urlscan.io logo urlscan.io
SecurityTrails logo

xgrounded.xyz Open in urlscan Pro
2606:4700:3031::ac43:cc98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xgrounded.xyz/
Effective URL: https://xgrounded.xyz/
Submission: On October 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:cc98, located in United States and belongs to CLOUDFLARENET, US. The main domain is xgrounded.xyz.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.
This is the only time xgrounded.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
6 6 140.82.121.4 36459 (GITHUB)
3 2606:50c0:800... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
22 8
6    2606:4700:3031::ac43:cc98 (United States)

ASN13335 (CLOUDFLARENET, US)
xgrounded.xyz
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:f9cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit-pro.fontawesome.com
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
fastly.jsdelivr.net
6    140.82.121.4 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com
github.com
3    2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 github.com
github.com — Cisco Umbrella Rank: 2780
24 KB
6 xgrounded.xyz
xgrounded.xyz
10 KB
4 fontawesome.com
kit-pro.fontawesome.com — Cisco Umbrella Rank: 21548
248 KB
3 gstatic.com
fonts.gstatic.com
45 KB
3 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4897
2 MB
2 jsdelivr.net
fastly.jsdelivr.net — Cisco Umbrella Rank: 44555
59 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
9 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
22 9
Domain Requested by
6 github.com 6 redirects
6 xgrounded.xyz 1 redirects xgrounded.xyz
static.cloudflareinsights.com
4 kit-pro.fontawesome.com xgrounded.xyz
kit-pro.fontawesome.com
3 fonts.gstatic.com fonts.googleapis.com
3 raw.githubusercontent.com xgrounded.xyz
2 fastly.jsdelivr.net xgrounded.xyz
2 unpkg.com xgrounded.xyz
2 fonts.googleapis.com xgrounded.xyz
1 static.cloudflareinsights.com xgrounded.xyz
22 9

This site contains links to these domains. Also see Links.

Domain
www.xdnz.xyz
Subject Issuer Validity Valid
xgrounded.xyz
WE1		 2024-09-29 -
2024-12-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
unpkg.com
WE1		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://xgrounded.xyz/
Frame ID: 64EF55AE7F01660FFC2FECAC97DAC957
Requests: 20 HTTP requests in this frame

Frame: https://xgrounded.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 8A78815209979347693B04BA7E693CCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page URL History Show full URLs

  1. http://xgrounded.xyz/ HTTP 307
    https://xgrounded.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • <link[^>]* href=[^>]*kit\-pro\.fontawesome\.com/releases/v([0-9.]+)/
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

