my.royall.com Open in urlscan Pro
68.142.178.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://my.royall.com/
Effective URL:
https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Submission: On June 12 via manual (June 12th 2020, 1:52:18 pm UTC) from US

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 68.142.178.28, located in United States and belongs to ASN-VINS, US. The main domain is my.royall.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 21st 2020. Valid for: 2 years.

This is the only time my.royall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 14	68.142.178.28 68.142.178.28		13649 (ASN-VINS) (ASN-VINS)
2	2a00:1450:400... 2a00:1450:4001:801::2008		15169 (GOOGLE) (GOOGLE)
2	68.142.178.29 68.142.178.29		13649 (ASN-VINS) (ASN-VINS)
17	3

14 68.142.178.28 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

my.royall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.142.178.29 (United States)

ASN13649 (ASN-VINS, US)
PTR: app-info.net

api.qaxis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	royall.com 1 redirects my.royall.com	154 KB
2	qaxis.net api.qaxis.net	14 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
17	3

	Domain	Requested by
14	my.royall.com	1 redirects my.royall.com
2	api.qaxis.net	my.royall.com
2	ssl.google-analytics.com	my.royall.com
17	3

This site contains links to these domains. Also see Links.

Domain
www.eab.com

Subject Issuer	Validity	Valid
Sectigo RSA Organization Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
api.qaxis.net COMODO RSA Domain Validation Secure Server CA	`2018-10-09` - `2020-11-07`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Frame ID: DDB9EED7BF023541B79DD3B9410EA663
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://my.royall.com/ HTTP 302
https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

185 kB
Transfer

645 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eab.com/services/enrollment-services

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://my.royall.com/ HTTP 302
https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
my.royall.com/login/
Redirect Chain

https://my.royall.com/
https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27

4 KB
2 KB

169ms
169ms

Document
text/html

68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 330118136fbcdaecc3b0ffbf90c5fe0723486c52ebd45026b58efcf2812d76b6

Request headers

Host: my.royall.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CFID=7052; CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 12 Jun 2020 13:51:58 GMT
Content-Type: text/html; charset=windows-1252
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Vary: Accept-Encoding
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Expires: Tues, 13 Sep 2011 00:00:00 GMT
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 12 Jun 2020 13:51:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Set-Cookie: CFID=7052; expires=Sun, 10-Jun-29 13:51:58 GMT; path=/; HttpOnly CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27; expires=Sun, 10-Jun-29 13:51:58 GMT; path=/; HttpOnly
Location: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27

GET
H/1.1 200
OK style-rebrand.css
my.royall.com/assets/css/ 108 KB
19 KB 258ms
255ms Stylesheet
text/css 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/css/style-rebrand.css?v6.2.0
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 83f3fbdc11bbc7d9faa02294f2a337013fcd5e8c53d45556523e8d1a6f8cd996

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK fontawesome-all.min.css
my.royall.com/assets/css/ 40 KB
9 KB 406ms
147ms Stylesheet
text/css 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/css/fontawesome-all.min.css
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 7db9ef4796a20fde03f8500f0c56d9afd6591dcdc0502096ab240b298693baad

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
my.royall.com/assets/js/libs/ 92 KB
33 KB 525ms
249ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/js/libs/jquery-1.7.1.min.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK jquery-ui-1.8.13.min.js Show response
my.royall.com/assets/js/libs/ 204 KB
52 KB 538ms
256ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/js/libs/jquery-ui-1.8.13.min.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: d6981a2b93dec0dc076dd7dca7ccf62a2d2e56abdff29830e2bf647f06bf804a

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK modernizr-2.5.3.min.js Show response
my.royall.com/assets/js/libs/ 17 KB
7 KB 431ms
145ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/js/libs/modernizr-2.5.3.min.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: da16c6bea47d4553344bbcd427d6b178efdbfb1a6186b1bea136ac1921899da8

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK login.js Show response
my.royall.com/login/ 4 KB
4 KB 438ms
148ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/login/login.js?v=2
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: fbf038ca541965a8d4722bb61c7d2f39b04f8ec001be2ab934d4c71f7ee28b43

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3593

GET
H/1.1 200
OK plugins.js Show response
my.royall.com/assets/js/ 8 KB
2 KB 440ms
149ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/js/plugins.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 1522ce58b3435fab42ba0fda693f5727b6e32fda0ee508756f6e7eedf15faf58

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H/1.1 200
OK analytics.js Show response
my.royall.com/assets/js/ 580 B
827 B 548ms
142ms Script
application/x-javascript 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/js/analytics.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e03608125eaf423d2910d150ad6da9732577f21571d89a4d2fd181956a8b381

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 580

GET
H/1.1 200
OK print.css
my.royall.com/assets/css/ 1 KB
2 KB 139ms
138ms Stylesheet
text/css 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/css/print.css
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: 105ae385b8e5cc5f1d0a94347dfb364b15eefb496c9dfcc90d52f51c475e1fc4

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1449

GET
H/1.1 200
OK EAB-logo.svg
my.royall.com/assets/img/ 2 KB
2 KB 139ms
138ms Image
image/svg+xml 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.royall.com/assets/img/EAB-logo.svg?1541434539
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: f1a4a55ce5cde57cf4d915446855a2831aead930590fbe6ed6e64eb53be4bc16

Request headers

Referer: https://my.royall.com/assets/css/style-rebrand.css?v6.2.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2049

GET
H/1.1 200
OK wdgt_shadow_small.png
my.royall.com/assets/img/ 2 KB
2 KB 142ms
138ms Image
image/png 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.royall.com/assets/img/wdgt_shadow_small.png
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: e54ff3bfac92e665d141ac5192344a0b1b01ed42cc1bcf4836113a5d6dcfcdbc

Request headers

Referer: https://my.royall.com/assets/css/style-rebrand.css?v6.2.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2227

GET
H/1.1 200
OK style.css
my.royall.com/assets/css/ 104 KB
19 KB 258ms
257ms Stylesheet
text/css 68.142.178.28
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.royall.com/assets/css/style.css
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.28 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: nginx /
Resource Hash: f6f6a0aad11346ec57e45812886a5b431c30fea528c2cc66c459d249a160a678

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:51:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jun 2020 22:44:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 18ms
5ms Script
text/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: my.royall.com
URL: https://my.royall.com/assets/js/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5342
date: Fri, 12 Jun 2020 12:22:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 12 Jun 2020 14:22:57 GMT

GET
H/1.1 200
OK script.js Show response
api.qaxis.net/ 13 KB
13 KB 844ms
188ms Script
application/javascript 68.142.178.29
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.qaxis.net/script.js
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.29 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: app-info.net
Software: nginx /
Resource Hash: 06eaaf8cf37e991a3907b1b4addfbce7e26eb43241afc9c8cec22347e5b377ab

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 12 Jun 2020 13:52:00 GMT
Server: nginx
Content-Type: application/javascript; charset=ISO-8859-1
Access-Control-Allow-Origin: api.qaxis.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 13154

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
196 B 13ms
13ms Image
image/gif 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1890435727&utmhn=my.royall.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=My%20Royall%20-%20Login&utmhid=719134215&utmr=-&utmp=%2Flogin%2F%3FCFID%3D7052%26CFTOKEN%3DBD3AE523-A0A9-40B8-A0486CD77D81AF27&utmht=1591969919793&utmac=UA-31875822-1&utmcc=__utma%3D249548292.386303970.1591969920.1591969920.1591969920.1%3B%2B__utmz%3D249548292.1591969920.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=308346182&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jun 2020 13:51:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t.gif
api.qaxis.net/ 43 B
402 B 144ms
143ms Image
image/gif 68.142.178.29
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.qaxis.net/t.gif?j={cx:{},_chron:0,_bwr:{n:%22Netscape%22,v:%225.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML,%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22,p:%22Linux%20x86_64%22},_scn:{aw:1600,ah:1200,w:1600,h:1200,c:24,al:0,at:0,orientation:{},pt:false},_win:{url:%22https:%2F%2Fmy.royall.com%2Flogin%2F%3FCFID%3D7052%26CFTOKEN%3DBD3AE523-A0A9-40B8-A0486CD77D81AF27%22,origin:%22https:%2F%2Fmy.royall.com%22,https:true,hn:%22my.royall.com%22,pn:%22%2Flogin%2F%22,search:%22%3FCFID%3D7052%26CFTOKEN%3DBD3AE523-A0A9-40B8-A0486CD77D81AF27%22,fragmentDirective:{}},_doc:{_w:1600,_h:1200}}
Requested by: Host: my.royall.com
URL: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.142.178.29 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: app-info.net
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://my.royall.com/login/?CFID=7052&CFTOKEN=BD3AE523-A0A9-40B8-A0486CD77D81AF27
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 13:52:00 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| DP_jQuery_1591969919673 object| html5 object| Modernizr function| yepnope object| site object| _gaq object| _gat object| gaGlobal object| JSONQAXIS object| $qaxis

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.royall.com/	1970-01-19 10:12:51	Name: __utmb Value: 249548292.1.10.1591969920
			.royall.com/	1970-01-19 10:12:50	Name: __utmt Value: 1
			.royall.com/	1970-01-19 14:35:37	Name: __utmz Value: 249548292.1591969920.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
			.royall.com/	1969-12-31 23:59:59	Name: __utmc Value: 249548292
			.royall.com/	1970-01-20 03:44:01	Name: __utma Value: 249548292.386303970.1591969920.1591969920.1591969920.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.qaxis.net
my.royall.com
ssl.google-analytics.com
2a00:1450:4001:801::2008
68.142.178.28
68.142.178.29
06eaaf8cf37e991a3907b1b4addfbce7e26eb43241afc9c8cec22347e5b377ab
105ae385b8e5cc5f1d0a94347dfb364b15eefb496c9dfcc90d52f51c475e1fc4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1522ce58b3435fab42ba0fda693f5727b6e32fda0ee508756f6e7eedf15faf58
330118136fbcdaecc3b0ffbf90c5fe0723486c52ebd45026b58efcf2812d76b6
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
7db9ef4796a20fde03f8500f0c56d9afd6591dcdc0502096ab240b298693baad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f3fbdc11bbc7d9faa02294f2a337013fcd5e8c53d45556523e8d1a6f8cd996
9e03608125eaf423d2910d150ad6da9732577f21571d89a4d2fd181956a8b381
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d6981a2b93dec0dc076dd7dca7ccf62a2d2e56abdff29830e2bf647f06bf804a
da16c6bea47d4553344bbcd427d6b178efdbfb1a6186b1bea136ac1921899da8
e54ff3bfac92e665d141ac5192344a0b1b01ed42cc1bcf4836113a5d6dcfcdbc
f1a4a55ce5cde57cf4d915446855a2831aead930590fbe6ed6e64eb53be4bc16
f6f6a0aad11346ec57e45812886a5b431c30fea528c2cc66c459d249a160a678
fbf038ca541965a8d4722bb61c7d2f39b04f8ec001be2ab934d4c71f7ee28b43