www.grassfonudatiions.xyz Open in urlscan Pro
2606:4700:3036::ac43:93ce  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	403	Primary Request / Show response www.grassfonudatiions.xyz/	10 KB 9 KB	99ms 33ms	Document text/html	2606:4700:3036::ac43:93ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.grassfonudatiions.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:93ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29fc10030a1ed79b37daa70cc0a2bb8a8ac635717bf0333f1e20c231a4985bf4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out byw725bpYO7lpD93g0hpDhqa0GLJ3YLi5zJSVGe3ooN+jEjPxeU3xsV+XAaXJsjyvok9fAjJorq9MfPrgkxSAQHEDf4/jvHoFfEayE7A1zE=$LOQaClFC7iB8ag/3b6eqYQ== cf-mitigated challenge cf-ray 8df089afccd3d2f2-FRA content-encoding zstd content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 07 Nov 2024 21:50:15 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nok%2BdM3fZFCiGsE%2BxyY1VXhVlpX0%2ByXDe%2FEwLYVK7%2FQe7FJsVW%2BTQaAHzWk8jdBA%2FFqPC%2Bo1YD9593l2QRDXdNM9XyGpXIerRkRYVX7Ds85dRxGeydPuTHPgUZQ9HR%2FZ1KiT9HE3WKvBgk3gn%2FE79DH%2Ft5HUWbB9"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=21195&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4135&recv_bytes=4301&delivery_rate=144911&cwnd=12000&unsent_bytes=0&cid=f689f1b209789b06&ts=38&x=1" cfHdrFlush;dur=0 vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H3	200	v1 Show response www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	101 KB 39 KB	28ms 28ms	Script application/javascript	2606:4700:3036::ac43:93ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8df089afccd3d2f2 Requested by Host: www.grassfonudatiions.xyz URL: https://www.grassfonudatiions.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:93ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 193962c305902bbfdac06ddc5990fe8d475358bfafddc9a6e89454c2a0a6b8a2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.grassfonudatiions.xyz/?__cf_chl_rt_tk=Gml2sRIMCc0Cj8tGKzvj7WHnYlHM4iIsCXByw4x9cX8-1731016215-1.0.1.1-WYjsfZF.Yi5mkWP67yLF8i9I2bgrLZnF.85Wc1js_Mc Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2Fnbxr0DyYN7UGTaeiVGC3gaLKFeBgA9pCvEc1mtuESZ%2BuuflR%2B1aa56U1YSrH3gY5zRnKEJ0BSlxD%2FP59rdzIfIWLsqfU6iQCt2CrvgmKVkvO%2BC085lyRdBv7cWsMKGJZiSL%2F8bTyPm2%2B6FDzPvaY5X3l66zCsH"}],"group":"cf-nel","max_age":604800} cf-ray 8df089b04e17d2f2-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25092&sent=22&recv=15&lost=0&retrans=0&sent_bytes=13483&recv_bytes=5026&delivery_rate=431600&cwnd=12000&unsent_bytes=0&cid=f689f1b209789b06&ts=115&x=1", cfHdrFlush;dur=0 date Thu, 07 Nov 2024 21:50:15 GMT content-type application/javascript; charset=UTF-8 server cloudflare
GET		95b57528-f95e-45d2-b309-f3e8f7e1506c https://www.grassfonudatiions.xyz/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/ccb741a09fd3/	47 KB 16 KB	57ms 29ms	Script application/javascript	2606:4700::6812:5f29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/ccb741a09fd3/api.js?onload=TPRaR7&render=explicit Requested by Host: www.grassfonudatiions.xyz URL: https://www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8df089afccd3d2f2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88efd572595cd9c30f9d1e2c5451dcedf6d973025c4f4678f2027b46c2c3d363 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.grassfonudatiions.xyz Referer Response headers cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8df089b10b83d390-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Thu, 07 Nov 2024 21:50:15 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 01 Nov 2024 17:05:51 GMT server cloudflare vary Accept-Encoding
GET H3	200	favicon.ico www.grassfonudatiions.xyz/	19 KB 19 KB	71ms 71ms	Image text/html	2606:4700:3036::ac43:93ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.grassfonudatiions.xyz/favicon.ico Requested by Host: www.grassfonudatiions.xyz URL: https://www.grassfonudatiions.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:93ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.grassfonudatiions.xyz/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bau55IEY1aAdYLEKUzgcdCDLoKiDhKh9LWAzVmtwmI5tA1k7SPqHsxoNgaQkzG7XBUR6%2FV%2Fh9fhbFM%2FA1S%2B%2FLG0K%2BcHH7w08ps%2FRVoO5bt%2FkosB74gIVhe%2F4DDhXDESFB4bXIYm51gXmrGodPWT6me4V4vUJ0BTf"}],"group":"cf-nel","max_age":604800} cf-ray 8df089b0ef5bd2f2-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23005&sent=60&recv=34&lost=0&retrans=0&sent_bytes=54877&recv_bytes=6156&delivery_rate=1025084&cwnd=30000&unsent_bytes=0&cid=f689f1b209789b06&ts=254&x=1", cfHdrFlush;dur=0 date Thu, 07 Nov 2024 21:50:15 GMT content-type text/html; charset=utf-8 last-modified Thu, 07 Nov 2024 21:50:15 GMT vary Accept-Encoding server cloudflare
GET H3	200	favicon.ico www.grassfonudatiions.xyz/	133 KB 58 KB	33ms 32ms	Other text/html	2606:4700:3036::ac43:93ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.grassfonudatiions.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:93ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68eaf11b507be63d06881916e84c607e0457d74531fed6ae6fe1b60cfa7bddd6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.grassfonudatiions.xyz/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status HIT age 0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBsx%2BmxAKJTD6dyVcj46JA%2FebHIGW4W4v1YFMLMopZx%2BtIiVpouD9unBlR7GyncLrmuxTuOpJUwfRmNo7f30zeNA7jDzuxusVH9c2p8xfZm%2BYb3BVdFcyS3rT%2FQAfD691d3A64iARmnUtQza4QMK%2FdWj%2FRgengpp"}],"group":"cf-nel","max_age":604800} cf-ray 8df089b1686dd2f2-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22685&sent=114&recv=49&lost=0&retrans=0&sent_bytes=114832&recv_bytes=7143&delivery_rate=430890&cwnd=55200&unsent_bytes=0&cid=f689f1b209789b06&ts=293&x=1", cfHdrFlush;dur=0 date Thu, 07 Nov 2024 21:50:15 GMT content-type text/html; charset=utf-8 last-modified Thu, 07 Nov 2024 21:50:15 GMT vary Accept-Encoding server cloudflare
POST H3	200	GFF.hcJm1XwZpjc7mKLfvMHrIrrHJzZzaJajN0agTrM-1731016215-1.2.1.1-QrJqDuABOKeXBMuW.PfxNXBz9uMZ.8UTTQDHInTZDY9DTBxM.245wC9jjm_K8OU7 Show response www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/2081382454:1731014080:PGk10UebvmSW3n4DHa4t9VygN4WOgEVEbTQBU66OQCU/8df089afccd3d2f2/	13 KB 10 KB	34ms 32ms	XHR text/plain	2606:4700:3036::ac43:93ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/2081382454:1731014080:PGk10UebvmSW3n4DHa4t9VygN4WOgEVEbTQBU66OQCU/8df089afccd3d2f2/GFF.hcJm1XwZpjc7mKLfvMHrIrrHJzZzaJajN0agTrM-1731016215-1.2.1.1-QrJqDuABOKeXBMuW.PfxNXBz9uMZ.8UTTQDHInTZDY9DTBxM.245wC9jjm_K8OU7 Requested by Host: www.grassfonudatiions.xyz URL: https://www.grassfonudatiions.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8df089afccd3d2f2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:93ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a58885ee537e6ebbab8bd6b91ac18e0670d6e77adc9f7c68dd3da174afe17947 Request headers Referer https://www.grassfonudatiions.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge GFF.hcJm1XwZpjc7mKLfvMHrIrrHJzZzaJajN0agTrM-1731016215-1.2.1.1-QrJqDuABOKeXBMuW.PfxNXBz9uMZ.8UTTQDHInTZDY9DTBxM.245wC9jjm_K8OU7 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRyX1MwZfXvW0CZpfXqfS1pPn68Svixb5b0wBvN7OX0Zzg99Mbo7Ry2imY7MWt7%2FShH3NyuS8UMQfE34S0hJTP%2FrA3jr%2FplziJjYENt82FLGzNLuaaB5RO%2FUVa3gzLNuFU%2FttOHcfu6VWCtctnp7gFNXuTv09I95"}],"group":"cf-nel","max_age":604800} cf-ray 8df089b19911d2f2-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22269&sent=168&recv=68&lost=0&retrans=0&sent_bytes=175115&recv_bytes=12821&delivery_rate=3121217&cwnd=74400&unsent_bytes=0&cid=f689f1b209789b06&ts=330&x=1", cfHdrFlush;dur=0 date Thu, 07 Nov 2024 21:50:15 GMT content-type text/plain; charset=UTF-8 cf-chl-gen bjvIo3+ZPeQ6l4/pO+QwHImvmy2jYWOFMQY4yWJFYkeneY5Fa9Fm9NcRQ+3XFRc08UhEo08wo1Q=$QXSvz91O11WDwZ7B server cloudflare
GET		d6971259-0a86-407c-933d-0cbf8f2a58ff https://www.grassfonudatiions.xyz/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/g9726/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 8EDD	0 0	49ms 28ms	Document text/html	2606:4700::6812:5f29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/g9726/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/ccb741a09fd3/api.js?onload=TPRaR7&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8df089b219b330f9-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 07 Nov 2024 21:50:15 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.grassfonudatiions.xyz

URL

blob:https://www.grassfonudatiions.xyz/95b57528-f95e-45d2-b309-f3e8f7e1506c

Domain

www.grassfonudatiions.xyz

URL

blob:https://www.grassfonudatiions.xyz/d6971259-0a86-407c-933d-0cbf8f2a58ff

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| ohkK5 function| rySd1 function| QGJvP8 object| ikBt2 object| CsjRg4 function| rXxfy1 function| TPRaR7 boolean| GWjP4 function| YOjP0 function| MBrHb0 function| EoZUA8 object| EPXZ7 number| xHem4 object| angular object| kvGpe8 object| turnstile boolean| HUWw2 function| _ string| ecqB1 boolean| bUxb7

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.grassfonudatiions.xyz/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
www.grassfonudatiions.xyz
www.grassfonudatiions.xyz
2606:4700:3036::ac43:93ce
2606:4700::6812:5f29
193962c305902bbfdac06ddc5990fe8d475358bfafddc9a6e89454c2a0a6b8a2
29fc10030a1ed79b37daa70cc0a2bb8a8ac635717bf0333f1e20c231a4985bf4
68eaf11b507be63d06881916e84c607e0457d74531fed6ae6fe1b60cfa7bddd6
88efd572595cd9c30f9d1e2c5451dcedf6d973025c4f4678f2027b46c2c3d363
a58885ee537e6ebbab8bd6b91ac18e0670d6e77adc9f7c68dd3da174afe17947
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855