82 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

2020 kB
Transfer

3195 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xgrounded.xyz/ HTTP 307
    https://xgrounded.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://github.com/n0roffbrain/project/blob/main/XGSPOOFER12347.png?raw=true HTTP 302
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/XGSPOOFER12347.png HTTP 302
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
Request Chain 10
  • https://github.com/n0roffbrain/project/blob/main/back.png?raw=true HTTP 302
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/back.png HTTP 302
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/back.png
Request Chain 17
  • https://xgrounded.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://xgrounded.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Request Chain 20
  • https://github.com/n0roffbrain/project/blob/main/XGSPOOFER12347.png?raw=true HTTP 302
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/XGSPOOFER12347.png HTTP 302
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xgrounded.xyz/
Redirect Chain
  • http://xgrounded.xyz/
  • https://xgrounded.xyz/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xgrounded.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cc98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0feca33f5270e11f0b3bcd09bc99f22aed206caec7fe57461a42b02405071e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ce1655c089ad9d2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 06 Oct 2024 00:04:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0YTQwML8gCYRL7HfYrt%2FOlieb2RpyaQfs66GtQGLWObozL1RjP%2BRk7wy8R5cjptW9Y8zYx2kiVtUO4IyXKolY%2FtooieGLlPCfC3BwipriVWjlnph7hJpfYaUz7oRa4MvjUanE4PhTYhjGmZe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://xgrounded.xyz/
Non-Authoritative-Reason
HttpsUpgrades
speculation
xgrounded.xyz/cdn-cgi/ 		128 B
581 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xgrounded.xyz/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cc98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://xgrounded.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkkMay6YXOq9F4HHvUn1TGp%2FUY41buce%2BR7ivHP%2BMqKyphofPr%2BUEdx4OUl30GHRlqMlhCqtgJtjQIbuJd5un1E%2B3zssPg7tO1BYFurqmSDLLCjJk6pjnWR1jQYTB%2Fvm37cyRtmdv3ofLg6M"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce1655efcb1d9d2-FRA
access-control-allow-origin
https://xgrounded.xyz
alt-svc
h3=":443"; ma=86400
content-length
128
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
priority
u=4,i
css2
fonts.googleapis.com/ 		1 KB
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prompt:wght@900&display=swap
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3cbb8f4a87ac37e3a4147e6883f10ea5c0545f33f5831f917e27daaaacb432f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 00:04:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 06 Oct 2024 00:04:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		1 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit&display=swap
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c8f1efcf99b3c258ddb72e9dd3bc9d845cacb68a222157b4a2e7cbce2bfd0759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 00:04:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 05 Oct 2024 23:10:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
aos.css
unpkg.com/aos@2.3.1/dist/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age
160616
x-content-type-options
nosniff
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01J9AS3J2S2RPNGDS720E5G9QY-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ce1655f6b79dcd0-FRA
access-control-allow-origin
*
server
cloudflare
pro.min.css
kit-pro.fontawesome.com/releases/v6.2.0/css/ 		788 KB
165 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76ff2cfe25e35dc7a90fb959a1da27629357d601a7dab2876c16d19853448cfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

cache-control
public, max-age=31556926
content-encoding
gzip
cf-cache-status
HIT
etag
W/"32b07840650d89a6955ec02980a5213d"
age
17824898
x-amz-request-id
NFSCR5054HDXX6S7
expires
Mon, 06 Oct 2025 05:53:32 GMT
cf-ray
8ce1655f88679070-FRA
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/css
last-modified
Tue, 30 Aug 2022 16:40:41 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
2xoCgZX/W+Lf9ecmfBs2ary3vCOGyYDaIw6JomlU6vxDOg1XIB5S1I19EvKiqRRsUcxwFJdsWxI=
bootstrap.min.css
fastly.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ 		227 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://xgrounded.xyz/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"38cf3-SvPX4VpqOAxsurukLprfMwtJ1Y8"
age
382383
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220132-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
34794
x-jsd-version
5.3.0-alpha3
bootstrap.bundle.min.js
fastly.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://xgrounded.xyz/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
age
695490
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220132-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24750
x-jsd-version
5.3.0-alpha3
XGSPOOFER12347.png
raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/
Redirect Chain
  • https://github.com/n0roffbrain/project/blob/main/XGSPOOFER12347.png?raw=true
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/XGSPOOFER12347.png
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc3241dde039f5650dc8fd5c3b0e2dbb1b3686e74a91ea87c46d9e76a92a7c7c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

x-fastly-request-id
77b6a3d24f7bb4b6db0557c2903d5706627ae9bc
etag
W/"95c4485829dab0a0948b24401be672a2312ca35b878a27c1935239be5a51a65a"
x-content-type-options
nosniff
x-github-request-id
C3FE:38191E:3820C36:3ACBEF8:6701D41E
expires
Sun, 06 Oct 2024 00:09:47 GMT
x-cache
MISS
date
Sun, 06 Oct 2024 00:04:47 GMT
content-type
image/png
x-served-by
cache-fra-eddf8230120-FRA
x-cache-hits
0
source-age
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1728173087.175549,VS0,VE190
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
259555
x-xss-protection
1; mode=block

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
cache-control
no-cache
location
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-github-request-id
D3BA:3BB4DB:2DE66D2:2EE97D4:6701D41E
access-control-allow-origin
content-length
0
date
Sun, 06 Oct 2024 00:04:46 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
server
GitHub.com
x-frame-options
deny
aos.js
unpkg.com/aos@2.3.1/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
age
411903
x-content-type-options
nosniff
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01J939EWV21ZHSB07RW7M0A0BQ-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ce1655f6b7bdcd0-FRA
access-control-allow-origin
*
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://xgrounded.xyz/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ce16561086f1cad-FRA
access-control-allow-origin
*
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
back.png
raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/
Redirect Chain
  • https://github.com/n0roffbrain/project/blob/main/back.png?raw=true
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/back.png
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/back.png
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/back.png
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H2
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82f4aa578824f98585876c702c9bc44194a433dc11137c44636a86d25308c4ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

x-fastly-request-id
491baff890853b837aa7cfb153d969509aafef48
etag
W/"60aa73139f223c4f87c6ae79225df42a3a20c58d6b51c628b33274a3bbb881a9"
x-content-type-options
nosniff
x-github-request-id
8612:358780:38C3A8A:3B71DB7:6701D41F
expires
Sun, 06 Oct 2024 00:09:47 GMT
x-cache
MISS
date
Sun, 06 Oct 2024 00:04:47 GMT
content-type
image/png
x-served-by
cache-fra-eddf8230120-FRA
x-cache-hits
0
source-age
0
x-frame-options
deny
strict-transport-security
max-age=31536000
vary
Authorization,Accept-Encoding,Origin
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1728173088.512672,VS0,VE186
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1420793
x-xss-protection
1; mode=block

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
cache-control
no-cache
location
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/back.png
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-github-request-id
D3BA:3BB4DB:2DE6786:2EE989F:6701D41F
access-control-allow-origin
content-length
0
date
Sun, 06 Oct 2024 00:04:47 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
server
GitHub.com
x-frame-options
deny
-W_8XJnvUD7dzB2C4_0IfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C4_0IfWMuQ5Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt:wght@900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0e3eed2ce9b2c1a5d83a189b489892d2c1a11d57c13df9e0c87bb60769b2ae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
178845
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 03 Oct 2025 22:24:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 03 Oct 2024 22:24:01 GMT
last-modified
Wed, 27 Apr 2022 15:41:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13160
x-xss-protection
0
server
sffe
pro-fa-solid-900-50c900.woff2
kit-pro.fontawesome.com/releases/v6.2.0/webfonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/webfonts/pro-fa-solid-900-50c900.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f489fbd3595b880fe415bdb7181f929415fedbb770800c0b22b750e7364130d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"fb1a34e2e1b8bf2e9ad172ddfc033df6"
age
527064
access-control-allow-methods
GET
expires
Mon, 06 Oct 2025 05:53:32 GMT
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 30 Aug 2022 16:50:25 GMT
x-amz-id-2
tHbCzaMQl29tZIbMazDY2z+GLImhQK87HjSgY124kdH1tSFGw+ZkHqhVgciK4DaJfzqXQ0SylLU=
cache-control
public, max-age=31556926
x-amz-request-id
ZYY9P4Q5CS62RABA
cf-ray
8ce1656118f63679-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28056
server
cloudflare
nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraBGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
86386
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 00:05:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 00:05:00 GMT
last-modified
Thu, 20 Jul 2023 20:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13260
x-xss-protection
0
server
sffe
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
77162
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 02:38:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 02:38:44 GMT
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19388
x-xss-protection
0
server
sffe
pro-fa-solid-900-03c840.woff2
kit-pro.fontawesome.com/releases/v6.2.0/webfonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/webfonts/pro-fa-solid-900-03c840.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e567f8a857cb3871c7f2a1c00ae73d85bedea2a79cdac80fba9562b88b0c577a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"5a5602fe5bdfff54ce95f1681d935255"
access-control-allow-methods
GET
expires
Mon, 06 Oct 2025 05:53:33 GMT
date
Sun, 06 Oct 2024 00:04:47 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 30 Aug 2022 16:50:25 GMT
x-amz-id-2
3d+M7fWMc9YMN72me9gWHH9PZKzVty1sdCw98XCrSwFlNB+S0UqZdP1HLSOU+Sg5pvNnnWs8JPyHd+kgOPzT+A==
cache-control
public, max-age=31556926
x-amz-request-id
84R20VBT2CMP8GGB
cf-ray
8ce1656118f73679-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
26340
server
cloudflare
pro-fa-regular-400-d5bbe9.woff2
kit-pro.fontawesome.com/releases/v6.2.0/webfonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-pro.fontawesome.com/releases/v6.2.0/webfonts/pro-fa-regular-400-d5bbe9.woff2
Requested by
Host: kit-pro.fontawesome.com
URL: https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db078963d01bfb37dc7bd28ab3bdf39e91ebd7e4abdba55d133b64dbb9f83f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://xgrounded.xyz
Referer
https://kit-pro.fontawesome.com/releases/v6.2.0/css/pro.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"ba07fe6fe055a96e190467bd8981ee7c"
age
545866
access-control-allow-methods
GET
expires
Mon, 06 Oct 2025 05:53:32 GMT
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 30 Aug 2022 16:50:25 GMT
x-amz-id-2
yiRv/e1qjiV7LQrseRbi9ckM8OK34gfAr8T5HSTW6htE8J1ISMwn2PdiZ6DZ16m78rSkmZb0ZmA=
cache-control
public, max-age=31556926
x-amz-request-id
DJ5FMG1NG1XXM1K4
cf-ray
8ce1656118f93679-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29744
server
cloudflare
main.js
xgrounded.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 8A78
Redirect Chain
  • https://xgrounded.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://xgrounded.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xgrounded.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/
Protocol
H3
Server
2606:4700:3031::ac43:cc98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db30a23e139feba58609e43bc9e9c0dc498e38e4aa2289f259d9c549e8168299
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7x0YDQSlnVEQaFiuxCp0HnRU8zlsY9oABeLuCdmX2ixCwk6F75mtsqcb1DiSD7sWm4WpDonrr%2FLgI%2BFLiryC7XVFII1U%2BAZnpuexiEj51ab0QNh%2BLgaW6Cln6Rllt9OGjgRJ8mhTvv15zdmR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ce16561a812d9d2-FRA
date
Sun, 06 Oct 2024 00:04:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpCIAKnpBjgouqYcZSdtRtez9ZYtIzc59788wDHLb3hHe1V%2FX23oja9JWMTRfoGD%2FCmzLNa65MeqMNS3Zqw1JjDw4X13i1YiYSQsmgPGhXN9xs8uEWSbRdZvvCqZYG%2Fdvkiv2p4hz%2BEL3XPx"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce165616fb9d9d2-FRA
access-control-allow-origin
*
content-length
0
date
Sun, 06 Oct 2024 00:04:46 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8ce1655c089ad9d2
xgrounded.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8A78 		0
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xgrounded.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8ce1655c089ad9d2
Requested by
Host: xgrounded.xyz
URL: https://xgrounded.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cc98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoQhB8U87Cz87QRftaqRcEJoZwmA%2F60iaeTDnB0u2zoZ1dQjbApHagigkVeK35gj6RpuTgDZo3Pliqbky%2BBGXDF9Ubr3mKzzVEEd135XtNnV0CDYAZveXxRQRALxvQ0Ol1teSjmtkme930Bl"}],"group":"cf-nel","max_age":604800}
cf-ray
8ce165626900d9d2-FRA
content-length
0
date
Sun, 06 Oct 2024 00:04:47 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
rum
xgrounded.xyz/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xgrounded.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cc98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xgrounded.xyz/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ce16567489ed9d2-FRA
access-control-allow-origin
https://xgrounded.xyz
date
Sun, 06 Oct 2024 00:04:47 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
XGSPOOFER12347.png
raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/
Redirect Chain
  • https://github.com/n0roffbrain/project/blob/main/XGSPOOFER12347.png?raw=true
  • https://github.com/n0roffbrain/project/raw/refs/heads/main/XGSPOOFER12347.png
  • https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
253 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
Protocol
H2
Server
2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc3241dde039f5650dc8fd5c3b0e2dbb1b3686e74a91ea87c46d9e76a92a7c7c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://xgrounded.xyz/

