Report - www.dualpowerdetroit.com/

Report Overview

Submitted URL
www.dualpowerdetroit.com/
IP
34.118.111.64
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2023-12-04 05:21:41
Access
public
Website Title
Blog: Az orvostudomány úttörő szelleme a modern korban
Final URL
www.dualpowerdetroit.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.dualpowerdetroit.com	unknown	2021-03-04	2021-03-12	2023-11-22	16 kB	1.6 MB	34.118.111.64
maps.google.com	1899	1997-09-15	2012-09-11	2023-12-03	645 B	489 B	142.250.74.46
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-12-03	946 B	9.8 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-12-03	3.3 kB	227 kB	142.250.74.99
www.google.com	7	1997-09-15	2015-05-10	2023-11-19	637 B	1.6 kB	216.58.207.228
maps.googleapis.com	33876	2005-01-25	2019-10-17	2023-12-03	4.3 kB	311 kB	142.250.74.106
maps.gstatic.com	unknown	2008-02-11	2016-01-11	2023-12-03	441 B	62 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed
2023-12-04	medium	dualpowerdetroit.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	maps.googleapis.com/maps-api-v3/api/js/55/3/common.js	261 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/common.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03:07 Last Seen2023-12-06 19:49:39 Times Seen1603 Hash 9b44e2e564f70b079e48e73680228d50 21cbe8228939cccbe04d618cc62592abe8168292 862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/util.js	177 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/util.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 01:03:07 Last Seen2023-12-06 19:49:39 Times Seen1599 Hash 90e04afddd95ef43014450cadb771307 84382d86cb0b94bebef21276b757402c80a49950 416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/map.js	73 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/map.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:32:19 Last Seen2023-12-06 19:49:39 Times Seen638 Hash 243bb45c4744cbda04a2be95db1b16dd 883795e8de2b2c4ee9dabc3193e4a20639306843 8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js	3.1 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08:02 Last Seen2023-12-06 19:49:39 Times Seen483 Hash 8a50e9517370067b769dfec46e31ae66 55d249979875100ad3d8bbb6b7b0f7b02d280346 0e8c45740f76c7936f760b7ac176a2517c8b6d176231f3d541d67321f9eeea45 Loading...

	www.dualpowerdetroit.com/themeFiles/jscript/sdt.js	1.4 kB	2023-05-26	2023-12-30
Pretty URL www.dualpowerdetroit.com/themeFiles/jscript/sdt.js IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 14:58:47 Last Seen2023-12-30 02:21:42 Times Seen17 Hash 01d967ae3b533147fb3c48385a34af42 aa699b6431db7f2a95019fd310e19d9844cba7a5 bdfe761b0cfc04812b069ec05ad9a32b49067d8c7241fe9c3e0c533a0a9db6df Loading...

	www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen	0 B	2023-03-07	2024-07-27
Pretty URL www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:38:47 Times Seen41184141 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js	27 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08:02 Last Seen2023-12-06 19:49:39 Times Seen574 Hash a2d42fe1c670e5f02d792bf944e1908f bf8ddc906459b74128d3484bd64f47eb96b8932e 4b4ccaf9230460e41b89e77a295c73c250a869c7765a509588b013f4feeaa5a2 Loading...

	www.dualpowerdetroit.com/themeFiles/jscript/jquery3.min.js	90 kB	2023-03-07	2024-07-27
Pretty URL www.dualpowerdetroit.com/themeFiles/jscript/jquery3.min.js IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-07-27 03:00:27 Times Seen297618 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad	184 kB	2023-12-04	2023-12-04
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 03:10:18 Last Seen2023-12-04 11:14:15 Times Seen22 Hash f4592430998b45e290ecf5740d8fc4d9 86e8d046a4172f5551dcef4e4c6431a089cbf8a5 4dc650d3ec722b255624f60f7e6e3221bebebd7ceacd56828af1d3c5617fb369 Loading...

	maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js	232 kB	2023-11-30	2023-12-06
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08:02 Last Seen2023-12-06 19:49:39 Times Seen572 Hash 0f250ad3a2691ddbd832b75bca4a44be 23e54c1b4cb0c03b4f17d1f56ea74ae74925d60e 40c4591ccf3a569b4db8a939842cefcff28dd8b74d2a1fab68591d7e0c7bbc7e Loading...

	maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js	3.4 kB	2023-11-30	2023-12-06
Pretty URL maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 05:08:02 Last Seen2023-12-06 19:49:39 Times Seen532 Hash 59f3386eebf333dba7982e068e01b797 1f2099e6adddee067e3f2349f27b059d5dd38537 57b27ca34a0a4f104113f302a891f3b0c37fd849b34512e9e52e0084d0523516 Loading...

	www.dualpowerdetroit.com/themeFiles/jscript/color-detect.js	38 kB	2023-03-26	2024-06-28
Pretty URL www.dualpowerdetroit.com/themeFiles/jscript/color-detect.js IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 09:13:48 Last Seen2024-06-28 09:55:43 Times Seen158 Hash 9e264eb508f3f93396584bf72f3f8071 7bf468303fa8017d3cca66b4f2463cf02d59bc7a 26f14ff1a19408d33c6c44f5f9d6d866ed335ddf6b0ef49d6ff41d485462fb0f Loading...

	www.dualpowerdetroit.com/themeFiles/jscript/s.min.js	43 kB	2023-03-07	2024-07-27
Pretty URL www.dualpowerdetroit.com/themeFiles/jscript/s.min.js IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-07-27 02:33:49 Times Seen41114 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	www.dualpowerdetroit.com/	1.2 kB	2023-11-16	2023-12-30
Pretty URL www.dualpowerdetroit.com/ IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 00:05:22 Last Seen2023-12-30 02:21:42 Times Seen3 Hash 599c8f0f3f3dc5fbd879a4837ff9f9ab a33f5553f5c8e272b815ad85ecf303d46ea603f1 9518619b89323e938fd0ab446c30d534b5853c846ff7ec2a1d213e6ec13dfe64 Loading...

	www.dualpowerdetroit.com/	5.3 kB	2023-11-16	2023-12-30
Pretty URL www.dualpowerdetroit.com/ IP 34.118.111.64 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 00:05:23 Last Seen2023-12-30 02:21:42 Times Seen3 Hash 2f9c8833ac4754f3bf009bc5d5c362b8 908215d4aa4f19c6a44ebaa2575397ed7d49640e ea116462c42b352c645b3f15bcd3f4cd0d3fc406442ca1b8d1b375ec8787c13b Loading...

HTTP Transactions (54)

URL IP Response Size

www.dualpowerdetroit.com/

34.118.111.64

200 OK

10 kB

URL User Request GET HTTP/1.1
www.dualpowerdetroit.com/
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (658), with CRLF, LF line terminators
Size
10 kB (9966 bytes)
Hash
ccdb902b9556a82a92e1323ff3e67010
686e2db34bf6fa9946582febe81658aa41e2111b
ca9ae80a4a32bad217b7aa6f7b996ed4de2b83de6e2c744b6b92f584bf552047

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9966
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/jscript/jquery3.min.js

34.118.111.64

200 OK

36 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/jscript/jquery3.min.js
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text, with very long lines (65447)
Size
36 kB (36046 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/jscript/jquery3.min.js HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-15d9d"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/stheme.css

34.118.111.64

200 OK

973 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/stheme.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
Unicode text, UTF-8 text
Size
973 B (973 bytes)
Hash
f9faba678c4d6dcfdde69e5b11b37a2e
81a434f94f2b1124f3232bb86f2944f82fb23ac0
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/stheme.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-c49"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/media-here.css

34.118.111.64

200 OK

261 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/media-here.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text
Size
261 B (261 bytes)
Hash
52ba01569989a4fe5206a4fd56a846e7
64a9111cd493350a2a78d7bef7a181290269f8ab
3a4189a2b21f32161f8966ac1c5fd5c9b4487ec3138ff18cbe72f45fcc6d75a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/media-here.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-278"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/stock-button.css

