www.royalwinclub.com Open in urlscan Pro
212.47.208.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/VqjdWvHYNl
Effective URL:
https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Submission: On April 24 via manual (April 24th 2022, 2:52:48 am UTC) from CA — Scanned from CA

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 212.47.208.134, located in Estonia and belongs to CITIC CITIC Telecom CPC Netherlands B.V., NL. The main domain is www.royalwinclub.com.
TLS certificate: Issued by R3 on April 4th 2022. Valid for: 3 months.

This is the only time www.royalwinclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 1	216.117.148.17 216.117.148.17	10843 (AITNET) (AITNET)
1 1	2604:a880:800... 2604:a880:800:c1::14a:b001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	167.114.2.59 167.114.2.59	16276 (OVH) (OVH)
1 1	18.208.62.125 18.208.62.125	14618 (AMAZON-AES) (AMAZON-AES)
7	212.47.208.134 212.47.208.134	3327 (CITIC CIT...) (CITIC CITIC Telecom CPC Netherlands B.V.)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
15	5

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.117.148.17 (United States) 1 redirects

ASN10843 (AITNET, US)
PTR: mogador.narcose.uk.com

mogador.narcose.uk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:a880:800:c1::14a:b001 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

serve-sam.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.2.59 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: click2.geni.link

downhill-mtb.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.62.125 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-62-125.compute-1.amazonaws.com

cappens-dreperor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.47.208.134 (Estonia)

ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL)
PTR: cpe.radicenter.eu

www.royalwinclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	royalwinclub.com www.royalwinclub.com	1 MB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 271 fonts.googleapis.com — Cisco Umbrella Rank: 39	34 KB
3	gstatic.com fonts.gstatic.com	92 KB
1	cappens-dreperor.com 1 redirects cappens-dreperor.com	580 B
1	downhill-mtb.eu 1 redirects downhill-mtb.eu	208 B
1	serve-sam.be 1 redirects serve-sam.be	316 B
1	uk.com 1 redirects mogador.narcose.uk.com	383 B
1	t.co t.co — Cisco Umbrella Rank: 486	796 B
15	8

	Domain	Requested by
7	www.royalwinclub.com	t.co www.royalwinclub.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.royalwinclub.com
1	ajax.googleapis.com	www.royalwinclub.com
1	cappens-dreperor.com	1 redirects
1	downhill-mtb.eu	1 redirects
1	serve-sam.be	1 redirects
1	mogador.narcose.uk.com	1 redirects
1	t.co
15	9

This site contains links to these domains. Also see Links.

Domain
royalwinclub.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
royalwinclub.com R3	`2022-04-04` - `2022-07-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Frame ID: D8ED9A14054FD25AA00E20394C6D2DC0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RoyalWinClub

Page URL History Show full URLs

https://t.co/VqjdWvHYNl Page URL
http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFh... HTTP 302
http://serve-sam.be/0PxgIRRefE2Xt5&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN1XO314XW0XP0XL0XU0XT1X&s4=-1&... HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=11242&aff_id=3990&aff_sub=2407&aff_sub2=DONY1-1207241&aff_sub... HTTP 302
https://cappens-dreperor.com/974e7b66-b498-4c43-b822-47d9cf8ffe4a?click_id=DONY1-1207241 HTTP 302
https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

5
IPs

3
Countries

1262 kB
Transfer

1348 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://royalwinclub.com/Documents/RoyalWinClub_Privacy_Policy.pdf
Title: privacy

Search URL Search Domain Scan URL

URL: https://royalwinclub.com/Documents/RoyalWinClub_Terms_and_Conditions.pdf
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/VqjdWvHYNl Page URL
http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFhOMVhPMzE0WFcwWFAwWEwwWFUwWFQxWA== HTTP 302
http://serve-sam.be/0PxgIRRefE2Xt5&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN1XO314XW0XP0XL0XU0XT1X&s4=-1&s5=0 HTTP 302
https://downhill-mtb.eu/aff_c?offer_id=11242&aff_id=3990&aff_sub=2407&aff_sub2=DONY1-1207241&aff_sub3=24&aff_sub4=1&r__h=915ef HTTP 302
https://cappens-dreperor.com/974e7b66-b498-4c43-b822-47d9cf8ffe4a?click_id=DONY1-1207241 HTTP 302
https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VqjdWvHYNl
t.co/ 613 B
796 B 150ms
63ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/VqjdWvHYNl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 302
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 24 Apr 2022 02:52:36 GMT
expires: Sun, 24 Apr 2022 02:57:37 GMT
referrer-policy: unsafe-url
server: tsa_b
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 440f3474c0904d1297b4f22520c3382ce9a672b90a8f4ca6125cb61c9000b525
x-response-time: 16
x-xss-protection: 0

