urlscan.io logo urlscan.io
SecurityTrails logo

tg.btc.fun Open in urlscan Pro
172.67.69.102  Public Scan

Go To Rescan Add Verdict Report
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%...
Submission Tags: 0xscam
Submission: On December 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 172.67.69.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is tg.btc.fun.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.
This is the only time tg.btc.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 172.67.69.102 13335 (CLOUDFLAR...)
5 47.79.49.192 45102 (ALIBABA-C...)
16 3
Apex Domain
Subdomains		 Transfer
8 btc.fun
tg.btc.fun
tg-mini.btc.fun Failed
629 KB
5 aliyuncs.com
btcfun-tg.oss-ap-southeast-1.aliyuncs.com
6 MB
16 2
Domain Requested by
8 tg.btc.fun 1 redirects tg.btc.fun
5 btcfun-tg.oss-ap-southeast-1.aliyuncs.com tg.btc.fun
0 tg-mini.btc.fun Failed tg.btc.fun
16 3

This site contains no links.

Subject Issuer Validity Valid
btc.fun
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
ap-southeast-1.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-09-02 -
2025-09-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Frame ID: 80F11715F670B0B055971367C61CB248
Requests: 12 HTTP requests in this frame

Frame: https://tg.btc.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: A09A49553C0EDD1FC6AC3B3E99483844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Airplane War

Page Statistics

16
Requests

69 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

6424 kB
Transfer

6817 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://tg.btc.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://tg.btc.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tg.btc.fun/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b77732d8ecda27608335347ec2110983ff12dc51f793d50de2f50410b36156e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8f85e0361ca780e2-EWR
content-encoding
br
content-type
text/html
date
Fri, 27 Dec 2024 02:28:12 GMT
last-modified
Wed, 04 Dec 2024 15:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78dw8E%2FxPJz3HQo0SZMcMAh4NFFxU%2BZXyk37CuH6H%2BVAR0A4LcPyXLEXm8XirNXz4tAqITuXnOSBtoaUwbJC6wLlzvPJr88EDjRxyNS%2FP7PDCdyJzarq897bsHE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=10090&min_rtt=8688&rtt_var=5239&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3962&recv_bytes=2788&delivery_rate=496036&cwnd=253&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=568&x=0"
x-amz-id-2
wGdq2W0k9b/uWXozg18TIKMSojehUfKiaiPfSXbs4Cb3EzyLJlMGDf9C/E32FgRJpfmjk0h3Hig=
x-amz-request-id
6T8C0JF3CGXQM1PD
style.css
tg.btc.fun/TemplateData/ 		884 B
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/TemplateData/style.css
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92561d70cc85173312162a3cffc9fae535b06b964daca5927127349c1d128751

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"3a37211f5106e018e64f1c3a3a4abd91"
age
3019
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cC3mjeke%2FT7bFS8G9KfLAQyTl9XrP9E%2BPBhA%2Bwb3niL0qHRGYs2497pYrSW9HXpf7bnXxbWz40qSEirn2gEdpBV3SBrFV%2FXoGTgC6OsSCCwNmT%2FyIjDiksuIS0Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=12652&min_rtt=8688&rtt_var=8648&sent=10&recv=9&lost=0&retrans=0&sent_bytes=6987&recv_bytes=3488&delivery_rate=496036&cwnd=256&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=610&x=0"
date
Fri, 27 Dec 2024 02:28:12 GMT
content-type
text/css
last-modified
Thu, 28 Nov 2024 13:18:11 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-amz-id-2
IasUPDERR2rY5+pcZD2nnh53Tca2qc12OsjP8rLr58d7Ukj2TTkO3xO9D+bwOj43Dm95gTrwZkUtAjPV3HVTguFMezRTEgWZ0LuQlSV9tX4=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3MEE0XTK239D20AY
cf-ray
8f85e039a84b80e2-EWR
access-control-allow-origin
*
server
cloudflare
loading.gif
tg.btc.fun/TemplateData/ 		550 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.btc.fun/TemplateData/loading.gif
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4549c600984076f90e121bb20abbfe2f1979df1e6548372571d380f852376a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811