34.118.111.64

200 OK

1.6 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/stock-button.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text
Size
1.6 kB (1626 bytes)
Hash
58a7ceddfcb244195c1560c8d72c2260
978b6d8a7b2d7cdfd6eb8a1e293ad1b9e956f7b6
76b0bdbfcfb82da3cf02e8c022091f6ed048ab18df55d84387f4347101e08d03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/stock-button.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-15a7"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/icons-strap.css

34.118.111.64

200 OK

11 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/icons-strap.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text
Size
11 kB (10586 bytes)
Hash
bc4dea65ef13ebbbd036ada3a06655a8
87e39aa5e6d3b7d681ed0a4940727f220ab5b2b4
4d50e61450fa28155c51b28a5eaec80ba68aef637f08d2fd11fedf79c413ef56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/icons-strap.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-f8ae"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/s.css

34.118.111.64

200 OK

614 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/s.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text
Size
614 B (614 bytes)
Hash
f38b2db10e01b1572732a3191d538707
a94a059b3178b4adec09e3281ace2819a30095a4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/s.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-6f0"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/jscript/color-detect.js

34.118.111.64

200 OK

12 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/jscript/color-detect.js
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text, with very long lines (365)
Size
12 kB (11494 bytes)
Hash
9e264eb508f3f93396584bf72f3f8071
7bf468303fa8017d3cca66b4f2463cf02d59bc7a
26f14ff1a19408d33c6c44f5f9d6d866ed335ddf6b0ef49d6ff41d485462fb0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/jscript/color-detect.js HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-9290"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/bstrap.css

34.118.111.64

200 OK

30 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/bstrap.css
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
Unicode text, UTF-8 text, with very long lines (65300)
Size
30 kB (30389 bytes)
Hash
dc366fc84a718dedad8673d131a0c868
82a3ba279051724585ab737eaecb462e237aa37e
9eaec9d24b1ee74ba959d3625d10ecb8677f0247da1f3d215fc1e0094b020126

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/bstrap.css HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-2573a"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/jscript/s.min.js

34.118.111.64

200 OK

13 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/jscript/s.min.js
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text, with very long lines (42862)
Size
13 kB (12980 bytes)
Hash
d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/jscript/s.min.js HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-a76f"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/jscript/sdt.js

34.118.111.64

200 OK

495 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/jscript/sdt.js
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
ASCII text
Size
495 B (495 bytes)
Hash
01d967ae3b533147fb3c48385a34af42
aa699b6431db7f2a95019fd310e19d9844cba7a5
bdfe761b0cfc04812b069ec05ad9a32b49067d8c7241fe9c3e0c533a0a9db6df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/jscript/sdt.js HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-54c"
Content-Encoding: gzip

www.dualpowerdetroit.com/themeFiles/stylesheet/bstrap.min.css.map

34.118.111.64

200 OK

424 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/bstrap.min.css.map
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
424 kB (423467 bytes)
Hash
5b860eac35824bd9ae64ef54bc3465fe
bb285b4ad473f56be2fd72be12fb902ffa231b5a
912c0f959105857fb164b1acb3762593a0888e421afaabdc5265a9881912f0aa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/bstrap.min.css.map HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: application/octet-stream
Content-Length: 423467
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-6762b"
Accept-Ranges: bytes

maps.google.com/maps?hl=en&q=Budapest%2C%20De%C3%A1k%20Ferenc%20u.%2017%2C%201052%20Magyarorsz%C3%A1g&ie=UTF8&t=&z=8&iwloc=B&output=embed

142.250.74.46

301 Moved Permanently

0 B

URL GET HTTP/2
maps.google.com/maps?hl=en&q=Budapest%2C%20De%C3%A1k%20Ferenc%20u.%2017%2C%201052%20Magyarorsz%C3%A1g&ie=UTF8&t=&z=8&iwloc=B&output=embed
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /maps?hl=en&q=Budapest%2C%20De%C3%A1k%20Ferenc%20u.%2017%2C%201052%20Magyarorsz%C3%A1g&ie=UTF8&t=&z=8&iwloc=B&output=embed HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
vary: Origin, X-Origin, Referer
date: Mon, 04 Dec 2023 05:21:21 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.dualpowerdetroit.com/images/0.svg

34.118.111.64

200 OK

678 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/images/0.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1323), with no line terminators
Size
678 B (678 bytes)
Hash
1a5f6f53c046ce0b4daf13fd219a4bed
13153eb181669b42ac250ac67a2523fd4c17d998
ad35ead64c60cd52995495b8f023794864039e5009b6311e603eaadff69216b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/0.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-52b"
Content-Encoding: gzip

www.dualpowerdetroit.com/images/3.svg

34.118.111.64

200 OK

4.5 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/images/3.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (12334), with no line terminators
Size
4.5 kB (4482 bytes)
Hash
cd0c05ef3b8b6ef2739b7a8a36901f87
5b3b47505a0a37d04cc1a57973a45efd788c8523
0f45196ae9855d1d367b8b52402cd68d7fe1e701e5ce78f01c5da6861207c128

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/3.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-302e"
Content-Encoding: gzip

www.dualpowerdetroit.com/logotip.svg

34.118.111.64

200 OK

1.3 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/logotip.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2800), with no line terminators
Size
1.3 kB (1285 bytes)
Hash
89274c076986a13bb5394ee2fb2544dc
135c2ec56496d19fe1d2180f7a6fefb84b164739
0aa3e84bbe43d1e0773a329067978cee08029a5f633bc0d8f78f11a0d1b13eb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logotip.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-af0"
Content-Encoding: gzip

www.dualpowerdetroit.com/avatar/m-0.jpg

34.118.111.64

200 OK

64 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/m-0.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
64 kB (63993 bytes)
Hash
04b22ce3fff1e214a0f4bdf41a1881fe
d2b5c0b448bf9a13eb4f32e9fc85930fd8626950
eb96498f3a2886102f1874539331bb0dec8ac885879c4862d1683ddcf3c8cd8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-0.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 63993
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-f9f9"
Accept-Ranges: bytes

www.dualpowerdetroit.com/bg/2_vectimg.svg

34.118.111.64

200 OK

13 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/bg/2_vectimg.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (37083), with no line terminators
Size
13 kB (12823 bytes)
Hash
8172d8009b92f3284177d6f587434cec
a4a227a9df63275095f07d22c67631074b4240c6
8688f18fe89d06dc0c3f76be421910d2e7f6e0fcc2cb556e9fc14169d147240d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/2_vectimg.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-90db"
Content-Encoding: gzip

www.dualpowerdetroit.com/images/2.svg

34.118.111.64

200 OK

701 B

URL GET HTTP/1.1
www.dualpowerdetroit.com/images/2.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1266), with no line terminators
Size
701 B (701 bytes)
Hash
e7ed6225f2cfac7f2a0d764446331cbf
95be1da8ee4fefb8bfb44857f399e4812d1fbd43
fc7949634a35f3b0df7351f87211906b2b804ade351fca0b75a75b8e049d1400

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/2.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-4f2"
Content-Encoding: gzip

www.dualpowerdetroit.com/bg/0_vectimg.svg

34.118.111.64

200 OK

15 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/bg/0_vectimg.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (42139), with no line terminators
Size
15 kB (14715 bytes)
Hash
d66b810d74643b4339c8625e21aed0b4
cd4792b67b878daf40bbc728b7158fd0435bdfd4
c6b49817f273c2384a715d9996d69710154dec2a343d524b36f35a51e2a58ed5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/0_vectimg.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-a49b"
Content-Encoding: gzip

www.dualpowerdetroit.com/avatar/w-1.jpg

34.118.111.64

200 OK

116 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/w-1.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
116 kB (116488 bytes)
Hash
79eef43dedfd366ac4a0b8c15a7994ce
dfd3f0146685b197daae22d51b0f34e370a2389c
7d32485ff1b2843aea6a0ebdbe98e6e1491fce0e3c2051ef272abffadd3710b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-1.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 116488
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-1c708"
Accept-Ranges: bytes