GET
H2

200

Primary Request RWCPB-GNA-50FS-CA-001 Show response
www.royalwinclub.com/Dark/
Redirect Chain

http://mogador.narcose.uk.com/app/wrap/YXBwL3JlZGlyZWN0aW9uL3dyYXAucGhwP3RyYWNrPUExWEMtMVhSMlhNMVhTNFhWMFhOMVhPMzE0WFcwWFAwWEwwWFUwWFQxWA==
http://serve-sam.be/0PxgIRRefE2Xt5&s1=&s2=2&s3=A1XC-1XR2XM1XS4XV0XN1XO314XW0XP0XL0XU0XT1X&s4=-1&s5=0
https://downhill-mtb.eu/aff_c?offer_id=11242&aff_id=3990&aff_sub=2407&aff_sub2=DONY1-1207241&aff_sub3=24&aff_sub4=1&r__h=915ef
https://cappens-dreperor.com/974e7b66-b498-4c43-b822-47d9cf8ffe4a?click_id=DONY1-1207241
https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu

9 KB
3 KB

612ms
127ms

Document
text/html

212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Requested by: Host: t.co
URL: https://t.co/VqjdWvHYNl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: 06ebb94d492cf0a1ce95bddf898f6f5323224e3a79a64aefb3281da1b641ae44

Request headers

Referer: https://t.co/VqjdWvHYNl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-length: 2956
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 02:52:38 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sun, 24 Apr 2022 02:52:38 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
pragma: no-cache
server: nginx

GET
H2 200 style2020.css
www.royalwinclub.com/Dark/ 7 KB
2 KB 362ms
362ms Stylesheet
text/css 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.royalwinclub.com/Dark/style2020.css
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: 62be1362df3648f7cdcc4774c58c2b5bb42af8b71915bbeae110066ab6f19045

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 10:17:57 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 2020

GET
H2 200 logo_03.png
www.royalwinclub.com/Dark/img/ 34 KB
35 KB 123ms
123ms Image
image/png 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.royalwinclub.com/Dark/img/logo_03.png
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: 76f9238e8f2c14e89039d0f9fee4a33bf88dd4c924e0a3596c8af3209022e0c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
last-modified: Wed, 12 Jul 2017 08:30:06 GMT
server: Apache
accept-ranges: bytes
content-length: 35175
content-type: image/png

GET
H2 200 1_03.png
www.royalwinclub.com/Dark/img/ 7 KB
7 KB 363ms
362ms Image
image/png 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.royalwinclub.com/Dark/img/1_03.png
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: cad7699e6bcdd6bfce9160d4d878f04fcffd25187d6934bc69c428f9f419fcc0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
last-modified: Wed, 12 Jul 2017 08:30:05 GMT
server: Apache
accept-ranges: bytes
content-length: 7226
content-type: image/png

GET
H2 200 2_03.png
www.royalwinclub.com/Dark/img/ 7 KB
7 KB 362ms
362ms Image
image/png 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.royalwinclub.com/Dark/img/2_03.png
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: 624d6dbf3494d5aee6dbd19dcb2cbd3f0617eb2a9f7f74b02d60ca267a7657d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
last-modified: Wed, 12 Jul 2017 08:30:06 GMT
server: Apache
accept-ranges: bytes
content-length: 7603
content-type: image/png

GET
H2 200 3_03.png
www.royalwinclub.com/Dark/img/ 7 KB
8 KB 361ms
361ms Image
image/png 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.royalwinclub.com/Dark/img/3_03.png
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: 4ede7e11e7f0ef060549ed242135483ca549106fda94f804e7ebcb95b630f731

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
last-modified: Wed, 12 Jul 2017 08:30:06 GMT
server: Apache
accept-ranges: bytes
content-length: 7634
content-type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 84ms
19ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/RWCPB-GNA-50FS-CA-001?snippet=GNA_CA_RWC&cid=w550ok0rsfdti2mf2kiutfbu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 00:34:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1003 B 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,500,600,700,800

