bttwgs.ga Open in urlscan Pro
2606:4700:3035::6815:1ea1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bttwgs.ga/
Submission: On January 27 via automatic, source openphish (January 27th 2022, 1:14:58 pm UTC) — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3035::6815:1ea1, located in United States and belongs to CLOUDFLARENET, US. The main domain is bttwgs.ga.
TLS certificate: Issued by E1 on January 26th 2022. Valid for: 3 months.

This is the only time bttwgs.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

	IP Address		AS Autonomous System
29	2606:4700:303... 2606:4700:3035::6815:1ea1		13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	1

29 2606:4700:3035::6815:1ea1 (United States)

ASN13335 (CLOUDFLARENET, US)

bttwgs.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	bttwgs.ga bttwgs.ga	78 KB
29	1

	Domain	Requested by
29	bttwgs.ga	bttwgs.ga
29	1

This site contains no links.

Subject Issuer	Validity	Valid
*.bttwgs.ga E1	`2022-01-26` - `2022-04-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bttwgs.ga/
Frame ID: 8BF920691309796A90C9C1E58500EC36
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【楽天】ログイン

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

78 kB
Transfer

92 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bttwgs.ga/	9 KB 3 KB	638ms 590ms	Document text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0d09c071eb51ca856189b72351d499a97adc6afd90e36ff2cc753dfa6392b15b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 27 Jan 2022 13:14:52 GMT content-type text/html last-modified Sat, 05 Sep 2020 11:17:37 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scxlImGc%2BV1Sly1PM0hHZH83MZXdwYT8GdE2V3g%2FZ6Ey3ugog4O8f44jh0o4bxRfqJmPUAO3f9%2F501qva5cjGM9RKBigiLHoJl8s6IT8jk8V14N8HXWR8QBAoYL4yGPa6KY6sxyIml0%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d423f1d6bc359e3-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ichiba_chat_appender_v1_0.css bttwgs.ga/static/css/	6 KB 2 KB	572ms 570ms	Stylesheet text/css	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/css/ichiba_chat_appender_v1_0.css Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:50 GMT server cloudflare etag W/"1956-59ba620293080-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ldjn%2F4ge572BHgx1Nrzk9yNiZ7%2FQVkLdvP3l2b%2BhZMrT6%2FNIZClozFCVD3QneQbAEw7ABOzCXqElFRQUX4ApO%2BKyL8s3M3ywd2To5BT612kou%2FUhu7ayhQkmryFnFDBjaJdD2VyE8yI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d423f21a9b259e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	jquery-1.12.4.min.js bttwgs.ga/static/js/	0 0	571ms 570ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/jquery-1.12.4.min.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgl8jJTDVVFgq16wKZciyg4GN4D0Y5NaGhJSgGI%2Fe%2F8q62eQ9G8MXEEUDaBJBaW0O4vFifGYDzPqEk1zSXTIosO%2FLaCzwZJETNlNa1ejoq7wsA%2FBP0LxyzrNKeKZQJajvhwNc4MLPOY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9b759e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	hint.js bttwgs.ga/static/js/	0 0	507ms 506ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/hint.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkoDv2IW4QCb6yimSdi82YrqVGJ7u%2BGKt74jXwn7xojUPx2Dz2rVld%2BATv1Egk6WgcU7YwMVM6KYmgJMIxDRaCqOry2K4lcw5P%2FqF1tvdihQ6RPM2p2CbUG8%2FQdEW8WS9St8AjasuEY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9be59e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	id.js bttwgs.ga/static/js/	0 0	511ms 511ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/id.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhnvzLy%2BW%2Bw9Oq%2Fg0r5XhoJt0h7TG448m13whzw5BNoW5KVMLYhQPlyDoIsVukApXnDzzuWV6kt61OSlZoBp7EmG4VjcSjl4Snfud06NZdtVQcbMl3JDFhE6f%2BAEvwkMFoV1g66asPw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9c159e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	common_login.css bttwgs.ga/static/css/	11 KB 3 KB	555ms 555ms	Stylesheet text/css	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/css/common_login.css Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `78cec57c09590cc44af8aa8213abe587e5d9afb78a3ca7dc1f5bc82c91d07e4a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:50 GMT server cloudflare etag W/"2cc2-59ba620293080-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aNjUdKi98KRfu%2F02qRZlZeeNG4D4s1AQye%2Fk3ASMB1l5KC%2FxbTR21A7U49%2F7TZbDmGX%2BgcTeDHAaDAX51XmssDap4QfU%2FdSnh1ACZNTNLyaYVnB8ks3UrWg74fScVGilhAWKSSMcCs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d423f21a9bb59e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	loginstyle.css bttwgs.ga/static/css/	0 0	557ms 556ms	Stylesheet text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/css/loginstyle.css Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuzSKTot2jGZO0GG5UfjhF3iA55i5vZsYJ2OfvS%2FlErAKDjaWwLSTTdZLGVBO5O1yNAHT6iKS2FucaUXutcg6btwebQxV2GZFaNrqikq6pUJBMO0asdagI0OuXSAob8BsgGW6QvDlFk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9bd59e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	tls_alert.js bttwgs.ga/static/js/	0 0	571ms 571ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/tls_alert.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8EvVps30%2BFna4Bc8oWMVb6FvKid5CpPcWwn1KlHcfSqOv6SXEj0NjqAXbWTFEybPQ6DI9rdeJmjx4RS4Y0ArDg4cWnz9nJ2TCwwO5g2sGY23HOuIDn2iLB%2BrPpfKr8hQ0cozcyyz5A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9c359e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	tls12.js bttwgs.ga/static/js/	0 0	577ms 576ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/tls12.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L5%2BPmvcVf%2FfvsZAnhUik6diJLbgO40neGjYVAfzIvzBwEqmVMvb6zOmasABIno4UV%2BSnxNNo6JxGBA1MQhubbOY8RWi7bnkgb8EmrC81Bu1H45fO3Adbj53%2FN8QFq2CaGcaNb9iasg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f21a9c859e3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	rakuten_pc_32px@2x_wm.png bttwgs.ga/static/picture/	4 KB 4 KB	231ms 229ms	Image image/png	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/picture/rakuten_pc_32px@2x_wm.png Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "ea2-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZGhpeszy8da4g6cfo8PV51tYdmbAsuJVJkD2n48fziAVFM3BcA1ed%2FAKM7VW33GZLfy4HZC1nckAY3lxCukccVVvkIJ1t0q0dqsq9Wb7HnuN1ii0s9VnCzei8VowFYA57oddH2FOvQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f261fd7599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3746
GET H3	200	t.gif bttwgs.ga/static/picture/	43 B 585 B	598ms 596ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/picture/t.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "2b-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLHHZKor%2BK9g6cfaUmtjLZrkYYrXtSgx3nE%2BvwHP%2FuV8Jya2PM2YL9rA7JkTV06aYBqJe07GzbGPB4e6f06jUVbwE58fUsgZVYfY%2FEwqFFIWn2ehI1wAHnNeW0TzNiCIdMPZZBKfvyI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f261fd8599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H3	404	count.php bttwgs.ga/	0 0	223ms 223ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/count.php Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYsT87vX2LCoDvGmPoajnV%2F%2B6O%2FaL%2Ft8Yn7uPCNp88a8N9ckd8WujHhBD1ZDFNE%2F%2FGWhETEOUfSU%2BBG4uOcNFXPS4ydBpqdzzaDPzKZ4vO9ZpOTUtZWbX%2FCbB0%2FzY3hJA0r4hWIyUEQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6d423f253d02599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	stop_540x249.png bttwgs.ga/static/picture/	57 KB 57 KB	911ms 909ms	Image image/png	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/picture/stop_540x249.png Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "e2e0-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsSyyfhB4C%2FtRILzpXk8D06WJO4IdTaqTdcroxBypb8NkFKKhbDU6MMQZNKYZ7J4gku3k0JJdPdE7Ot6ItPV9wfsFuj%2BVZZ%2FAcc6TEdN7bIeRpBhEbcVw8%2BQlzN6B8EOLwpdYvyVMww%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f261fd9599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 58080
GET H3	200	rakuten_pc_20px@2x.png bttwgs.ga/static/picture/	2 KB 3 KB	601ms 600ms	Image image/png	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/picture/rakuten_pc_20px@2x.png Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:50 GMT server cloudflare etag "9b4-59ba620293080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86pK4I9613b9j4kIR6PiFsVSxZa%2FVXdp5C8GCY06aDTW2tDk4mFnZ2SyETiZZ2w4YKY%2FIPiwkEL3Ovbp50%2F2sacwj98bSmMiQpPTC97pK9WBy45PBPudeStfS8tGXrlU4uMFpsGRDoU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f261fe0599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2484
GET H3	404	challenger.js bttwgs.ga/static/js/	0 0	567ms 567ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/challenger.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFDfdTDlK5xZhKqo6iOIc5yQhZ1w50ylu%2BpAq9eO7w1r%2FP9SNBA8fLyOHTP6fnWAXx7yycdL%2Ff6nFkXimum527hJmoiy0pBElpwRAICmQ0YC%2Fe8Z3unZ5TciVZmgNPHeESRpCRe4JyI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f259e0f599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	challenger.css bttwgs.ga/static/css/	0 0	579ms 578ms	Stylesheet text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/css/challenger.css Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHK9pJmiLa7lhtE9s6Ddk95jByuhcr3LBzOJw4G5XHyuGeHjd7z0FjiOr2jverU5L2BLZMwa6%2B0BMba6jcShqm86kY%2BNTSY5hY0UOGDIOw9uwrjv%2BFc2YTno%2B7%2F%2F5IaId7D6tTBike4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f261fcb599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pop.gif bttwgs.ga/static/picture/	75 B 613 B	586ms 585ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/picture/pop.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "4b-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8DRKJPrPwgrXTk1Kd6cruAFdIJXYHAVe95diMIwijrFjppUzWH%2BvqY3yPnAi4kUuszdAtFde2jtm9LvS6EgtgiQMJWk0czWjkQyCEuC7PFhPTSKfdvCV657xMAQDEmFSwW593Uz20Q%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f261fe1599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 75
GET H3	404	sc_scode_switch.js bttwgs.ga/static/js/	0 0	604ms 602ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/sc_scode_switch.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vTE%2BxRrmqTPraa0YGnym8EE9pOXAkXx5Y1jouZ18E5J8CkS1gmhS9tv%2BCriAJR6KUQJ2aEVnUh0LCoeW17B5ytEBrXxkzqoETa8pOtvEg7BlOQXBondCvnPlMavd9s9MWZae9tNwGM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f261fd1599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	rat-main.js bttwgs.ga/static/js/	0 0	587ms 585ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/rat-main.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWElbYwHw74iHv2%2BZHbIIwGNzilsVdHtX1ha%2Fc7LRHwmwkac%2BsEZOfmz%2BDRhTSBGNvfc8yC7SiXjP6Zz5PUzuSeyEX9QsOEkI2AncXgcevn3tHEdyRliot4wX41d%2FQMONfuIy6ozVdY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f261fd6599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	hint.js bttwgs.ga/static/js/	0 0	51ms 50ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/hint.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjsaWqTy3loopVptOp%2BcOr3YaqRNzAlj6%2BI6zpFiU5Tb2plZ5D4ncx%2FulnQIz4v7wchJV%2Fs3pisrFKHF8T720SQiW5zYuEQ6ytkvYzoK9ZY0wp0oJx2eNqhFji3cubusuZAAtwnHjN8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f253d05599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	id.js bttwgs.ga/static/js/	0 0	30ms 30ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/id.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QowelyhHzqJVW3Zz7SMoVCAEAceeJm85cUpeE1RgoNzs9ygF6LgD6%2Fg3ELF8yfZ5ljm25cD4VEsR4XF0Jg5xs5chxuRPIJUjVcyGSIE%2Faz6i0KalLBKbdqlB%2B7WDY5WpFJavzZjRcxY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f259e15599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	loginstyle.css bttwgs.ga/static/css/	0 0	33ms 33ms	Stylesheet text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/css/loginstyle.css Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp1eFVUifv1YKkg4drE5ar1qnW7hRNlu1rAqjqLlVr95FsUP6KiQSZJQDs%2FaLDUs8Yv9UGSO%2FkuV0pxi%2B%2Fjiq89v81gChG9LI6XKNssT20uaTnAUJtD2q6Dzk8UisKBCezt9cg0kjqU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f25cea8599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	tls_alert.js bttwgs.ga/static/js/	0 0	48ms 48ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/tls_alert.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT1Vghgpz5rnOfEhH%2F4map6pFx%2F%2BBjyk9%2F5OaBGTe%2FGaBQKV2cBm1ub%2B3dkMNMuoIqJUq6qvJRvayl1xVsSS7QQc3rN5lua1Lfc%2FmXcF3hRT4NmIO14VL7LJ2VFaKbC7Ba6oishOwSc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f25ceac599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	tls12.js bttwgs.ga/static/js/	0 0	44ms 43ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/tls12.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ%2BpaxhruGH2zhTyXk7rnVL0h900OWNxUXBjASHjZByxkfgxeX%2FzsdLPAVanf0A01znB17G%2BNyyC8tv5NMNguJqyy5jLiU9G9I3dkiGAzqLmHqVMO2EEzmyNk9rE9%2F%2FOMDizxO2ulCE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f261fe5599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	bg_btn_red_btm.gif bttwgs.ga/static/images/	442 B 983 B	526ms 526ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/images/bg_btn_red_btm.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/static/css/common_login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "1ba-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0towI85lVN6GkTuiOZWhkTGb69rTfPzgQQOrKuZbZ4RFNPbv5vyETzyXZcH68PC%2B9MRhc2pZ3PExf8C6j8ie2oO%2FAbImbuPZVuZ8igffhiF0b5Pd7FzM0HhmpGboxPwGeXmge6MAMDQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f29bc5e599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 442
GET H3	200	bg_btn_red_top.gif bttwgs.ga/static/images/	2 KB 2 KB	563ms 562ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/images/bg_btn_red_top.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/static/css/common_login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:50 GMT server cloudflare etag "75d-59ba620293080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2M3thftrZ4JjK68rA5GUx9t0DCCm%2Ffa0PjD11UQIshPfNlrcXpS%2FEvuR8rDdgerepqJCMegFQGS6uGnUvhFzARerHUJVm%2F7ej082tJnCsy%2FXBGkoWpICB8suj8fddWKARKOlEVKnTI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f29bc60599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1885
GET H3	200	icon_btn_arrow.gif bttwgs.ga/static/images/	60 B 600 B	565ms 564ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/images/icon_btn_arrow.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/static/css/common_login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:50 GMT server cloudflare etag "3c-59ba620293080" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FP007rgSsUoDD1MCZD4OxDOeZM2j1qGssrdzjbeyFBRbnSIYh0I9l96pn6s8uiu6vTpbp1zUi%2FroaDV2osKLkZBwtxPVU5xdt5jfbULFub%2BeSZpAsKP6NTjlDJAOPlm8H7do68S%2FFY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f29bc65599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 60
GET H3	200	info.gif bttwgs.ga/static/images/	360 B 904 B	224ms 224ms	Image image/gif	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bttwgs.ga/static/images/info.gif Requested by Host: bttwgs.ga URL: https://bttwgs.ga/static/css/common_login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/static/css/common_login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT cf-cache-status MISS last-modified Wed, 08 Jan 2020 19:44:52 GMT server cloudflare etag "168-59ba62047b500" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1GtmO7wPWglmFeep%2BdnTbbKsYeIKIEQNZ18D9d4o3V9JiHIjw6pVwSyr8Vg9S0%2FkDkl3D0JVGXwZ6jFfDWClOHo9547rk2F5R9DYF%2FxInmmVU8U3kps%2BJExtk9cQwobsZT8au3UZRM%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6d423f29bc68599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 360
GET H3	404	rat-main.js bttwgs.ga/static/js/	0 0	37ms 37ms	Script text/html	2606:4700:3035::6815:1ea1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bttwgs.ga/static/js/rat-main.js Requested by Host: bttwgs.ga URL: https://bttwgs.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ea1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://bttwgs.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:54 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne7FHBIHidLPdW5rLNlEedZ46uB%2FqjNN9z8JYwqJP2YA4dCFZbLYK8iiZH2ypNu%2FIz%2F4FhvvqQSRMmK69%2BhLl86MzVb47Faa2jFj0xvU6%2Fav8hAEzvqpa61YcRaKdasBRfzLfwcg9N8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 6d423f29dcde599b-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| n number| dfpDelayId

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bttwgs.ga/static/js/hint.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/id.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/css/loginstyle.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/jquery-1.12.4.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/tls_alert.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/tls12.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/hint.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/id.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/css/loginstyle.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/tls_alert.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/tls12.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/count.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/challenger.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/css/challenger.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/rat-main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/sc_scode_switch.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bttwgs.ga/static/js/rat-main.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bttwgs.ga
2606:4700:3035::6815:1ea1
0d09c071eb51ca856189b72351d499a97adc6afd90e36ff2cc753dfa6392b15b
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
78cec57c09590cc44af8aa8213abe587e5d9afb78a3ca7dc1f5bc82c91d07e4a
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02

bttwgs.ga Open in urlscan Pro 2606:4700:3035::6815:1ea1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

78 kBTransfer

92 kBSize

0 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

bttwgs.ga Open in urlscan Pro
2606:4700:3035::6815:1ea1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

78 kB
Transfer

92 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!