www.dualpowerdetroit.com/bg/1_vectimg.svg

34.118.111.64

200 OK

17 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/bg/1_vectimg.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (45512), with no line terminators
Size
17 kB (16624 bytes)
Hash
1b08a83dbef9089ea9fa394cd551dd00
50a47758f3277cac567780a3d21e9e24ee3f28ba
0875213db5bb0bbd79b19e27aa9c4cc644cbc7f77e6e114ff90af74dbfa5e2e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/1_vectimg.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-b1d0"
Content-Encoding: gzip

www.dualpowerdetroit.com/images/1.svg

34.118.111.64

200 OK

1.2 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/images/1.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2362), with no line terminators
Size
1.2 kB (1184 bytes)
Hash
0eb4acf199943c236259b55bf8f96cbc
689b5826055bf3850d816b1c4c136c967b2bd26d
5ebe55d1d8d7e9939327ebef46f4c1e2331e0373472ad817faae2f6f3e77691f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/1.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-93a"
Content-Encoding: gzip

www.dualpowerdetroit.com/bg/0_opacity.png

34.118.111.64

200 OK

38 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/bg/0_opacity.png
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
PNG image data, 2101 x 1201, 2-bit colormap, non-interlaced\012- data
Size
38 kB (37664 bytes)
Hash
659cd0bfb5b268344f94760844c8d81d
0cbe4b2f1d206fef2a28763a7f070a243f67459b
417d9835abbe5816fb3343707394be7f6968d9e032470a6ad0b2c828e0c54aea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/0_opacity.png HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/png
Content-Length: 37664
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-9320"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/w-0.jpg

34.118.111.64

200 OK

123 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/w-0.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
123 kB (123198 bytes)
Hash
d5b4d7150c37d423f99e6dd0702e3ec9
87368d51ac785ece4ad8a8e433e79b1fae583b34
3afb77a6825f757ddd1a3b04f678ad29f392f3b36f0660b338ee05f94db60570

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-0.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 123198
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-1e13e"
Accept-Ranges: bytes

www.dualpowerdetroit.com/bg/1_opacity.png

34.118.111.64

200 OK

18 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/bg/1_opacity.png
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
PNG image data, 1801 x 1201, 1-bit colormap, non-interlaced\012- data
Size
18 kB (17745 bytes)
Hash
e3ecc7d3fc49ab5f7d2637e96e8fec8b
42a703d2a8aac1e8fee93005efaafd7126bd3803
a52e37b0b7c1f4b15f01ea196acfc86bf9992fb42e564960b26396e29a875826

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bg/1_opacity.png HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/png
Content-Length: 17745
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-4551"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/m-1.jpg

34.118.111.64

200 OK

125 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/m-1.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
125 kB (125232 bytes)
Hash
a1634bae1b1023db0d126882451fdd11
28226db9a299f99cea3bdef14ead6e8237c77ed0
d48f214d6e8d2e87d3978ea22b356ee599c843ec56d85a9528717d59020925a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-1.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 125232
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-1e930"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/m-2.jpg

34.118.111.64

200 OK

56 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/m-2.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
56 kB (56187 bytes)
Hash
0c2465953041900d15647d8735d224bb
556ee1c5c329b33e885f05f03c7fff31def5e43e
60e8ca2b472fed99e093c4e033720dedd711bb51e129e21fa40211e902197141

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-2.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 56187
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-db7b"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/m-3.jpg

34.118.111.64

200 OK

77 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/m-3.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
77 kB (77116 bytes)
Hash
bce9ee9759082d0b0f01d36a0946943b
1565ce000a77d9670cdc459d7fa5ac1701617535
7d518403ec0834048b8364cd6092330efed4e73b5ba27bc3bb13c2e3fda2f612

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/m-3.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 77116
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-12d3c"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/w-2.jpg

34.118.111.64

200 OK

77 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/w-2.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
77 kB (76905 bytes)
Hash
a51bbc60b845d6c6deed13455ecb2c9c
f38cda85365cade9baaa0ecefed9dba3aed70a38
789ae0b605992bf1a00d17ef0541c25eebbfecf2f2e523072b195a33f3476509

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-2.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 76905
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-12c69"
Accept-Ranges: bytes

www.dualpowerdetroit.com/1705095629.jpg

34.118.111.64

200 OK

211 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/1705095629.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 840x331, components 3\012- data
Size
211 kB (210644 bytes)
Hash
8556d613415086f38d4d1c78be5b1636
4cc438279a3b3dd2eb09441d0478457bdf82337c
3464c6b43224ef6233409a4f31fa93b6f3a6c9f4d4a29c716d761a28e4cac094

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1705095629.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 210644
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-336d4"
Accept-Ranges: bytes

www.dualpowerdetroit.com/avatar/w-3.jpg

34.118.111.64

200 OK

74 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/avatar/w-3.jpg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Size
74 kB (73960 bytes)
Hash
8dfae4a0a40970fd2d5850ad07819c12
36bd599f1c78042cc3a2609688dd8a4b70c354cb
69049ec074b581e6182715d0de1aae5c8fd1e1f6f907b669090ad4f4b5712e95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatar/w-3.jpg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/jpeg
Content-Length: 73960
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-120e8"
Accept-Ranges: bytes

www.dualpowerdetroit.com/themeFiles/stylesheet/fonts/slick.woff

34.118.111.64

200 OK

1.4 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/fonts/slick.woff
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
Web Open Font Format, CFF, length 1380, version 1.0\012- data
Size
1.4 kB (1380 bytes)
Hash
b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/fonts/slick.woff HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/themeFiles/stylesheet/stheme.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: font/woff
Content-Length: 1380
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-564"
Accept-Ranges: bytes

www.dualpowerdetroit.com/themeFiles/stylesheet/ajax-loader.gif

34.118.111.64

200 OK

4.2 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/themeFiles/stylesheet/ajax-loader.gif
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themeFiles/stylesheet/ajax-loader.gif HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/themeFiles/stylesheet/stheme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:21 GMT
Content-Type: image/gif
Content-Length: 4178
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Connection: keep-alive
ETag: "65113de4-1052"
Accept-Ranges: bytes

fonts.googleapis.com/css2?family=Lobster&display=swap

142.250.74.106

200 OK

992 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lobster&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
992 B (992 bytes)
Hash
549b8d624fed9cfd730344f6149b7adb
d37c805fff8e2293b2dc51c0a7b4ee6d5e162390
1de6d29e5256adf7bb11147b942fa5ca9c0b6d1acbb9811263b333443dd1ef74

HTTP Headers

GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:21:21 GMT
date: Mon, 04 Dec 2023 05:21:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2

142.250.74.99

200 OK

38 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37840, version 1.0\012- data
Size
38 kB (37840 bytes)
Hash
6957af42676a9a6104e7a8eee1cee92f
05a81c1de245f5abfda3e26e333753a98a90b77f
e4f50b8bf27fec2b2be5907a06a6579a355aa86542322a2434fac71a22c2ea6e

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:49:00 GMT
expires: Thu, 28 Nov 2024 21:49:00 GMT
cache-control: public, max-age=31536000
age: 372742
last-modified: Wed, 27 Apr 2022 17:05:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2

142.250.74.99

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46796, version 1.0\012- data
Size
47 kB (46796 bytes)
Hash
328da9d0efdf3626073910bfd379b2ff
e55f0b86555b18495045db12654779186c94f0a5
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:52 GMT
expires: Thu, 28 Nov 2024 21:48:52 GMT
cache-control: public, max-age=31536000
age: 372750
last-modified: Wed, 27 Apr 2022 16:31:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2

142.250.74.99

200 OK

42 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42268, version 1.0\012- data
Size
42 kB (42268 bytes)
Hash
1eddafacd76de9cd8c43743e2c7d2b34
bda9ff52d33d2e1d670984f1af8f0e1f43f44d10
ec80b562d5a12eb00edd4a7ccdab4cdb58f639a1f254802bc065ceb6350fe4b5