Requested by

Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/style2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32827f3b59ec2f8f6eecc44c56951d94ac347a750bde8c5c42d4da927dac9e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 02:52:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 02:52:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 02:52:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
782 B 84ms
36ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/style2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b63f1d1ecf7ffbcd8030947ec3184aed0b770bbf8627bd2a586524321fa1c342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 01:55:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 02:52:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 02:52:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 82ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,700

Requested by

Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/style2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d669802adf1cb3b8210ed01ed9d83e6b43d6fed8fa6716aaba241ccc0669b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 02:28:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 02:52:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 02:52:39 GMT

GET
H2 200 background.png
www.royalwinclub.com/Dark/img/ 1 MB
1 MB 122ms
122ms Image
image/png 212.47.208.134
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.royalwinclub.com/Dark/img/background.png
Requested by: Host: www.royalwinclub.com
URL: https://www.royalwinclub.com/Dark/style2020.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.47.208.134 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS: cpe.radicenter.eu
Software: Apache /
Resource Hash: a085e8ac9f15f726682d82cdbabb199ad4dd5ccd2e36218b2b05bc48fae13090

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.royalwinclub.com/Dark/style2020.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 02:52:38 GMT
last-modified: Mon, 13 Nov 2017 11:14:18 GMT
server: Apache
accept-ranges: bytes
content-length: 1092236
content-type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.royalwinclub.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:59 GMT
x-content-type-options: nosniff
age: 360400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:59 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 85ms
41ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:100,200,300,400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.royalwinclub.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:51:20 GMT
x-content-type-options: nosniff
age: 194479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23724
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:51:20 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v47/ 25 KB
25 KB 95ms
51ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.royalwinclub.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 22:18:20 GMT
x-content-type-options: nosniff
age: 275659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25384
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 22:18:20 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 20:04:00	Name: muc Value: 2a95e085-987a-4f94-9a3f-d5c42e425943
.t.co/	1970-01-20 20:04:00	Name: muc_ads Value: 2a95e085-987a-4f94-9a3f-d5c42e425943
.cappens-dreperor.com/	1970-01-20 02:34:15	Name: 974e7b66-b498-4c43-b822-47d9cf8ffe4a-v4 Value: XdtarT_v7sZVl595TRYa_iJbePMwA2BcMQydXrrBWjg
.cappens-dreperor.com/	1970-01-20 11:18:24	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w550ok0rsfdti2mf2kiutfbu%22%2C%22caid%22%3A%22974e7b66-b498-4c43-b822-47d9cf8ffe4a%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/VqjdWvHYNl Message: Unrecognized Content-Security-Policy directive 'referrer'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cappens-dreperor.com
downhill-mtb.eu
fonts.googleapis.com
fonts.gstatic.com
mogador.narcose.uk.com
serve-sam.be
t.co
www.royalwinclub.com
104.244.42.133
167.114.2.59
18.208.62.125
212.47.208.134
216.117.148.17
2604:a880:800:c1::14a:b001
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::200a
2607:f8b0:4006:824::2003
06ebb94d492cf0a1ce95bddf898f6f5323224e3a79a64aefb3281da1b641ae44
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1d669802adf1cb3b8210ed01ed9d83e6b43d6fed8fa6716aaba241ccc0669b2b
32827f3b59ec2f8f6eecc44c56951d94ac347a750bde8c5c42d4da927dac9e28
4ede7e11e7f0ef060549ed242135483ca549106fda94f804e7ebcb95b630f731
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
624d6dbf3494d5aee6dbd19dcb2cbd3f0617eb2a9f7f74b02d60ca267a7657d1
62be1362df3648f7cdcc4774c58c2b5bb42af8b71915bbeae110066ab6f19045
63e0f1d4d244fa557ae96c648168b0620a4f5ad3dbb653fc979a1b3ea0000699
76f9238e8f2c14e89039d0f9fee4a33bf88dd4c924e0a3596c8af3209022e0c5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
a085e8ac9f15f726682d82cdbabb199ad4dd5ccd2e36218b2b05bc48fae13090
b63f1d1ecf7ffbcd8030947ec3184aed0b770bbf8627bd2a586524321fa1c342
cad7699e6bcdd6bfce9160d4d878f04fcffd25187d6934bc69c428f9f419fcc0

www.royalwinclub.com Open in urlscan Pro 212.47.208.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

5 IPs

3 Countries

1262 kBTransfer

1348 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

www.royalwinclub.com Open in urlscan Pro
212.47.208.134 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

5
IPs

3
Countries

1262 kB
Transfer

1348 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions