| | 104.21.15.201 | 308 Permanent Redirect | 353 B |
URL User Request GET HTTP/2IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
File typeHTML document, ASCII text, with very long lines (353), with no line terminators Hashf685535be42f940892bdcc31240255fe e06ef4e042360c568848c5c9497446675869f1bf 585cae3513de16d1c99d98df8ec76d397cb7822bdad6351ef614a01223ee94ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: text/html; charset=UTF-8
content-length: 353
location: https://www.pop.tg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZdgdQ0KbD4hsbJizXxtaup3YShK1%2F0PkwWRl8FtLN7W8%2F1l4J%2FVIXVhdWMHHmFtFAU8Mdo74nNyTH1gZuIzzJeUrhdYoUz2cwwWKh6fdpmBwypEBHYQOQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797a80a0acb56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/atkinsonhyperlegible/v11/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2 | 216.58.207.227 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/atkinsonhyperlegible/v11/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17184, version 1.0 Hash82a5516b3709a765b50c69ca1d930e8b 307749986faf79915e4b666c7ccd0381ce294f75 b09653e3ba9d95e26da5c408979f40451990a4573ce5f96abe6982e2fcb09e6c
GET /s/atkinsonhyperlegible/v11/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pop.tg
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:34:18 GMT
expires: Fri, 18 Apr 2025 17:34:18 GMT
cache-control: public, max-age=31536000
age: 516440
last-modified: Tue, 02 May 2023 14:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 104.21.15.201 | 200 OK | 604 B |
URL User Request GET HTTP/2IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
File typeHTML document, ASCII text, with very long lines (348) Hashdbd98101e573bd765570e031127930d9 76d129f7640c58520e1f609421f133343c024990 c51bbc71c359cad610a6894a4feaaaa4c9f18f4127efae14015e3d93d4ff731d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
age: 7727262
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="index.html"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::nzp4l-1713978098385-d61dfbc92b90
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRAUKRWVRMZc5Q0MTiFeSaP6S6UxcNeHPuW5CxRexVOHPklAZxiCcECFjez4x%2BVoGWV9Z66PLhi%2BCq18aif2KzHRrDaB3qRxM5dOorpxUs7b6oLEA3vRmEFuuW9v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797a80aab7256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pop.tg/global.css | 104.21.15.201 | 200 OK | 1.5 kB |
IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
File typeASCII text, with very long lines (2265), with no line terminators Hash0475ff16efbdefbdc4dd45c7a5216c3b d956619256fd9fbdcf8e9257cfbfa6096805aac6 e0f86e323975a3b20bbe1bbf604a6fa7821ece79ff13756b61328fef05fdc5dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /global.css HTTP/1.1
Host: www.pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pop.tg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=2284
access-control-allow-origin: *
content-disposition: inline; filename="global.css"
etag: W/"5acb9ca94b70fd0704e31cf5b4d3ae786d426f5d69d435bcd1e1f1d8826113f8"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::krc6z-1713948709834-0b8955801521
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srca0UwPrvbascWEWPzxCtbgoZgtV478mdIJ7GDw1KXnTL8XcolwukPRWm%2BKR9rXhTyKhkNJLhjELerNA%2BoTN85NVU8xW0wyNtzkGj5YRzNG5ByeqLLN4mz%2F5bAc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797a80c798856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.pop.tg/favicon.ico | 104.21.15.201 | 404 Not Found | 39 B |
IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
File typeASCII text, with no line terminators Hashebbfc186049b57814df4973aac4a24cb 3a6b51526582d19a21a365962d8f9ae0d60ba47e af0c10b9bb4fc6616ce960677e651b73a362583043fe1b454b72997a571b6751
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pop.tg/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: text/plain; charset=utf-8
content-length: 39
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=63072000
x-vercel-error: NOT_FOUND
x-vercel-id: arn1::bzl7f-1713978098954-8a3537cf32ba
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8JI5wYOkftu0IY7OXGoM4dco2IqNWeA9tEwID6gqXB5l9pa8wXP%2B9ceuZlp9z6cs%2Fzqf3pkQ1OtsxrAivIf3Pi5KpUd9ZH%2BQBz3Aho5uNLDXeDQ7Fo%2FrR7eI9As"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797a80e3b7556c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Atkinson+Hyperlegible&display=swap | 216.58.207.234 | 200 OK | 872 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Atkinson+Hyperlegible&display=swap IP216.58.207.234:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (890), with no line terminators Hash80b2de44e8dd0f8c1591a5f0323dff59 b1a6da4ac93fe65e0c2cdff5f3742ffdbecb0e47 3dcb65590acc68d7fb5fef84396d9d20ad785d23c1b0ab4bd66523c5c3a16659
GET /css2?family=Atkinson+Hyperlegible&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pop.tg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 17:01:38 GMT
date: Wed, 24 Apr 2024 17:01:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.pop.tg/dist/main.css | 104.21.15.201 | 200 OK | 9.0 kB |
IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
File typeASCII text, with very long lines (8987), with no line terminators Hash9d9dc04d642bf5935e1ba03bb38f0d90 aeda135626fa51a2d186228b08c5614b2a8a6d36 d810274e52f804fbb56a2012d572bfb4e58aa66c2123410e944c4c4bf19167fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dist/main.css HTTP/1.1
Host: www.pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pop.tg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=9054
access-control-allow-origin: *
content-disposition: inline; filename="main.css"
etag: W/"1548f3a5324c49f004047b173a2a358687bca726fdefad3854fc659d3c06299e"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::bpjg7-1713948709807-4e04dd546968
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnTJu2MorZOc3%2F0VQD09fT351%2FtmC7ArTJ%2F76P7EFmX%2FzXxdRFhEeCiOiX1i45VIRePRMVKC5bEDiDbVUeTwkTDpMImWIo63VEAbExAZzRDHzK22Fhmuc8fG1Z3V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797a80c799356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.pop.tg/dist/main.js | 104.21.15.201 | 200 OK | 91 kB |
IP104.21.15.201:443
CertificateIssuerGoogle Trust Services LLC Subjectpop.tg Fingerprint87:04:21:16:B2:F0:6D:69:24:5E:1D:1F:86:79:BB:50:3E:4C:F8:E8 ValidityFri, 12 Apr 2024 06:50:06 GMT - Thu, 11 Jul 2024 06:50:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dist/main.js HTTP/1.1
Host: www.pop.tg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.pop.tg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:01:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=90915
access-control-allow-origin: *
content-disposition: inline; filename="main.js"
etag: W/"9b97069167cc97adcc7489bdae43dd482b41a48a727f899da5d2d61acc5deb94"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::swxzx-1713948709830-b10ceb35976a
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5eFtYnfyvekOEAUTjL0JxTumptTqaCpZfxBIF7iKLCXPvHeS66poRhkCMwlj5n%2FMvQDU3NfNrHb4IGj%2FYrivvq1SVxMAQHf87eE0mjjkWN8XmmYeYSmZ0yzCHqE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797a80c799556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|