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jvmyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 12:53:46 GMT
expires: Fri, 29 Nov 2024 12:53:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:06:13 GMT
content-type: font/woff2
age: 318456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.74.99

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:51:07 GMT
expires: Thu, 28 Nov 2024 21:51:07 GMT
cache-control: public, max-age=31536000
age: 372615
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

142.250.74.99

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Size
30 kB (30480 bytes)
Hash
0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:09:51 GMT
expires: Fri, 29 Nov 2024 05:09:51 GMT
cache-control: public, max-age=31536000
age: 346291
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dualpowerdetroit.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:08 GMT
expires: Fri, 29 Nov 2024 04:57:08 GMT
cache-control: public, max-age=31536000
age: 347054
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.dualpowerdetroit.com/logotip.svg

34.118.111.64

200 OK

1.3 kB

URL GET HTTP/1.1
www.dualpowerdetroit.com/logotip.svg
IP
34.118.111.64:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerLet's Encrypt
Subjectdualpowerdetroit.com
FingerprintA7:29:99:98:13:30:A9:1A:55:AF:A7:C1:8D:69:5E:D3:DF:24:13:DC
ValidityTue, 10 Oct 2023 14:37:11 GMT - Mon, 08 Jan 2024 14:37:10 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2800), with no line terminators
Size
1.3 kB (1285 bytes)
Hash
89274c076986a13bb5394ee2fb2544dc
135c2ec56496d19fe1d2180f7a6fefb84b164739
0aa3e84bbe43d1e0773a329067978cee08029a5f633bc0d8f78f11a0d1b13eb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logotip.svg HTTP/1.1
Host: www.dualpowerdetroit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:21:22 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 25 Sep 2023 07:59:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65113de4-af0"
Content-Encoding: gzip

www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen

216.58.207.228

200 OK

927 B

URL GET HTTP/2
www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1254)
Size
927 B (927 bytes)
Hash
ecc9aea2000844c068d48d64ee8cb03c
d789fefec0a6cf8a0b2e80c5ce2999675904b2cc
73aa5758b158a4e3216e176a3cf885cd69a3efe4c8faa34882786829b058ad62

HTTP Headers

GET /maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dualpowerdetroit.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
pragma: no-cache
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-XvHW-e4AyyWl9Ok1qRlYWw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 05:21:22 GMT
server: scaffolding on HTTPServer2
content-length: 927
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad

142.250.74.106

200 OK

63 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2458)
Size
63 kB (63040 bytes)
Hash
f4592430998b45e290ecf5740d8fc4d9
86e8d046a4172f5551dcef4e4c6431a089cbf8a5
4dc650d3ec722b255624f60f7e6e3221bebebd7ceacd56828af1d3c5617fb369

HTTP Headers

GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 05:21:22 GMT
server: scaffolding on HTTPServer2
content-length: 63040
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

142.250.74.106

200 OK

23 B

URL GET HTTP/3
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
JSON data\012- , ASCII text
Size
23 B (23 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 04 Dec 2023 05:21:22 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js

142.250.74.163

200 OK

61 kB

URL GET HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/55/3/init_embed.js
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (3230)
Size
61 kB (60995 bytes)
Hash
0f250ad3a2691ddbd832b75bca4a44be
23e54c1b4cb0c03b4f17d1f56ea74ae74925d60e
40c4591ccf3a569b4db8a939842cefcff28dd8b74d2a1fab68591d7e0c7bbc7e

HTTP Headers

GET /maps-api-v3/embed/js/55/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 60995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:20 GMT
expires: Thu, 28 Nov 2024 21:34:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:39 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/55/3/common.js

142.250.74.106

200 OK

57 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/common.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (5883)
Size
57 kB (57129 bytes)
Hash
9b44e2e564f70b079e48e73680228d50
21cbe8228939cccbe04d618cc62592abe8168292
862626d7f047d662ba009df71a153f10d6e807f7ef17d0d5127f0bef16e215d7

HTTP Headers

GET /maps-api-v3/api/js/55/3/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57129
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:26 GMT
expires: Thu, 28 Nov 2024 21:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/util.js

142.250.74.106

200 OK

55 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/util.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (562)
Size
55 kB (55134 bytes)
Hash
90e04afddd95ef43014450cadb771307
84382d86cb0b94bebef21276b757402c80a49950
416d94f82831298c634952e55392f6a187d52da70fe49083b99af1755bde4615

HTTP Headers

GET /maps-api-v3/api/js/55/3/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 55134
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:26 GMT
expires: Thu, 28 Nov 2024 21:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/map.js

142.250.74.106

200 OK

24 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/map.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2376)
Size
24 kB (23678 bytes)
Hash
243bb45c4744cbda04a2be95db1b16dd
883795e8de2b2c4ee9dabc3193e4a20639306843
8e89cf5feaf942492d02ab197eab24ecae57af44afa54c5a19f32b80e2395740

HTTP Headers

GET /maps-api-v3/api/js/55/3/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:31 GMT
expires: Thu, 28 Nov 2024 21:34:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/overlay.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1152)
Size
1.3 kB (1278 bytes)
Hash
59f3386eebf333dba7982e068e01b797
1f2099e6adddee067e3f2349f27b059d5dd38537
57b27ca34a0a4f104113f302a891f3b0c37fd849b34512e9e52e0084d0523516

HTTP Headers

GET /maps-api-v3/api/js/55/3/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:36 GMT
expires: Thu, 28 Nov 2024 21:34:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js

142.250.74.106

200 OK

8.9 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/onion.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2559)
Size
8.9 kB (8880 bytes)
Hash
a2d42fe1c670e5f02d792bf944e1908f
bf8ddc906459b74128d3484bd64f47eb96b8932e
4b4ccaf9230460e41b89e77a295c73c250a869c7765a509588b013f4feeaa5a2

HTTP Headers

GET /maps-api-v3/api/js/55/3/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 8880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:36 GMT
expires: Thu, 28 Nov 2024 21:34:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/3
maps.googleapis.com/maps-api-v3/api/js/55/3/search_impl.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1470)
Size
1.2 kB (1216 bytes)
Hash
8a50e9517370067b769dfec46e31ae66
55d249979875100ad3d8bbb6b7b0f7b02d280346
0e8c45740f76c7936f760b7ac176a2517c8b6d176231f3d541d67321f9eeea45

HTTP Headers

GET /maps-api-v3/api/js/55/3/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:34:36 GMT
expires: Thu, 28 Nov 2024 21:34:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 00:55:44 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 373606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i35951&2i22720&2e1&3u8&4m2&1u570&2u396&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=86627

142.250.74.106

200 OK

95 kB

URL GET HTTP/3
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i35951&2i22720&2e1&3u8&4m2&1u570&2u396&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=86627
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sBudapest,+De%C3%A1k+Ferenc+u.+17,+1052+Magyarorsz%C3%A1g!6i8!3m1!1sen!5m1!1sen
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 570 x 396, 8-bit colormap, non-interlaced\012- data
Size
95 kB (94739 bytes)
Hash
56bc72b77da16ec20ec7c72ede2c730f
6f7e03a441422eecd28766998a08d898f1474b59
cc5fee244244f9c4a08c87e1fabe6f4de92010d16557235eca6a24d960ee4846

HTTP Headers

GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i35951&2i22720&2e1&3u8&4m2&1u570&2u396&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=86627 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
date: Mon, 04 Dec 2023 05:21:22 GMT
expires: Tue, 05 Dec 2023 05:21:22 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 94739
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap

142.250.74.106

200 OK

7.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.dualpowerdetroit.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7752), with no line terminators
Size
7.5 kB (7536 bytes)
Hash
2c465d1452ebff8520810a2caa560e3b
12e178ca805157ec484b6572a4e49c6e4781444f
8be858c546a77679e864ac22c0618fdf04c0468210ee4a70a9e2f3aedcba5cda

HTTP Headers

GET /css2?family=Ubuntu:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.dualpowerdetroit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:21:21 GMT
date: Mon, 04 Dec 2023 05:21:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by