Response headers

cf-cache-status
HIT
etag
"4b63f91777671114263fb48a82616a71"
age
3019
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YziLnxz3fJStVGbS0rtOmuL%2FiEw6jsQY7Xq9b%2BDKbwcXLd1Vc2u2Y5vlTo22AtR1wze6gU2PF2Dz4u5GnCQ4mX6tU9kQThUN8Dbabp3WoNlr%2FSXX%2Bivz29Ci53U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=12652&min_rtt=8688&rtt_var=8648&sent=12&recv=9&lost=0&retrans=0&sent_bytes=7943&recv_bytes=3488&delivery_rate=496036&cwnd=256&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=611&x=0"
date
Fri, 27 Dec 2024 02:28:12 GMT
content-type
image/gif
last-modified
Fri, 22 Nov 2024 13:49:23 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-amz-id-2
R2e2eLXN/qodm0KfleFuQZ/O3pcoebDnd34RInWWqW6RiyLp1OHEAVvKsEZIUjCDdQ9ekAZ1g5sPyIvRXLqoFaUR5Bbs6ZGEYV7kXLqGL/M=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3ME53E0QMYBXYSET
cf-ray
8f85e039a84c80e2-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
563077
server
cloudflare
version.txt
btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/ 		9 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/version.txt?1735266492446
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.79.49.192 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
04fdd8e7de69e305c726eb57e82cfb9f4253b750bd0e1ee4dd596231ba957f17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/

Response headers

Content-MD5
1hiiOgex5eZtB6dPhYXHNg==
Access-Control-Max-Age
0
x-oss-storage-class
Standard
ETag
"D618A23A07B1E5E66D07A74F8585C736"
x-oss-object-type
Normal
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Date
Fri, 27 Dec 2024 02:28:13 GMT
x-oss-server-time
2
Content-Type
text/plain
Vary
Origin
Last-Modified
Thu, 05 Dec 2024 14:39:49 GMT
x-oss-ec
0048-00000113
Content-Disposition
attachment
x-oss-hash-crc64ecma
12843238457813503128
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
9
x-oss-request-id
676E10BD3D643B3938557198
x-oss-force-download
true
Server
AliyunOSS
main.js
tg.btc.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame A09A
Redirect Chain
  • https://tg.btc.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://tg.btc.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
H2
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37e5df84ac305950f39a490b29e1a3e8443dab985ef6522369b172979b6d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FoBHdwFopG6Igms1vjFdhYPY%2F0LmdG7dbDTjU2%2Bf2fSdIVQn8HUL7sv4uCzzxL7OZIZKpvp%2BH%2BeIt5GZjyZdjBHsTA1RGiVqgVU2b25fA9DZguRMpXFa1V7qTk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,POST,OPTIONS
cf-ray
8f85e03a48d880e2-EWR
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=10670&min_rtt=8688&rtt_var=3285&sent=409&recv=104&lost=0&retrans=0&sent_bytes=575102&recv_bytes=3675&delivery_rate=4247478&cwnd=604&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=715&x=0"
date
Fri, 27 Dec 2024 02:28:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfiNdzXbcZQ%2BRJHYrT5ij0tOMcLLsvkTxTCO5oGJKEphvZdNeb02PaXVxDMFr4tijl5em3wM1cAiGCgkZIFQkGr4fJgQb3CQb7gbMMHQ0FwMUxiLf9d2OGwcHSA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
cf-ray
8f85e03a18b380e2-EWR
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=9103&min_rtt=8688&rtt_var=201&sent=408&recv=103&lost=0&retrans=0&sent_bytes=574580&recv_bytes=3580&delivery_rate=4247478&cwnd=603&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=685&x=0"
content-length
0
date
Fri, 27 Dec 2024 02:28:12 GMT
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
favicon.ico
tg.btc.fun/TemplateData/ 		622 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/TemplateData/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72fdf98f883f11b18275cbfa32a736c856d94f740e221c1567e88177704c5f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c3fe1ddfdf7ce7b24d2f637d201e3c9c"
age
308
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FjSkMUamKHZImv64Cgb8TWYPo1QHQie%2Fj%2BWDcfFZavWYAh0z7v4mMbq0%2BWMmGjScVPIxgSDl%2FK8ya5heTMQvNsdCl44XkacjbMXAzOlkJnTjtxXmHiJJQaTZ4U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=10217&min_rtt=8688&rtt_var=2634&sent=414&recv=106&lost=0&retrans=0&sent_bytes=579892&recv_bytes=3750&delivery_rate=4247478&cwnd=609&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=733&x=0"
date
Fri, 27 Dec 2024 02:28:12 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 22 Nov 2024 13:49:23 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-amz-id-2
JIN4KTn+PkytmM3hqnh2evbiBl0NnzBKj57xf/fe1QKHq9iwhjddEmoCyhT6ldS+RHs8imUk8/HnJV3MhsxFoK+vQj1excaJDO2aLVVjYJ0=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AVJ07NZ5N30CCQEJ
cf-ray
8f85e03a68f480e2-EWR
access-control-allow-origin
*
server
cloudflare
8f85e0361ca780e2
tg.btc.fun/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A09A 		0
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/cdn-cgi/challenge-platform/h/b/jsd/r/8f85e0361ca780e2
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2F5C%2FEdizP%2B8GIvBTRYp9yXwKJNnHFxIa81mTXvXeI%2FHFSX5yZi0K7DBbinauMAkqvNjbb64PpqbaL0nFom9lvXXWjg5Vp3EUPzM6A0S4gNqkmWYU5x%2Fieb3Ga8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
cf-ray
8f85e03b29b680e2-EWR
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=10067&min_rtt=8688&rtt_var=2275&sent=423&recv=123&lost=0&retrans=0&sent_bytes=581172&recv_bytes=20976&delivery_rate=4247478&cwnd=612&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=858&x=0"
content-length
0
date
Fri, 27 Dec 2024 02:28:12 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
access-control-allow-headers
*
.web.loader.js
tg.btc.fun/Build/ 		110 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.btc.fun/Build/.web.loader.js
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a42f319763bcdccc3e29e558a9c0b8a9437ee0766d608ce0fa7058e09fa96f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6eb3d68e46f2203405f93a10058d9bb5"
age
3016
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rnf9DZHt%2FQJfJL8vpRuFsgDip2Ng5ddHH4yG4iq4%2Ffpth6G25VWv4v6ur6l%2BqPsjY7zB7C5%2Fws8R7YhiqLwXVlESAqA18KkCw2PbXcZxMlVAkt6Hc8Oom%2FhonI4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=16789&min_rtt=8688&rtt_var=15150&sent=424&recv=125&lost=0&retrans=0&sent_bytes=582169&recv_bytes=21409&delivery_rate=4247478&cwnd=613&unsent_bytes=0&cid=8bb8d6cbff093c4f&ts=1783&x=0"
date
Fri, 27 Dec 2024 02:28:13 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 13:49:23 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-amz-id-2
1tWKFOi0AZfiE/ofAvSZ8nKCUyjrdLcGYHselTtx957Td2VzhQK/AVsPH3uc9bqlGn6Gp/+QwEvHNWqnrHBmH+5sdWr5ug1jvGL4c6zqmcU=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
K3W46PM695QW3KYX
cf-ray
8f85e040fedc80e2-EWR
access-control-allow-origin
*
server
cloudflare
.web.framework.js.unityweb
btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/ 		62 KB
62 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/.web.framework.js.unityweb
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/Build/.web.loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.79.49.192 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
63524b3c7d99bc7bc91f6c0e11ca48c6b2488796d7993b793193b3342bfad90c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/