Response headers

x-fastly-request-id
77b6a3d24f7bb4b6db0557c2903d5706627ae9bc
etag
W/"95c4485829dab0a0948b24401be672a2312ca35b878a27c1935239be5a51a65a"
x-github-request-id
C3FE:38191E:3820C36:3ACBEF8:6701D41E
x-content-type-options
nosniff
expires
Sun, 06 Oct 2024 00:09:47 GMT
x-cache
MISS
date
Sun, 06 Oct 2024 00:04:47 GMT
content-type
image/png
vary
Authorization,Accept-Encoding,Origin
x-served-by
cache-fra-eddf8230120-FRA
x-cache-hits
0
x-frame-options
deny
source-age
0
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
cache-control
max-age=300
x-timer
S1728173087.175549,VS0,VE190
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
259555
x-xss-protection
1; mode=block

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
cache-control
no-cache
location
https://raw.githubusercontent.com/n0roffbrain/project/refs/heads/main/XGSPOOFER12347.png
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-github-request-id
D3BA:3BB4DB:2DE69CF:2EE9AF9:6701D420
access-control-allow-origin
content-length
0
date
Sun, 06 Oct 2024 00:04:46 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
server
GitHub.com
x-frame-options
deny

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dueDate object| currentDate number| uidEvent object| bootstrap object| AOS object| __cfBeacon

2 Cookies

Domain/Path Name / Value
xgrounded.xyz/ Name: PHPSESSID
Value: uqvkdbgva29sir9mkrh5i6iost
.xgrounded.xyz/ Name: cf_clearance
Value: .A8vrLVDKk9v4XfwxtPR.16TvX.spQ1hy0ScHSJ1Gb4-1728173087-1.2.1.1-trykbOw68VnZYq8LfRs7wq7kYZNQQseVCa66_PAsL3Chur7fndbtkEalv9JYIlQCOwihCm1v0i9PEVkjxuw_rOAj6ykEb4flFF3mljSn7uGKnXhOgMf2HFXTWcw56kCTrJBuHGu1CCLzKmACAwC4fRkISIP8iHpByoLRe9MAv241i4peveMjlOJ4MWXPxJSG0EbLA3ex9MCdMEjsHhCMutpRXR1aBGu2H_a_xz.FWTTV_WUh.wpMReu3B9QPpFZK_nHMw_IeErK6l7iTJRMd1VIRkZtabE_842mRHxESbjwnD9NSTfzNcW4GtJvenzNc2Uzoexpc7HFuVDcJirO.xky1taN4HeO9hGYQ4B2ibaJIEZmHYae_lo25t97gKAwq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fastly.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
github.com
kit-pro.fontawesome.com
raw.githubusercontent.com
static.cloudflareinsights.com
unpkg.com
xgrounded.xyz
140.82.121.4
2606:4700:3031::ac43:cc98
2606:4700:4400::6812:2844
2606:4700::6810:5049
2606:4700::6811:f9cb
2606:50c0:8001::154
2a00:1450:4001:806::2003
2a00:1450:4001:829::200a
2a04:4e42:200::485
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
19db078963d01bfb37dc7bd28ab3bdf39e91ebd7e4abdba55d133b64dbb9f83f
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
76ff2cfe25e35dc7a90fb959a1da27629357d601a7dab2876c16d19853448cfb
82f4aa578824f98585876c702c9bc44194a433dc11137c44636a86d25308c4ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
ae0feca33f5270e11f0b3bcd09bc99f22aed206caec7fe57461a42b02405071e
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
c8f1efcf99b3c258ddb72e9dd3bc9d845cacb68a222157b4a2e7cbce2bfd0759
cc3241dde039f5650dc8fd5c3b0e2dbb1b3686e74a91ea87c46d9e76a92a7c7c
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
d0e3eed2ce9b2c1a5d83a189b489892d2c1a11d57c13df9e0c87bb60769b2ae3
d3cbb8f4a87ac37e3a4147e6883f10ea5c0545f33f5831f917e27daaaacb432f
db30a23e139feba58609e43bc9e9c0dc498e38e4aa2289f259d9c549e8168299
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e567f8a857cb3871c7f2a1c00ae73d85bedea2a79cdac80fba9562b88b0c577a
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f489fbd3595b880fe415bdb7181f929415fedbb770800c0b22b750e7364130d2