urlscan.io logo urlscan.io
SecurityTrails logo

bi-mrp25u.vercel.app Open in urlscan Pro
76.76.21.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://billydrop.online/
Effective URL: https://bi-mrp25u.vercel.app/
Submission: On September 20 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 76.76.21.142, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is bi-mrp25u.vercel.app.
TLS certificate: Issued by R11 on August 14th 2024. Valid for: 3 months.
This is the only time bi-mrp25u.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 76.76.21.21 16509 (AMAZON-02)
1 76.76.21.142 16509 (AMAZON-02)
2 13.107.253.45 8075 (MICROSOFT...)
1 142.250.181.234 15169 (GOOGLE)
3 20.119.174.243 8075 (MICROSOFT...)
12 172.67.205.8 13335 (CLOUDFLAR...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
20 6
1    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
billydrop.online
1    76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)
bi-mrp25u.vercel.app
2    13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
3    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
12    172.67.205.8 (United States)

ASN13335 (CLOUDFLARENET, US)
billysol.lol
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
12 billysol.lol
billysol.lol
858 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 674
r.clarity.ms — Cisco Umbrella Rank: 6549
c.clarity.ms — Cisco Umbrella Rank: 1338
30 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 223
771 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
849 B
1 vercel.app
bi-mrp25u.vercel.app
1 MB
1 billydrop.online
billydrop.online
349 B
20 6
Domain Requested by
12 billysol.lol bi-mrp25u.vercel.app
3 r.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms bi-mrp25u.vercel.app
www.clarity.ms
1 c.bing.com 1 redirects
1 fonts.googleapis.com client
1 bi-mrp25u.vercel.app
1 billydrop.online 1 redirects
20 8
Subject Issuer Validity Valid
*.vercel.app
R11		 2024-08-14 -
2024-11-12		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
billysol.lol
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bi-mrp25u.vercel.app/
Frame ID: DC7E4C3A12F010D4C956E289CEED721F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$BILLY | DROP

Page URL History Show full URLs

  1. https://billydrop.online/ HTTP 308
    https://bi-mrp25u.vercel.app/ Page URL

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

2095 kB
Transfer

3751 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billydrop.online/ HTTP 308
    https://bi-mrp25u.vercel.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&RedC=c.clarity.ms&MXFR=255914A45AA66C4F3FCA01A45EA6628A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&MUID=39E53B1F8AC060082E982E1F8B896116

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bi-mrp25u.vercel.app/
Redirect Chain
  • https://billydrop.online/
  • https://bi-mrp25u.vercel.app/
3 MB
1 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1190192e5cb27e9384cfd22b6d87732324b3b7dd5cc409ded2affbe3b13ecd29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
147444
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 20 Sep 2024 12:33:06 GMT
etag
W/"ff382dc4a1673b78a59aa49494d7ff80"
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
fra1::sqtml-1726835586942-d53cc4362d66

Redirect headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html
date
Fri, 20 Sep 2024 12:33:06 GMT
location
https://bi-mrp25u.vercel.app/
refresh
0;url=https://bi-mrp25u.vercel.app/
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-id
fra1::7lvrp-1726835586420-2d1cbbf033a9
mt6t6cru16
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mt6t6cru16
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5b0b5b6446f2c8dcda5acbfed882a880e1641455d586ff998e29681799a7c618

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
637
date
Fri, 20 Sep 2024 12:33:08 GMT
content-type
application/x-javascript
x-azure-ref
20240920T123308Z-r1c9c9c9f5fxzrhh2tq997src0000000039g000000003p6m
css2
fonts.googleapis.com/ 		2 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Sep 2024 12:33:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 20 Sep 2024 11:45:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
clarity.js
www.clarity.ms/s/0.7.47/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mt6t6cru16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

x-azure-ref
20240920T123308Z-r1c9c9c9f5fxzrhh2tq997src0000000039g000000003p75
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCD8444161EE37"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
c068e0f9-801e-0067-797c-0a3e27000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 20 Sep 2024 12:33:08 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 19 Sep 2024 00:44:44 GMT
collect
r.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://bi-mrp25u.vercel.app/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://bi-mrp25u.vercel.app
Date
Fri, 20 Sep 2024 12:33:09 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
telegram.svg
billysol.lol/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/telegram.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80b82621abb3dfe7e4ea2408487750d406a98371e8fed10db94b4dd877a1c7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"0525eef74acf29bba1e89070e05d207f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIeW2ojMoe%2Ftn%2F2j1zQn%2F54d%2BvdchFXsJWksoYv3Nef1ke661Rs9sPkTRVe%2BVpWUdngFH3ygizIdzzbqR4mAi2pxJKWjuzwv%2BA8JU6bZpgrTFa4v2U8lySlgmZYYTQnMJef6wwbqJqNo5JM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a764db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:10 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
x.svg
billysol.lol/ 		370 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/x.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52968453a7418a246672bfcc15f2667c264b377af8a9e8bfa908f7fd60f1d6e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"3a0e1ad865aa9f13e3b426eb4e729106"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OM44wlCyAJCu64Y7qVsiYH5SZgZkagcUQuI8g%2FXhGZy7adk1qLJDIFqAlLFEkvCUhazCvjl0YMS4zk83qV1zDJ24mvxK83nz0Y5T7V1KmA2l6yXujg%2BJjwNOOr6w%2BdyN%2FfFurPNtREtyGXk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a754db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
dexscreener.svg
billysol.lol/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/dexscreener.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774b22e71056dfc4a9d2be00198cc0e3fc7a68b6af825e3fb57d04ba34f1c321
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"9bd8abb767189d41fee25e76b8cff35d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtr1xBDzkQgUZP%2BwjjfForSQxTE4SHSEfNSMteq7Ure2EHiXtmosqo%2F4ew%2BfeJKmQ5qMZAZ5QYHH5Qkb87s3rASJjHY7Mw87Du590F73FLUPQ6kooYVXRiGRkIiQZ6K6kuookYAhH%2Bvl9xU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a744db9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
dextools.svg
billysol.lol/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/dextools.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6f5f2bcb3350ccdc883676f5ef0b1b8f94d41cc8518c08ff9dfcdc3290eee0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"d22a4fdcbcb5c05acdcf7cc7a4709f11"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xA%2F1ePqGCrYgDuCxdZcNeFMskFPZEc7kbVJVpza0v6P%2BVGXePkKMz37PJTU0c5TtbOaIHZNKXQrD1bfkr5FMVy4gRfKb%2FeTijxqVLHoqZmIvIFEtLdjlojwf38H2I9CiL5XZtg1OL7gJSVk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a724db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
birdeye.svg
billysol.lol/ 		887 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/birdeye.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93782a5e68216d15e9925414149d44e10c98189100894f008a14527018b0ab4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"5cf22da39fac9e8dbd21166407c48b3b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFK7fJS3Bvd4X1yvgzGCKRjjhRzVXcbiBrh7%2BVy1dBp%2FjtnNFOB4sWKYOPlJjIRlIfV42g1oqlH0vE%2FmfDSm3CqlqQxGMDqWoPVZguKhqEhAIqeqKyuWd%2FnLHFJlBfo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a774db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
coingecko.svg
billysol.lol/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/coingecko.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ace6bcdc5d357207df888faa636b0ffe41cac07dbd6b155787fc60b1229a88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"39ed00e7c032e441f8c6287baf95824e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQndlN4zJE3HyyiO4BqmavY61He%2BDAcZCuuHxScTDjAT%2BU2FKRN6JtK%2B6QKVIKqIDfifMGm9KZ7gfRtj%2F%2FejFjPLUhFUqIWIKZ%2BqfKsimwfQ0IV4bymsRK6dstcyAija%2BJPWCSx079Z%2FqkU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a794db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
coinmarketcap.svg
billysol.lol/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/coinmarketcap.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2ce8e4823dbc5c5e66f0ada8d71c2440040c0bcda86e0be2065335d24aa888
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"d0c1bd945b93a8e6f8798b0657cd7f05"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MpGzosHXu56kXleGaG3%2FXuGnsm1R%2B3OKpONFBRI64MQLJC3LKXPycw%2FlgzwBW9MMD3CCXYX6XkYeMfyivISM8eaN3Nc%2BDf7oIFXAxIwIchTqq3voeCi1cq7BDrWq7%2BUccSGLa%2BnH1%2FX%2Fwik%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a704db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:10 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
moonshot.svg
billysol.lol/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/moonshot.svg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fd685b5c19fced4fe09065cebeeeedaac5f3b10369e695c0f533ed703d4a9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"0cfc220faad885c964c94379c52b95fb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1cQ%2FobmPOyoRfsVa%2BxICCKhLB%2BG8DmudIq7vMYSVRANRYLAmw1Hs3xYjKhlOjMrHkUQUrOz3dTqGr4wP1IpIYAq%2BmYDoO68LBc7r73TsAoNhHkEohPOmsvpXYOc%2B0o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a714db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
test.png
billysol.lol/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/test.png
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129670206a42da18dc36994f467726ba04c825e10f5634093ce920d972ebc202
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"4b57210e376d70ec076269af8e5c083e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCj2T2OIIKqszDvUzryWLz4dJKdfnXS0QctemIU1PR6tWfgn%2FYYA1V8B5KtFauzGq1T%2FJ%2BE0lT10WRVBwyo8asiLuOgNs1nUxI33ALzA4QD%2F030w4I4Gdn8AufLKNvo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a6b4db9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7634
date
Fri, 20 Sep 2024 12:33:09 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
billy.jpg
billysol.lol/ 		792 KB
794 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/billy.jpg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e574e312f4c2156a0e5f02e75c8c1eb894c5ebfc77da2af4d9a59636273f3e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"87c4f323777ee1557a6d6ca2fce4f6fb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlAPxsBJaueWdPawjY2iUtDup18n1DtZqq38qxfnqCCC431DJT4g3l2MM2Rdw4UTlParboASoePZkZWDtn0QNOL64tQ1Ki9Kbtanvq5H%2FQoOYlvug%2B8ChSw84GABhTBDD7KRCRGK6BYeZ4A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a6d4db9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
811453
date
Fri, 20 Sep 2024 12:33:10 GMT
content-type
image/jpeg
vary
Accept-Encoding
server
cloudflare
meme3.jpg
billysol.lol/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billysol.lol/meme3.jpg
Requested by
Host: bi-mrp25u.vercel.app
URL: https://bi-mrp25u.vercel.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d3ccf09689540c353e4ca464ab3c1851f897f4399cc8ec1aad30d66fd8ef94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"cc89686af7435a0cd48c36c1c0fad9c5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4%2F%2Fbj%2FHGqN0%2BTrNDJYe4rGzNN6OieNY%2FaeEWxzzFQeuVvreQzKyIBQdKoVMW2bjpD68uOI594tOtAezPBkLlmHbb2tzIUh1Y4nuugQjLtzRVDPOLbqFuCa3KKm%2BJ74GesLxZMlmu1b3FpI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a50a6f4db9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
35398
date
Fri, 20 Sep 2024 12:33:10 GMT
content-type
image/jpeg
vary
Accept-Encoding
server
cloudflare
collect
r.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://bi-mrp25u.vercel.app/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://bi-mrp25u.vercel.app
Date
Fri, 20 Sep 2024 12:33:10 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&RedC=c.clarity.ms&MXFR=255914A45AA66C4F3FCA01A45EA6628A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&MUID=39E53B1F8AC060082E982E1F8B896116
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&MUID=39E53B1F8AC060082E982E1F8B896116
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"bb391b5d70eeda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 20 Sep 2024 12:33:11 GMT
content-type
image/gif
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C7CA2448A704790BCD476E6E6324BFF&MUID=39E53B1F8AC060082E982E1F8B896116
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A356704CB7C343FD897A59982395AC79 Ref B: BCN30EDGE0407 Ref C: 2024-09-20T12:33:11Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 20 Sep 2024 12:33:11 GMT
x-powered-by
ASP.NET
favicon.ico
billysol.lol/ 		15 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://billysol.lol/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbfb1267681461123b724ceece4f5572de7d8bd1de04c1b0a0f4f4ab3ee9e13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bi-mrp25u.vercel.app/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a182f6cb8f79a16c9e4be1766939744a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4icBWVSDArSOlTz9%2FN6IOoE1MUBU9WClEQf50Acp5TwhVME6oSSvCAM7MLHtXLaIrRRzOOam%2BZ0FaQ1uQFcicQ9aMTTeMZeEMg6lwNb82%2BeltPaj9si9bncheEEVZI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c61d7a948624db9-FRA
access-control-allow-origin
*
date
Fri, 20 Sep 2024 12:33:10 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
server
cloudflare
collect
r.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://bi-mrp25u.vercel.app/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://bi-mrp25u.vercel.app
Date
Fri, 20 Sep 2024 12:33:12 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| regeneratorRuntime object| __vueuse_ssr_handlers__ boolean| __VUE__ function| __ledgerLogsListen

10 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 27f54fa1c76f448791d5874620ae7ab9.20240920.20250920
.bi-mrp25u.vercel.app/ Name: _clck
Value: whjedi%7C2%7Cfpc%7C0%7C1724
.bi-mrp25u.vercel.app/ Name: _clsk
Value: d0anhy%7C1726835589775%7C1%7C1%7Cr.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 39E53B1F8AC060082E982E1F8B896116
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 39E53B1F8AC060082E982E1F8B896116
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 39E53B1F8AC060082E982E1F8B896116
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bi-mrp25u.vercel.app
billydrop.online
billysol.lol
c.bing.com
c.clarity.ms
fonts.googleapis.com
r.clarity.ms
www.clarity.ms
13.107.253.45
13.74.129.1
142.250.181.234
172.67.205.8
20.119.174.243
204.79.197.237
76.76.21.142
76.76.21.21
1190192e5cb27e9384cfd22b6d87732324b3b7dd5cc409ded2affbe3b13ecd29
129670206a42da18dc36994f467726ba04c825e10f5634093ce920d972ebc202
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
4e574e312f4c2156a0e5f02e75c8c1eb894c5ebfc77da2af4d9a59636273f3e5
52968453a7418a246672bfcc15f2667c264b377af8a9e8bfa908f7fd60f1d6e9
5b0b5b6446f2c8dcda5acbfed882a880e1641455d586ff998e29681799a7c618
774b22e71056dfc4a9d2be00198cc0e3fc7a68b6af825e3fb57d04ba34f1c321
81fd685b5c19fced4fe09065cebeeeedaac5f3b10369e695c0f533ed703d4a9f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cbfb1267681461123b724ceece4f5572de7d8bd1de04c1b0a0f4f4ab3ee9e13
bd2ce8e4823dbc5c5e66f0ada8d71c2440040c0bcda86e0be2065335d24aa888
c0d3ccf09689540c353e4ca464ab3c1851f897f4399cc8ec1aad30d66fd8ef94
c3ace6bcdc5d357207df888faa636b0ffe41cac07dbd6b155787fc60b1229a88
d93782a5e68216d15e9925414149d44e10c98189100894f008a14527018b0ab4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80b82621abb3dfe7e4ea2408487750d406a98371e8fed10db94b4dd877a1c7e
ff6f5f2bcb3350ccdc883676f5ef0b1b8f94d41cc8518c08ff9dfcdc3290eee0