refund.kinggrok.net Open in urlscan Pro
172.67.201.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refund.kinggrok.net/
Effective URL:
https://refund.kinggrok.net/
Submission: On November 16 via api (November 16th 2023, 4:09:02 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 172.67.201.50, located in United States and belongs to CLOUDFLARENET, US. The main domain is refund.kinggrok.net.
TLS certificate: Issued by E1 on November 15th 2023. Valid for: 3 months.

This is the only time refund.kinggrok.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.34.81 104.21.34.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.201.50 172.67.201.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.20.234 104.18.20.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	6

1 104.21.34.81 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

refund.kinggrok.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.201.50 (United States)

ASN13335 (CLOUDFLARENET, US)

refund.kinggrok.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinggrok.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.234 (None, )

ASN13335 (CLOUDFLARENET, US)

app.ens.domains	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kinggrok.net 1 redirects refund.kinggrok.net kinggrok.net	2 MB
2	ens.domains app.ens.domains	66 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	49 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	124 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	30 KB
0	walletconnect.com Failed explorer-api.walletconnect.com Failed
0	flaticon.com Failed cdn-icons-png.flaticon.com Failed
23	7

	Domain	Requested by
8	refund.kinggrok.net	1 redirects refund.kinggrok.net
2	app.ens.domains	refund.kinggrok.net
1	cdn.jsdelivr.net	refund.kinggrok.net
1	cdnjs.cloudflare.com	refund.kinggrok.net
1	kinggrok.net	refund.kinggrok.net
1	ajax.googleapis.com	refund.kinggrok.net
0	explorer-api.walletconnect.com Failed	refund.kinggrok.net
0	cdn-icons-png.flaticon.com Failed	refund.kinggrok.net
23	8

This site contains links to these domains. Also see Links.

Domain
twitter.com
metamask.io
learn.rainbow.me

Subject Issuer	Validity	Valid
kinggrok.net E1	`2023-11-15` - `2024-02-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
app.ens.domains E1	`2023-10-18` - `2024-01-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://refund.kinggrok.net/
Frame ID: 3D5AE0CFE6C5CDEEA08B5323EEF3B11B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

King Grok | Vault Bridge

Page URL History Show full URLs

http://refund.kinggrok.net/ HTTP 301
https://refund.kinggrok.net/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

23
Requests

57 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

2672 kB
Transfer

6921 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/KingGrokErc

Search URL Search Domain Scan URL

URL: https://metamask.io/
Title: Get a Wallet

Search URL Search Domain Scan URL

URL: https://learn.rainbow.me/understanding-web3
Title: Learn More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refund.kinggrok.net/ HTTP 301
https://refund.kinggrok.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
refund.kinggrok.net/
Redirect Chain

http://refund.kinggrok.net/
https://refund.kinggrok.net/

8 KB
3 KB

543ms
216ms

Document
text/html

172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 148ad40e7b3a5c9f86b0014338d45a4140478be0e0fec8746870eb675d0dd6ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8270fedafdc85d74-FRA
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 16:08:56 GMT
last-modified: Wed, 15 Nov 2023 12:27:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzRTHlv6j0IrlWj49201znvpnhM34w%2FtpOhfkUQ5zoz41U7hiOBwDgxwuBzozkiAX%2FcVLJgxEu6mkZPzm%2F8a7%2BzvnOlNC311CSlR8bOyV632n4N9A0JmlOVkbx792CLqos4tFfCX"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 8270fed8cdcb1c19-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 16 Nov 2023 16:08:56 GMT
Expires: Thu, 16 Nov 2023 17:08:56 GMT
Location: https://refund.kinggrok.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZQRzLuGdx9u2bDfOYlPny%2F6NPk85oyqnhFw3DRU023APctcxWU0zVDBFaSRGbsNiW0je%2F9xxWiz5wsqfLnqf8i4VemeljgE%2F5ny4FeUhtOUr%2BySuzHLsw0SH2rhFp0G91LkDip5"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 404 main.89c0e717.chunk.css
refund.kinggrok.net/static/css/ 0
0 715ms
714ms Stylesheet
text/html 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/static/css/main.89c0e717.chunk.css
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6erNtxLiF2Kzj2YpVtiePEpnirdFppAu5WCK1W1mwlCj8o6UPnW9Vc2nt4MoZ%2FzgCbmyPLB11tMCvj79MF3TjW9Rt5%2B5U8E3nV8LHJP0tSuCG1gaslCpkNJneGNxRbygQxVqmkGP"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8270fedc5f615d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.css
refund.kinggrok.net/ 12 KB
3 KB 232ms
231ms Stylesheet
text/css 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/custom.css
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd4fbcd0675b74671362a7a915bd2e1b0ca18ef5798419bee4495161c6a867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 12:23:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6554b846-3033"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7%2F6fC2WpqJXtrDwy454t0Y62icKoimHLNqRYmrzA0gVbbcD2ahSLJRVbDHqO3b7628p1B96dSYYsnISD8AdKa7rvnlue8kkweQaWRvFzs%2FragwuGIhJ9eNpvQKZm6ybMLHrMx5g"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8270fedc5f655d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 385ms
24ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30462
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 02:22:43 GMT

