10792)
Size
12 kB (11948 bytes)
Hash
9469d11726d8fac3f401a5f14d97513c
bb9fa26ce22211c897e722d0390a6a323c021b48
fb2c093bfdc0c19f2171bde835e6d474eb881a268b2a5f8baf660765ecca2b7a

HTTP Headers

GET /serve/612cf0098f7d90fe9c00048f.js HTTP/1.1
Host: tag.perfectaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://coronadochamber.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3909
Server: Cowboy
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701456087&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=aIYSSRZAZp0uHP%2Fl%2FxwhrH87BrUc3DIgpSxG7VjO8dU%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701456087&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=aIYSSRZAZp0uHP%2Fl%2FxwhrH87BrUc3DIgpSxG7VjO8dU%3D
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Type: text/javascript
Cache-Control: max-age=1800
X-Content-Type-Options: nosniff
Via: 1.1 vegur, 1.1 varnish
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 01 Dec 2023 18:41:27 GMT
Age: 0
X-Served-By: cache-bma1656-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1701456088.681885,VS0,VE205
Vary: Accept-Encoding

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash