urlscan.io logo urlscan.io
SecurityTrails logo

billythebull.xyz Open in urlscan Pro
52.223.52.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://share-w.in/alee-83407
Effective URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Submission Tags: falconsandbox
Submission: On August 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is billythebull.xyz.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on July 29th 2024. Valid for: 3 months.
This is the only time billythebull.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.223.52.2 16509 (AMAZON-02)
10 2600:9000:249... 16509 (AMAZON-02)
3 108.156.60.14 16509 (AMAZON-02)
1 199.232.192.193 54113 (FASTLY)
17 6
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
share-w.in
sweepwidget.com
1    52.223.52.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
billythebull.xyz
10    2600:9000:2490:0:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    108.156.60.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-14.ams1.r.cloudfront.net
events.framer.com
1    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
Apex Domain
Subdomains		 Transfer
10 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 53381
384 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 64216
7 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7108
573 KB
1 sweepwidget.com
sweepwidget.com — Cisco Umbrella Rank: 889611
2 KB
1 billythebull.xyz
billythebull.xyz
8 KB
1 share-w.in
share-w.in
481 B
17 6
Domain Requested by
10 framerusercontent.com billythebull.xyz
3 events.framer.com billythebull.xyz
events.framer.com
1 i.imgur.com srcdoc
1 sweepwidget.com billythebull.xyz
1 billythebull.xyz
1 share-w.in 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
billythebull.xyz
ZeroSSL ECC Domain Secure Site CA		 2024-07-29 -
2024-10-27		 3 months crt.sh
sweepwidget.com
E5		 2024-08-19 -
2024-11-17		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Frame ID: BFB2512ADB3355513C25C208D63FEE0F
Requests: 14 HTTP requests in this frame

Frame: https://i.imgur.com/2ZNzKqc.png
Frame ID: F1FB75068E491D2D78DB806A90620CE4
Requests: 1 HTTP requests in this frame

Frame: https://i.imgur.com/rtOfBJL.jpeg
Frame ID: BEEC723DBD6377AD796A9AFA4A88D097
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$BIBU Airdrop

Page URL History Show full URLs

  1. https://share-w.in/alee-83407 HTTP 302
    https://billythebull.xyz/airdrop-start?sw-share=alee-83407 Page URL

Page Statistics

17
Requests

94 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

975 kB
Transfer

1646 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://share-w.in/alee-83407 HTTP 302
    https://billythebull.xyz/airdrop-start?sw-share=alee-83407 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request airdrop-start
billythebull.xyz/
Redirect Chain
  • https://share-w.in/alee-83407
  • https://billythebull.xyz/airdrop-start?sw-share=alee-83407
59 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.52.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/c7de6f5 /
Resource Hash
fc243cf82b10a54bac5974e8d9ae6e09728ff0612a6d6231c3db42111928d49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
8089
content-type
text/html
date
Wed, 21 Aug 2024 18:38:58 GMT
etag
"5e98d64f29564cac4f25397813b96535"
last-modified
Sun, 18 Aug 2024 22:25:57 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/c7de6f5
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="c7de6f5"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b6cbe38aea22bba-FRA
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 18:38:58 GMT
location
https://billythebull.xyz/airdrop-start?sw-share=alee-83407
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zecaGAATeX71BHkjHJFUsR08oRY7YrOSlW5bdXssQr07BipxadWz%2FUBx2m5f123EHREOOm4bsKoDRKM2Rh2fyXrqyw30StDB5nkSUWeQ8Xhqae47Y7x4rRHPue4mIEs%2F6LhLHeSidbfa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-proxy-cache
MISS
w_init.js
sweepwidget.com/w/j/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sweepwidget.com/w/j/w_init.js
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5255e1bc926a15ed4727967f9ca15164b3cc39badae6fe36f2a76324b455748e

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 28 Aug 2024 04:45:32 GMT
date
Wed, 21 Aug 2024 18:38:58 GMT
content-encoding
zstd
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46831
cf-polished
origSize=7630
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 24 Jul 2024 04:23:43 GMT
server
cloudflare
etag
W/"66a081cf-1dce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqrBzfp%2BZU2eJOcWOjaC2lOblGdq%2BrWi0CkSSLo3N8VqjoZx8Lhsryb0iTU5PHfNqSErcBgDiT6IjbgSe6xFaHn3lagpS4r7lbY3xn3IkQFTAbUn%2B%2B8G37Xu0XAe5HkxzJnWP369d1HME%2B%2FzSZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800, must-revalidate
cf-ray
8b6cbe42381d1cb7-FRA
x-proxy-cache
STATIC/TYPE
chunk-JO53QOD5.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		574 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/chunk-JO53QOD5.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
33789b57cd4183ee4f2e18c02752a6f05e5a90c00ee7011283c09f4246700616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 18:38:37 GMT
x-amz-version-id
wfrx0l24qRrJ2icDPajp88Dhw_SgX36O
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
259221
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="OgXiBE2TgDj26P3OTdsPoA2vAyBn0oqyaxm3yat2rEBi-VzeBHBu0A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 18 Aug 2024 17:13:07 GMT
server
CloudFront
etag
W/"f59a4f41cf9daf644ae6a49515ce98aa"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
OgXiBE2TgDj26P3OTdsPoA2vAyBn0oqyaxm3yat2rEBi-VzeBHBu0A==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/chunk-ELYU6EKT.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 18:00:58 GMT
x-amz-version-id
jP1UJhY5krZAjR2fZ7zEUH9S6ygp_nkQ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
866281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="oDDHr1wxcE5O6BndY_o8ajpk8GUbzXyaONZ-QWGH29P2I-o3SpRcKg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 11 Aug 2024 00:44:32 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oDDHr1wxcE5O6BndY_o8ajpk8GUbzXyaONZ-QWGH29P2I-o3SpRcKg==
7eZumaVjtrJbkpXsJ_9IeRQO03Z6bf-0lMXtSBpHIs0.UQLEIRY6.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/7eZumaVjtrJbkpXsJ_9IeRQO03Z6bf-0lMXtSBpHIs0.UQLEIRY6.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dab31f26abff70570247af55defc7f36388d17c96bfbe61564efac1de507eb9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 18:38:39 GMT
x-amz-version-id
YT3X9enoq.VBSJDFIVOPEX7nsxvXebAE
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
259220
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="RCzqh9OKjOzpJUPpARpJmHNlBZbNeXPpCh_x4RhhHhcfqQsmGkm5jA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 18 Aug 2024 17:13:07 GMT
server
CloudFront
etag
W/"e943f9a6160e9bbd9d143311e7a53374"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
RCzqh9OKjOzpJUPpARpJmHNlBZbNeXPpCh_x4RhhHhcfqQsmGkm5jA==
chunk-WH2K7FCT.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/chunk-WH2K7FCT.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
02ef60b10b685d80f3520710d431ef457abf62788fd47d74102c47e8dd157840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 18:38:40 GMT
x-amz-version-id
UlO1amhspkajr2outNENqVAMmpuMkIrd
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
259219
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="c3x9JBrFN8s_HG6FC_Rf-NYNVq8DCaVVdGhPOX_i87QU3HLlNqoBAw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 18 Aug 2024 17:13:07 GMT
server
CloudFront
etag
W/"b47d777be282b9b9fb7573c3fe3622c5"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
c3x9JBrFN8s_HG6FC_Rf-NYNVq8DCaVVdGhPOX_i87QU3HLlNqoBAw==
chunk-42U43NKG.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		44 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/chunk-42U43NKG.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 22:16:12 GMT
x-amz-version-id
VTf25jljqvb43wDfupwVyA_9lrGfucyP
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1369367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="BepR-bNLNdQBDbaua3SJ7T2gvU5bcNqE6aa9nbevCenah_10Fme87A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 05 Aug 2024 22:11:02 GMT
server
CloudFront
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BepR-bNLNdQBDbaua3SJ7T2gvU5bcNqE6aa9nbevCenah_10Fme87A==
chunk-AYPTQJMK.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		995 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/chunk-AYPTQJMK.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9fb60d4afa2ad2fbb14b4aeebad59499648f87d87432620ad21627e53ddf8203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 18:01:24 GMT
x-amz-version-id
dPM6OvFeyapfpIJ2C6DQlh2KjbLDMklX
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
866255
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="ebE0vPgIhrTtvag73TBorPjQi69RzSs1LRwB5xtnl80kKBHqrl7grQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc
h3=":443"; ma=86400
content-length
995
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 11 Aug 2024 00:44:32 GMT
server
CloudFront
etag
"754ce41e128330602cb84407a5fdb1d9"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ebE0vPgIhrTtvag73TBorPjQi69RzSs1LRwB5xtnl80kKBHqrl7grQ==
script
events.framer.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-14.ams1.r.cloudfront.net
Software
/
Resource Hash
e2b66bb41dea8cdd13364842d89e35c84e5aeb99f8cea22c006195494fb33404
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 18:38:59 GMT
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18499
x-amz-cf-pop
AMS1-P2
x-amzn-trace-id
Root=1-66c63443-388276543da5d7b743ff093b
x-amzn-requestid
24b6d1d0-e08c-4c98-85a3-5a49d3c90db3
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Wed, 21 Aug 2024 18:36:35 GMT
x-amz-apigw-id
c30aiEYtoAMEp_g=
content-length
6338
x-amz-cf-id
y3gfd-F8CQb4hv_3vw1vSF1Zvz1WNmXECnIS6CtL4vJcHtyy7pPHSQ==
yzNQi9dnk6ehpHgtO2rsH0l3Yw.png
framerusercontent.com/images/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/yzNQi9dnk6ehpHgtO2rsH0l3Yw.png