GET
H2 200 cad238b4-aa94-42fc-b726-bada3a803d21.js Show response
refund.kinggrok.net/ 3 MB
657 KB 314ms
313ms Script
application/javascript 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1cea9e6feaadf5ac6a244aaf06a50af96c5c355ecc20d94a9e05c10de8e505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:01:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6553619c-3587d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV4oC4o1SXcKeTk%2FpC8Qp8rL6VAKlocwDPf3hRlP4jBwDwvXMIWBGh441MKYHDCqwy2rGSyufrSc7X6g%2FEZtabLklLGzeiVEjEXJEwNsjOkmIBUWtNmuFDImd%2Bn6jrRJlEprcyPx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270fedc5f685d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
kinggrok.net/assets/img/ 1 MB
1 MB 33ms
21ms Image
image/png 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinggrok.net/assets/img/logo.png
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bdeaea346b89723cd47eb6aa50963d6a3e2382878554b07c16e04e70154005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:57 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 17:32:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 784
etag: "655500a2-177d86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BkY0mI%2F3Atnw%2Bk1HfkKCoMqdb3vqhAAmnu7MdbyCMac6PmWJpwzKOmIeJwU0p9OnENTmOMVueHHWQK1uQrrmc7Ve3caJSIclemgaUktGVl3d5cX6M96m87C6p%2F%2FajY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8270fedc6f815d74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1539462

GET
H2 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 339ms
15ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 465962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125841
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62ad87d5-1eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgQZ%2Fg5UdNsYCtdvkwz8R5XwWo43b4UJGmrvUJrnfKhvuFw6zNjQkQ%2FrnmQAlrHvUG0NWL3%2BULwzrdNMFzyQFgeOU1gEr60R90OnzmVxn%2B%2FPCWmCChRBo3CTxQmF8aSUhxVDPzBd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8270fee398a25c80-FRA
expires: Tue, 05 Nov 2024 16:08:58 GMT

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 209 KB
49 KB 359ms
35ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41844
x-jsd-version: 0.3.11
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"343f5-wn3//e2DIG1tBGj3Z3By+fDhqDc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKuNh7Ux8Gf31Hy2FumNexQB67tySgOSBgHn6RbFOE03Qjiemyy2S%2Flu4fSYwSHsZ1XadfwT7SkPYuxjsQjLucSu6tXGCPnJ%2Fa2Xnq%2BlrwgzDR7XJUBkz%2FTvWi4bVNeHvog%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8270fee39db69950-FRA