Response headers

Access-Control-Max-Age
0
x-oss-storage-class
Standard
ETag
"FBD7DB9D7494E9FEEAA9E8058E58DA4B-1"
x-oss-object-type
Multipart
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Date
Fri, 27 Dec 2024 02:28:13 GMT
x-oss-server-time
3
Content-Type
application/vnd.unity
Vary
Origin
Last-Modified
Thu, 05 Dec 2024 14:39:07 GMT
x-oss-ec
0048-00000113
Content-Disposition
attachment
x-oss-hash-crc64ecma
13626302546866012769
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
63044
x-oss-request-id
676E10BD3D643B3938957498
x-oss-force-download
true
Server
AliyunOSS
.web.wasm.unityweb
btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/ 		3 MB
3 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/.web.wasm.unityweb
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/Build/.web.loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.79.49.192 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7a674faa94a1f7547cdc2cd1c16c2963edb49194fbe7fef7f40b89ad0ba3cce4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/

Response headers

Access-Control-Max-Age
0
x-oss-storage-class
Standard
ETag
"7D9D7F606A18B573873A14C5C416B776-4"
x-oss-object-type
Multipart
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Date
Fri, 27 Dec 2024 02:28:14 GMT
x-oss-server-time
2
Content-Type
application/vnd.unity
Vary
Origin
Last-Modified
Thu, 05 Dec 2024 14:39:14 GMT
x-oss-ec
0048-00000113
Content-Disposition
attachment
x-oss-hash-crc64ecma
11501226218086116865
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
3347174
x-oss-request-id
676E10BE3D643B39388C7798
x-oss-force-download
true
Server
AliyunOSS
.web.data.unityweb
btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/ 		2 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/.web.data.unityweb
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/Build/.web.loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.79.49.192 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6dd20fdd0a9d91740870ec5f72b19f67ab37584004c178469d8d34d0e396deec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/