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b8010298b28d7aeb58913ee8af296bd09c7bf4846d743648161ffe0a17a07da4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 23:59:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
239971
x-amzn-requestid
92a56dbe-8f81-4397-ae70-26a24f754f9c
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="FlMxIcX9xONbztH7RGbfu_y5ioD5P6hZCfzE2AiI7f4M75x6PwRN7Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"83413593abafc000eb6be7b2de614b48"
x-amzn-trace-id
root=1-66c28adb-70e3705916679ba73997e113;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
FlMxIcX9xONbztH7RGbfu_y5ioD5P6hZCfzE2AiI7f4M75x6PwRN7Q==
script_main.U4OSCHXS.mjs
framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/37s7fcTfkwG2ZDbcZ0ALBa/script_main.U4OSCHXS.mjs
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6b19595e0c887d910f55233cd64169d8d6664fd7afde49e9fec0581916892463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
Origin
https://billythebull.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 14:05:36 GMT
x-amz-version-id
PL4.ACQipnl1QZDsEI6pxErv6vCVtHr6
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
age
189203
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="T403NIDSMtztoatY161GFmoXZxHvkflb38jEyU1g2-iShYPoNBsSLg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 18 Aug 2024 22:25:56 GMT
server
CloudFront
etag
W/"531b0fd4dfa4e0dd811c7bc9bd9e7d9b"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
T403NIDSMtztoatY161GFmoXZxHvkflb38jEyU1g2-iShYPoNBsSLg==
2ZNzKqc.png
i.imgur.com/ Frame F1FB 		573 KB
573 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/2ZNzKqc.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0ab0fb138b3c6792b3e4c7d297bf06f8902877f9e347e5d7f9a03f63fb023b33
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 18:38:59 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1765151
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
586462
x-served-by
cache-iad-kiad7000077-IAD, cache-mad22055-MAD
last-modified
Thu, 01 Aug 2024 08:19:49 GMT
server
cat factory 1.0
x-timer
S1724265539.345597,VS0,VE4
etag
"05befc13fb70d888a78bae93e9961ccb"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1zISr5zPmPZHmF2DhsKp3IcqNMY6lX0_BOBXg5Fl0kE4HDcom7wxZQ==
x-cache-hits
29, 0
rtOfBJL.jpeg
i.imgur.com/ Frame BEEC 		0
0
yzNQi9dnk6ehpHgtO2rsH0l3Yw.png
framerusercontent.com/images/ 		193 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/yzNQi9dnk6ehpHgtO2rsH0l3Yw.png
Requested by
Host: billythebull.xyz
URL: https://billythebull.xyz/airdrop-start?sw-share=alee-83407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b8010298b28d7aeb58913ee8af296bd09c7bf4846d743648161ffe0a17a07da4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 23:59:27 GMT
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
x-content-type-options
nosniff
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
239971
x-amzn-requestid
92a56dbe-8f81-4397-ae70-26a24f754f9c
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="FlMxIcX9xONbztH7RGbfu_y5ioD5P6hZCfzE2AiI7f4M75x6PwRN7Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"83413593abafc000eb6be7b2de614b48"
x-amzn-trace-id
root=1-66c28adb-70e3705916679ba73997e113;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
FlMxIcX9xONbztH7RGbfu_y5ioD5P6hZCfzE2AiI7f4M75x6PwRN7Q==
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-14.ams1.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Aug 2024 18:39:01 GMT
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
x-amzn-trace-id
Root=1-66c63445-5b94bdaa4719c2bf1ff9e93b;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
71454a44-ff93-4527-9bc6-d831fd27fc59
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
c30a3E2rIAMEMPQ=
content-length
0
x-amz-cf-id
xzqgKLGuTFLLW79XuCyDodb3pUkbVGyscB1vUNIxwJSeWKBPq2BNGA==
anonymous
events.framer.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-14.ams1.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://billythebull.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 21 Aug 2024 18:39:00 GMT
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-apigw-id
c30azHv6oAMEoiw=
x-amz-cf-id
fOmpIYW9ocm02fr4-vpbrfK_RhTMGUDqCS7EmlA64gPOJfKiEjKUEw==
x-amz-cf-pop
AMS1-P2
x-amzn-requestid
c4c4d711-a97b-4741-bda1-c3c30103ec1f
x-cache
Miss from cloudfront
CpVe9G4kpejMNCfwnA9O9UAXE.png
framerusercontent.com/images/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/CpVe9G4kpejMNCfwnA9O9UAXE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:0:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e2c929f6c432f876ee168c295709c83cea3944fcdd55bb38651bc81a5063d93
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

Referer
https://billythebull.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
1445787
x-amzn-requestid
b2a2ed2d-f51a-45a9-a174-631a15f7fbca
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="IW65BeuPd3pFbDX3z7id99BN0JsNBNX1CDTHhq4S_56uClb_SuSL1w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
etag
"c0fd91fae98e361b71cdbdf96e9ccf9c"
x-amzn-trace-id
root=1-66b024a8-4b7720b5324edad143029a8e;parent=51d3def8f865855d;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
x-amz-cf-id
IW65BeuPd3pFbDX3z7id99BN0JsNBNX1CDTHhq4S_56uClb_SuSL1w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.imgur.com
URL
https://i.imgur.com/rtOfBJL.jpeg

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| sw_website_url function| reformat_parent_url_full function| swAddListener function| swLoadScript function| sw_iframe_resizer function| sw_init_widget object| url string| sw_share function| __framer_onRewriteBreakpoints function| __framer_importFromPackage object| process object| __framer_events boolean| MotionHandoffIsComplete function| __send_framer_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000