www.royal-search.com

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 67.212.177.59, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop, Inc., US. The main domain is www.royal-search.com.

This is the only time www.royal-search.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	67.212.177.59 67.212.177.59	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop)
1	108.163.228.179 108.163.228.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop)
4	3

2 67.212.177.59 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: ba2-sh-us-dc2-004.babylon.com

www.royal-search.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.163.228.179 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: singhop0013.babylon.com

img.df-stream.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	royal-search.com www.royal-search.com	34 KB
1	df-stream.net img.df-stream.net	727 B
4	2

	Domain	Requested by
2	www.royal-search.com
1	img.df-stream.net	www.royal-search.com img.df-stream.net
4	2

This site contains links to these domains. Also see Links.

Domain
info.royal-search.com

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
Frame ID: 30557.1
Requests: 3 HTTP requests in this frame

Frame: http://img.df-stream.net/df/iframe_serp_4.1.html
Frame ID: 30557.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

35 kB
Transfer

36 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://info.royal-search.com/
Title: Über uns

Search URL Search Domain Scan URL

URL: http://info.royal-search.com/eula
Title: AGB

Search URL Search Domain Scan URL

URL: http://info.royal-search.com/uninstall/privacy
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://info.royal-search.com/advertise
Title: Werben

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.royal-search.com/ 29 KB
29 KB 553ms
315ms Document
text/html 67.212.177.59
SingleHop

General

Check archive.org

Show headers Download Go to

Full URL

http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0

Protocol

HTTP/1.1

Server

67.212.177.59 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US),

Reverse DNS

ba2-sh-us-dc2-004.babylon.com

Software

nginx/1.6.0 /

Resource Hash

969e521ed95d471f939bc4938ea3c997bb9e61da50177fcc09911a45b0a93690

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.royal-search.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Mon, 10 Apr 2017 22:21:18 GMT
Server: nginx/1.6.0
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html
Set-Cookie: visitorID=1491862877-2105581091; expires=Thu, 05-Apr-2018 22:21:17 GMT; path=/; domain=.royal-search.com bsearchCntry=DE; expires=Sat, 07-Oct-2017 22:21:17 GMT; path=/; domain=.royal-search.com
Connection: keep-alive
Keep-Alive: timeout=10
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK serp_4.1.js Show response
img.df-stream.net/df/ 2 KB
727 B 273ms
113ms Script
application/x-javascript 108.163.228.179
SingleHop

General

Check archive.org

Show headers Download Go to

Full URL: http://img.df-stream.net/df/serp_4.1.js
Requested by: Host: www.royal-search.com
URL: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
Protocol: HTTP/1.1
Server: 108.163.228.179 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US),
Reverse DNS: singhop0013.babylon.com
Software: server/aaaaa /
Resource Hash: 30a2c8fc2845301a012cecca2b935d36e2ecf2498dfb338d2d43c9aa03ac6226

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: img.df-stream.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Mon, 10 Apr 2017 22:21:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 19 Aug 2014 11:13:31 GMT
Server: server/aaaaa
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
Keep-Alive: timeout=30

GET iframe_serp_4.1.html
img.df-stream.net/df/ Frame 3055 0
0

GET
H/1.1 200
OK favicon.ico
www.royal-search.com/ 5 KB
5 KB 112ms
112ms Other
image/x-icon 67.212.177.59
SingleHop

General

Check archive.org

Show headers Download Go to

Full URL: http://www.royal-search.com/favicon.ico
Protocol: HTTP/1.1
Server: 67.212.177.59 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US),
Reverse DNS: ba2-sh-us-dc2-004.babylon.com
Software: nginx/1.6.0 /
Resource Hash: 641cd89529e3bd4723808443ea7aa10994413be0d4e15e63ae490949a9f160ae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.royal-search.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
Cookie: visitorID=1491862877-2105581091; bsearchCntry=DE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.royal-search.com/?q=paypal.com&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Mon, 10 Apr 2017 22:21:18 GMT
Last-Modified: Mon, 28 Nov 2016 13:56:48 GMT
Server: nginx/1.6.0
ETag: "583c37a0-1536"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 5430

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.df-stream.net
URL: http://img.df-stream.net/df/iframe_serp_4.1.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.royal-search.com/	2018-04-05 22:21:17	Name: visitorID Value: 1491862877-2105581091
			.royal-search.com/	2017-10-07 22:21:17	Name: bsearchCntry Value: DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.df-stream.net
www.royal-search.com
img.df-stream.net
108.163.228.179
67.212.177.59
30a2c8fc2845301a012cecca2b935d36e2ecf2498dfb338d2d43c9aa03ac6226
641cd89529e3bd4723808443ea7aa10994413be0d4e15e63ae490949a9f160ae
969e521ed95d471f939bc4938ea3c997bb9e61da50177fcc09911a45b0a93690

www.royal-search.com Open in urlscan Pro 67.212.177.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

35 kBTransfer

36 kBSize

2 Cookies

4 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.royal-search.com Open in urlscan Pro
67.212.177.59 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

35 kB
Transfer

36 kB
Size

2
Cookies

4 HTTP transactions
0 data transactions