Report - usdtpooldrop.com/st/login.php

Report Overview

Visitedpublic

2024-10-18 13:24:46

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
usdtpooldrop.com	unknown	2023-10-24	2024-10-18	2024-10-18	1.5 kB	12 kB	104.21.22.34
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-10-16	430 B	1.5 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-10-16	526 B	15 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-18	medium	usdtpooldrop.com	Sinkholed
2024-10-18	medium	usdtpooldrop.com	Sinkholed
2024-10-18	medium	usdtpooldrop.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

URL IP Response Size

GET fonts.googleapis.com/css?family=Audiowide

142.250.74.106

200 OK

843 B

URL

fonts.googleapis.com/css?family=Audiowide

IP / ASN

142.250.74.106

#15169 GOOGLE

Requested byhttps://usdtpooldrop.com/st/login.php

Resource Info

File typegzip compressed data, max compression

First Seen2024-10-18

Last Seen2024-10-18

Times Seen2

Size843 B (843 bytes)

MD5a88be5ffb6e034d04b2a54697deb1af1

SHA1c5b7a46d681cd6f9a033d276fb31027c0bcf71aa

SHA256cb20a269bc8678e6da09e6fece4d1036aa556c855266212a5d7322a16d06a5e9

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

Fingerprint04:E9:E7:03:97:99:66:D7:5B:E7:AE:2C:40:95:6F:E2:07:A3:7D:6C

ValidityMon, 30 Sep 2024 15:09:59 GMT - Mon, 23 Dec 2024 15:09:58 GMT

HTTP Headers

GET /css?family=Audiowide HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usdtpooldrop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Oct 2024 13:24:20 GMT
date: Fri, 18 Oct 2024 13:24:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_O.woff2

142.250.74.163

200 OK

14 kB

URL

fonts.gstatic.com/s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_O.woff2

IP / ASN

142.250.74.163

#15169 GOOGLE

Requested byhttps://usdtpooldrop.com/st/login.php

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 14132, version 1.0

First Seen2023-04-16

Last Seen2025-07-28

Times Seen191

Size14 kB (14132 bytes)

MD5fa3af39df2341c8485dcffbd652140d1

SHA146fe628036c4566d4fdd9d440195116718ae020e

SHA256e21fd195dd9dcdafc5a0f162a8fc252703f3683179861afb057cd58f9d27dbe5

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

FingerprintA7:6D:44:6D:0D:8C:29:A8:CF:9A:12:0B:7C:B9:A0:F9:B0:72:5E:E9

ValidityMon, 30 Sep 2024 15:09:59 GMT - Mon, 23 Dec 2024 15:09:58 GMT

HTTP Headers

GET /s/audiowide/v20/l7gdbjpo0cum0ckerWCdlg_O.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://usdtpooldrop.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 13:45:57 GMT
expires: Sat, 11 Oct 2025 13:45:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:44:04 GMT
content-type: font/woff2
age: 603503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET usdtpooldrop.com/st/login.php

104.21.22.34

200 OK

938 B

URL

usdtpooldrop.com/st/login.php

IP / ASN

104.21.22.34

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeASCII text, with very long lines (1060), with no line terminators

First Seen2024-10-18

Last Seen2024-10-18

Times Seen1

Size938 B (938 bytes)

MD5fc8053ea10d959e1a026f3cccac47cd2

SHA1f79b1762cb6362d1ec6e2a37eb8f9198c4c4633b

SHA256f94671836068e4567eebdda511d564602d3f4054252a42716f752ee505421aaf

Certificate Info

IssuerGoogle Trust Services

Subjectusdtpooldrop.com

FingerprintBF:22:29:6D:E2:F9:A6:D1:6A:3A:B7:59:24:30:C7:23:24:BC:6E:4E

ValidityTue, 20 Aug 2024 19:13:52 GMT - Mon, 18 Nov 2024 19:13:51 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /st/login.php HTTP/1.1
Host: usdtpooldrop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 18 Oct 2024 13:24:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.12
set-cookie: PHPSESSID=ihg3fcnncuenbdf3728mjprqtd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W57rqFbQKCsl39nIEp8f%2Frhd0zk7BbhLCVLclixuAVesSvHtYgLehwYg%2BYtUoryW0WQQLlajVmI5GYp8Jh3DOUNivTOc52g5XTxy4ni5Bjgiau67xHe%2BArpmeV80gAa2%2FU%2Fd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d48d9190b49b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET usdtpooldrop.com/st/css/login.css

104.21.22.34

200 OK

8.3 kB

URL

usdtpooldrop.com/st/css/login.css

IP / ASN

104.21.22.34

#13335 CLOUDFLARENET

Requested byhttps://usdtpooldrop.com/st/login.php

Resource Info

File typeASCII text, with very long lines (9075), with no line terminators

First Seen2024-10-18

Last Seen2024-10-18

Times Seen1

Size8.3 kB (8253 bytes)

MD51294813c1a08275872b70c5d9085539f

SHA13f07700f85bb2a06d1b7bc87886b4f874c69afc0

SHA25615a62eba55b06a7fee5fc4adf701d9cb4a536a965e47282fb19184232046f5bc

Certificate Info

IssuerGoogle Trust Services

Subjectusdtpooldrop.com

FingerprintBF:22:29:6D:E2:F9:A6:D1:6A:3A:B7:59:24:30:C7:23:24:BC:6E:4E

ValidityTue, 20 Aug 2024 19:13:52 GMT - Mon, 18 Nov 2024 19:13:51 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /st/css/login.css HTTP/1.1
Host: usdtpooldrop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usdtpooldrop.com/st/login.php
Cookie: PHPSESSID=ihg3fcnncuenbdf3728mjprqtd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 18 Oct 2024 13:24:20 GMT
content-type: text/css
last-modified: Sat, 10 Aug 2024 06:01:29 GMT
etag: W/"203d-61f4dfdb4f638"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q37M3Fb7ppiglBA1hFwoGVON%2BQCY9a6OBHeht6vrctU0yAsXki01spgVQB5R9Vsrhw6oUkYDPAsarL6Xgeh0oB%2FVPCdX311GCwT4xK11tmPtgcgKuI71JlqVDR7%2BUmROP5Ho"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d48d91ad98b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET usdtpooldrop.com/favicon.ico

104.21.22.34

404 Not Found

302 B

URL

usdtpooldrop.com/favicon.ico

IP / ASN

104.21.22.34

#13335 CLOUDFLARENET

Requested byhttps://usdtpooldrop.com/st/login.php

Resource Info

File typeHTML document, ASCII text, with very long lines (313), with no line terminators

First Seen2024-10-18

Last Seen2024-10-18

Times Seen1

Size302 B (302 bytes)

MD57cca028dae84b6eaa4708eab56a13b01

SHA1b3eb89710e20b488cf0764bf2272105a2237c065

SHA25639aa3a854140d6b807462a39f58c4bab843d76375e74bb977dcb5f3c8c5e05e5

Certificate Info

IssuerGoogle Trust Services

Subjectusdtpooldrop.com

FingerprintBF:22:29:6D:E2:F9:A6:D1:6A:3A:B7:59:24:30:C7:23:24:BC:6E:4E

ValidityTue, 20 Aug 2024 19:13:52 GMT - Mon, 18 Nov 2024 19:13:51 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: usdtpooldrop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://usdtpooldrop.com/st/login.php
Cookie: PHPSESSID=ihg3fcnncuenbdf3728mjprqtd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 18 Oct 2024 13:24:20 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnV%2BSPgzlReGsl5PrOAYBhX0PcCMBU6IMYdi1bqc7nqfGir8AZesOi1sCskMXXDBuwM28K7Ay773oegUXuXn7QV9PF7AIJpzVvKDiI6MUHz28h4eMdYaNGibf%2FQkOFOiiqQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d48d91b8a6f1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400