Response headers

Access-Control-Max-Age
0
x-oss-storage-class
Standard
ETag
"81526258708CE2E2422FC1FD2F3DC721-3"
x-oss-object-type
Multipart
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Date
Fri, 27 Dec 2024 02:28:14 GMT
x-oss-server-time
1
Content-Type
application/vnd.unity
Vary
Origin
Last-Modified
Thu, 05 Dec 2024 14:39:12 GMT
x-oss-ec
0048-00000113
Content-Disposition
attachment
x-oss-hash-crc64ecma
16343180826536853334
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
2521732
x-oss-request-id
676E10BE58A49D38342DDA1F
x-oss-force-download
true
Server
AliyunOSS
ca5c0b4e-9505-4672-9aee-0dcc641c4c0c
https://tg.btc.fun/ Frame 		0
0
d5f32d59-9e9f-4bec-b060-1bb20e402e43
https://tg.btc.fun/ 		348 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://tg.btc.fun/d5f32d59-9e9f-4bec-b060-1bb20e402e43
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/Build/.web.loader.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a64875625cd0cbc42ff293e86711433aeb35d6d639c0520729473b89e550fc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/javascript
Content-Length
356700
config.txt
btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/ 		88 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btcfun-tg.oss-ap-southeast-1.aliyuncs.com/airdrop/v1.0.0.17/config.txt?1735266496925
Requested by
Host: tg.btc.fun
URL: https://tg.btc.fun/Build/.web.loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.79.49.192 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a06f7c6c6f64cf36c1cc933f743bfbe0d4f436564dd75421d22a23f3f2f4962c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tg.btc.fun/

Response headers

Access-Control-Max-Age
0
x-oss-storage-class
Standard
ETag
"563DE6E337EE934B04901F17F5AB95E4-1"
x-oss-object-type
Multipart
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Date
Fri, 27 Dec 2024 02:28:17 GMT
x-oss-server-time
2
Content-Type
text/plain
Vary
Origin
Last-Modified
Thu, 05 Dec 2024 14:38:46 GMT
x-oss-ec
0048-00000113
Content-Disposition
attachment
x-oss-hash-crc64ecma
519155442454249766
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
88
x-oss-request-id
676E10C158A49D383411F41F
x-oss-force-download
true
Server
AliyunOSS
my
tg-mini.btc.fun/api/v1/count/ Frame 		0
0
my
tg-mini.btc.fun/api/v1/count/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tg.btc.fun
URL
blob:https://tg.btc.fun/ca5c0b4e-9505-4672-9aee-0dcc641c4c0c
Domain
tg-mini.btc.fun
URL
https://tg-mini.btc.fun/api/v1/count/my
Domain
tg-mini.btc.fun
URL
https://tg-mini.btc.fun/api/v1/count/my

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WebJsAPI object| container object| warningBanner object| canvas object| loadingBar function| unityShowBanner function| launch string| assetDirUrl function| createUnityInstance object| gl number| glVersion number| commentOffset

1 Cookies

Domain/Path Name / Value
.btc.fun/ Name: cf_clearance
Value: PW8YGBxFxVjsf1nt5vjtB00QBRMLS7iREgU7iAVzV20-1735266492-1.2.1.1-ttRb8nRZeZidPgkA9wQ5XtulLx3sHziP44KiQ2B6tH84lxrHGudTDctAJ9QRfy0TCtijuJkwAIgswM.76BN98n_GiVxygtdmeG2X7Xy30v7LEUl4STpOoUDAA4oZZkPkkeRKjTHXm7619m7xaorOTZylMXq38nkjTX4Z.B0tuCYvT67vvzkhQoBwpoJEIJACteaeD2H29NBthlkNnLqY1mgN1LX2gBdYpalijH6TkU_44tFrwdhrrWwIzgtwMxOEqlxpKtLgYhgstPKDs082qRBgThpzBJFVQBNS4o9frSJlZepdh1UZ1YAwCmxIF5yeI9ABT0ovGrc7yL4gSv3hWhz6.JUnLjicCOgzwZOVIhPIzImxIEl3sJA4XNriSiSk

2 Console Messages

Source Level URL
Text
rendering warning URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0901D005C090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://tg.btc.fun/?user=%7B%22id%22%3A1797066277%2C%22first_name%22%3A%22Raymond%22%2C%22last_name%22%3A%22%22%2C%22username%22%3A%22Raymondlam565477%22%2C%22language_code%22%3A%22zh-hans%22%2C%22allows_write_to_pm%22%3Atrue%2C%22photo_url%22%3A%22https%3A%5C%2F%5C%2Ft.me%5C%2Fi%5C%2Fuserpic%5C%2F320%5C%2F_2C53Fec9l3Abfb04fcByaY8NYMWhHz7Vcu29-7EJUs.svg%22%7D&chat_instance=3196260838787252577&chat_type=channel&auth_date=1735266417&signature=Pl0EaqAScRUojc1ZzYhOgeOLYPAZSbI05CHaJVyIaNrDAwjfApUt7EtF6ky6eTYU6DFSjPwOUSQc8qFhjqjmBw&hash=721501f38569f334c740a83854094d0bebb6c84552490ae114cf481dfa57c6b5&timestamp=1735266417811
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0E3005C090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.