GET
H2 200 wallet-connect-v2.js Show response
refund.kinggrok.net/scripts/ 854 KB
232 KB 3308ms
3307ms Script
application/javascript 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/scripts/wallet-connect-v2.js
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ee391037568f8f72a191635288afe7274cb7cb2439d1cdadc407be07b3925c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:02:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655361c0-d59b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opYqPQkUkGIBpi5xek4y7UOkvfpc0AnilN4HniVeMSeL%2F88NjJ17GEJDPBkP8i8XVTgvf488Pr9fTdQ9P90fDQMrzMfzmnOUk5hI80Agvqoqp7aFfjICcv4GSXleelR%2Fxil8wMtx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8270fee19c935d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 modal-8.css
refund.kinggrok.net/styles/ 6 KB
2 KB 302ms
301ms Stylesheet
text/css 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/styles/modal-8.css
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da156e0af9d3886768231cc41ad99971364bb27a4c9e0c3e30671063a5adbd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:02:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655361bc-1668"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4C5Khueq3kD5fWnVGIwKQHMwK27zVp2ZAbEtOPPqH6eTlHcwfH%2B4DdH8p1x3Z%2B67M4CmUCVj5z6BX6YOcQlYlUBzUkoolMIUWpCICdwsS2nsQIwUYO09okHgRh0D%2FDXbJLt9WQa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8270fee19c8f5d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 popup-2.css
refund.kinggrok.net/styles/ 448 B
552 B 202ms
201ms Stylesheet
text/css 172.67.201.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refund.kinggrok.net/styles/popup-2.css
Requested by: Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/cad238b4-aa94-42fc-b726-bada3a803d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.201.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5298fcf1101e36b6983102174cc806e20fd5b4e3ac05d9db8280b4d159fd38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refund.kinggrok.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 12:02:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655361bc-1c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDb3Zuu4cLPu1qMuXC6DxMCGHHqHOdoF35omorxRvax4N2hcxWfRYVzjOHQeVNR80IQPF2p0itnDk96go0IhRamRCgh1QBJA1rJLf3j99YdJhk8EchkxWt9kGs7AH%2F02n4cth4ES"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8270fee19c905d74-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Satoshi-Bold.otf
app.ens.domains/fonts/sans-serif/ 49 KB
32 KB 437ms
90ms Font
font/otf 104.18.20.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.ens.domains/fonts/sans-serif/Satoshi-Bold.otf

Requested by

Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.20.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e4f9b7c1864c50761d729d6001bfac708c80457fa6fc41559a8ab1bd2573ff

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' ; script-src 'self' 'sha256-UyYcl+sKCF/ROFZPHBlozJrndwfNiC5KT5ZZfup/pPc=' https://.googletagmanager.com plausible.io static.cloudflareinsights.com .ens-app-v3.pages.dev https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-ancestors 'self' https://app.safe.global;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://refund.kinggrok.net/
Origin: https://refund.kinggrok.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-security-policy: worker-src 'self' ; script-src 'self' 'sha256-UyYcl+sKCF/ROFZPHBlozJrndwfNiC5KT5ZZfup/pPc=' https://*.googletagmanager.com plausible.io static.cloudflareinsights.com *.ens-app-v3.pages.dev https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-ancestors 'self' https://app.safe.global;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9ad384fae31dc243c13c762dde2d3e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBaf73%2B3p1j5zV9mtZ2RBbKga2pi307yr0fYMzVqt7fvKrbTq01i8odjHC%2Fx83RX39upItxkCycQRbQx4UCKcCoHvPJQS%2Bo%2FloumNO9amZMZvJlZUcryNppRxzAPJhTKL8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8270fee428ae9217-FRA
expires: Thu, 16 Nov 2023 20:08:58 GMT

GET
H2 200 Satoshi-Medium.otf
app.ens.domains/fonts/sans-serif/ 49 KB
33 KB 435ms
89ms Font
font/otf 104.18.20.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.ens.domains/fonts/sans-serif/Satoshi-Medium.otf

Requested by

Host: refund.kinggrok.net
URL: https://refund.kinggrok.net/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.20.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93330866d109f6b2e298748958ec6fa4010cacef586783f281a0b268cab7fc6e

Security Headers

Name	Value
Content-Security-Policy	worker-src 'self' ; script-src 'self' 'sha256-UyYcl+sKCF/ROFZPHBlozJrndwfNiC5KT5ZZfup/pPc=' https://.googletagmanager.com plausible.io static.cloudflareinsights.com .ens-app-v3.pages.dev https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-ancestors 'self' https://app.safe.global;
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://refund.kinggrok.net/
Origin: https://refund.kinggrok.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:08:58 GMT
content-security-policy: worker-src 'self' ; script-src 'self' 'sha256-UyYcl+sKCF/ROFZPHBlozJrndwfNiC5KT5ZZfup/pPc=' https://*.googletagmanager.com plausible.io static.cloudflareinsights.com *.ens-app-v3.pages.dev https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; frame-ancestors 'self' https://app.safe.global;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"8d8070c2aaa33fadc5140990b445bb9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ds%2BBUVtm8RrPWnbcNL%2BjOgIQDO9b%2FuiLGMNlDmc4XLkMc%2FkDM9A9NdAbkATAQxyTovbuGXB%2BkEcrauriXN9HPYW6ish6xTfyDwFWFobeuaOxgpfI%2BSkmTdtLDqf3p71Vbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8270fee428af9217-FRA
expires: Thu, 16 Nov 2023 20:08:58 GMT

GET 8212602.png
cdn-icons-png.flaticon.com/512/8212/ 0
0

GET metamask-rainbow.svg
refund.kinggrok.net/images/ 0
0

GET coinbase-rainbow.svg
refund.kinggrok.net/images/ 0
0

GET rainbow.svg
refund.kinggrok.net/images/ 0
0

GET trust-wallet-rainbow.svg
refund.kinggrok.net/images/ 0
0

GET wallet-connect-rainbow.svg
refund.kinggrok.net/images/ 0
0

GET digital-assets.svg
refund.kinggrok.net/images/ 0
0

GET new-way.svg
refund.kinggrok.net/images/ 0
0

GET getAllListings
explorer-api.walletconnect.com/w3m/v1/ 0
0

GET getInjectedListings
explorer-api.walletconnect.com/w3m/v1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-icons-png.flaticon.com
URL: https://cdn-icons-png.flaticon.com/512/8212/8212602.png

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/metamask-rainbow.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/coinbase-rainbow.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/rainbow.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/trust-wallet-rainbow.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/wallet-connect-rainbow.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/digital-assets.svg

Domain: refund.kinggrok.net
URL: https://refund.kinggrok.net/images/new-way.svg

Domain: explorer-api.walletconnect.com
URL: https://explorer-api.walletconnect.com/w3m/v1/getAllListings?projectId=0f115c77b1b2aeb7473ccd8421b0aa77&sdkType=w3m&sdkVersion=js-2.7.1&recommendedIds=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2C8a0ee50d1f22f6651afcae7eb4253e52a3310b90af5daef78a8c4929a9bb99d4%2Ce9ff15be73584489ca4a66f64d32c4537711797e30b6660dbcb71ea72a42b1f4

Domain: explorer-api.walletconnect.com
URL: https://explorer-api.walletconnect.com/w3m/v1/getInjectedListings?projectId=0f115c77b1b2aeb7473ccd8421b0aa77&sdkType=w3m&sdkVersion=js-2.7.1

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://refund.kinggrok.net/static/css/main.89c0e717.chunk.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.ens.domains
cdn-icons-png.flaticon.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
explorer-api.walletconnect.com
kinggrok.net
refund.kinggrok.net
cdn-icons-png.flaticon.com
explorer-api.walletconnect.com
refund.kinggrok.net
104.16.88.20
104.17.25.14
104.18.20.234
104.21.34.81
142.250.185.74
172.67.201.50
148ad40e7b3a5c9f86b0014338d45a4140478be0e0fec8746870eb675d0dd6ff
30cd4fbcd0675b74671362a7a915bd2e1b0ca18ef5798419bee4495161c6a867
50e4f9b7c1864c50761d729d6001bfac708c80457fa6fc41559a8ab1bd2573ff
56ee391037568f8f72a191635288afe7274cb7cb2439d1cdadc407be07b3925c
5e5298fcf1101e36b6983102174cc806e20fd5b4e3ac05d9db8280b4d159fd38
93330866d109f6b2e298748958ec6fa4010cacef586783f281a0b268cab7fc6e
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9d1cea9e6feaadf5ac6a244aaf06a50af96c5c355ecc20d94a9e05c10de8e505
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
da156e0af9d3886768231cc41ad99971364bb27a4c9e0c3e30671063a5adbd7b
f3bdeaea346b89723cd47eb6aa50963d6a3e2382878554b07c16e04e70154005
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

refund.kinggrok.net Open in urlscan Pro 172.67.201.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

57 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

6 IPs

2 Countries

2672 kBTransfer

6921 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

refund.kinggrok.net Open in urlscan Pro
172.67.201.50 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

57 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

2672 kB
Transfer

6921 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions