URL: http://royalclouds.xyz/
Submission: On January 20 via api from DE

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 25 HTTP transactions. The main IP is 185.107.80.7, located in Makkum, Netherlands and belongs to NFORCE, NL. The main domain is royalclouds.xyz.
This is the only time royalclouds.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.107.80.7 43350 (NFORCE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.222.155.123 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.222.155.193 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.155.132 16509 (AMAZON-02)
1 1 52.94.234.174 16509 (AMAZON-02)
1 13.226.106.62 16509 (AMAZON-02)
25 11
Domain Requested by
4 themelooks.us royalclouds.xyz
4 maps.googleapis.com royalclouds.xyz
maps.googleapis.com
3 fonts.gstatic.com royalclouds.xyz
3 amazingrdp.com royalclouds.xyz
2 widget.trustpilot.com royalclouds.xyz
widget.trustpilot.com
2 www.w3counter.com royalclouds.xyz
www.w3counter.com
2 fonts.googleapis.com royalclouds.xyz
ajax.googleapis.com
1 a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net royalclouds.xyz
1 cloudfront-labs.amazonaws.com 1 redirects
1 certify.alexametrics.com royalclouds.xyz
1 d31qbv1cthcecs.cloudfront.net royalclouds.xyz
1 ajax.googleapis.com royalclouds.xyz
1 royalclouds.xyz
25 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
amazingrdp.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-09-18 -
2020-09-17
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
certify.alexametrics.com
Amazon
2019-07-26 -
2020-08-26
a year crt.sh

This page contains 2 frames:

Primary Page: http://royalclouds.xyz/
Frame ID: 6ACCFC527F04187B3D56557240442F7E
Requests: 24 HTTP requests in this frame

Frame: http://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5a79af7f4c198200011249cb
Frame ID: 7E3009D33F553914E257253DC2F904DB
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i

Page Statistics

25
Requests

32 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

229 kB
Transfer

469 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://cloudfront-labs.amazonaws.com/x.png HTTP 302
  • http://a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net/test.png

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
royalclouds.xyz/
27 KB
27 KB
Document
General
Full URL
http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
185.107.80.7 Makkum, Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57ea0df27f94fe8adaa86f8d242f731168e6710731f1d493ca04ac2a850ca875

Request headers

Host
royalclouds.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:08:59 GMT
Server
Apache/2.2.15 (CentOS)
Last-Modified
Sat, 26 May 2018 04:10:21 GMT
ETag
"5a0101a-6a41-56d1410222540"
Accept-Ranges
bytes
Content-Length
27201
Connection
close
Content-Type
text/html; charset=UTF-8
b547d.css
amazingrdp.com/wp-content/cache/minify/
0
0
Stylesheet
General
Full URL
https://amazingrdp.com/wp-content/cache/minify/b547d.css
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

css
fonts.googleapis.com/
3 KB
958 B
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Raleway%3A700%2C300%2C500%2C800&ver=2.0
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
078c34f35d009e833ee2922b40612f843714cc5f98b3c08cbd9f4e703b29e483
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 23:09:57 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 20 Jan 2020 23:09:57 GMT
548e5.js
amazingrdp.com/wp-content/cache/minify/
0
0
Script
General
Full URL
https://amazingrdp.com/wp-content/cache/minify/548e5.js
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

js
maps.googleapis.com/maps/api/
116 KB
38 KB
Script
General
Full URL
http://maps.googleapis.com/maps/api/js?key=AIzaSyBK9f7sXWmqQ1E-ufRXV3VpXOn_ifKsDuc&ver=4.9.6
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
4a6561d7098cfba48e5a66d0b687706948014d110d9563b62553f7a10b52f1d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:57 GMT
Content-Encoding
gzip
Server
mafe
X-Frame-Options
SAMEORIGIN
Vary
Accept-Language
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1800
Server-Timing
gfet4t7; dur=15
Content-Length
38296
X-XSS-Protection
0
Expires
Mon, 20 Jan 2020 23:39:57 GMT
tracker.js
www.w3counter.com/
2 KB
881 B
Script
General
Full URL
https://www.w3counter.com/tracker.js?id=111533&wphead=true
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:75d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
43e0b6f2e1c42eb0a9a640f323e54253a395c8443bd1615c34461e0b63c4f51e

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 23:09:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
cf-ray
5584b8147e4363e9-FRA
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
20 KB
7 KB
Script
General
Full URL
http://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
52.222.155.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-123.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dda075b7bfc8dc6b8c0a9db068476118eba4cc6baea36c0d73e7df5ac216d58

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 11:46:21 GMT
Content-Encoding
gzip
Age
41016
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6477
Last-Modified
Fri, 10 Jan 2020 11:46:10 GMT
Server
AmazonS3
ETag
"ee530c0bf4fd9ac8746b7a79a4f929ca"
Content-Type
application/x-javascript
Via
1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
X-Amz-Cf-Pop
FRA53
Accept-Ranges
bytes
X-Amz-Cf-Id
8ZM6Vkp-5u4Zj6ndjC8xobwLFQ8MZs3yrq63P8EeQMJCatXNh2xvZQ==
01.png
themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/
4 KB
4 KB
Image
General
Full URL
http://themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/01.png
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:ac31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62fe870d0127fcd6eeccee46a7d65db554a4f3c3f00ec626de0e3a0df3dcf27

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 16 Nov 2016 06:46:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5584b8144ec1642b-FRA
Content-Length
4102
02.png
themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/
5 KB
5 KB
Image
General
Full URL
http://themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/02.png
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:ac31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c00708149ee5cb76eaa453f4a84216e0d4dde1a131524c1e8f629c5c281107

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 16 Nov 2016 06:46:01 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5584b8147efe649d-FRA
Content-Length
4635
03.png
themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/
4 KB
4 KB
Image
General
Full URL
http://themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/03.png
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:ac31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7081871b81f6ecb4f855855a6a2d381c7cd7f10c98b7ba49bc937b6f5a7bca

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 16 Nov 2016 06:45:59 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5584b81579d66479-FRA
Content-Length
3643
payment-methods.png
themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/
9 KB
9 KB
Image
General
Full URL
http://themelooks.us/demo/ecohosting/wordpress/wp-content/uploads/2016/11/payment-methods.png
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3031::681b:ac31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e677a944de624aacc9e55c9d62f69444fe41f7ee0b7c3def50b8215a0a5e86f

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 16 Nov 2016 06:45:41 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5584b81579d86479-FRA
Content-Length
8709
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.3/
17 KB
7 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 15 Jan 2020 00:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515321
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6791
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jan 2021 00:01:17 GMT
wp-emoji-release.min.js
amazingrdp.com/wp-includes/js/
0
0
Script
General
Full URL
https://amazingrdp.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.6
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

atrk.js
d31qbv1cthcecs.cloudfront.net/
4 KB
2 KB
Script
General
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.193 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-193.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 05 May 2019 01:24:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
22542325
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
X-Amz-Cf-Id
RRRupab7qvE8WtjIn1Esnh9lDsm7HuUCv_yRfUzguKLGoND1RvrLVA==
pv
www.w3counter.com/track/
0
127 B
Script
General
Full URL
https://www.w3counter.com/track/pv?id=111533&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&webpageName=Economy%20Botting%20Plans%20%E2%80%93%20AmazingRDP.com&ref=&url=http%3A%2F%2Froyalclouds.xyz%2F&width=1600&height=1200&rand=935
Requested by
Host: www.w3counter.com
URL: https://www.w3counter.com/tracker.js?id=111533&wphead=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:75d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 23:09:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.4.16
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
cf-ray
5584b8157edc63e9-FRA
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
13 KB
Font
General
Full URL
http://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Raleway%3A700%2C300%2C500%2C800&ver=2.0
Origin
http://royalclouds.xyz

Response headers

Date
Fri, 22 Nov 2019 03:55:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:47:42 GMT
Server
sffe
Age
5166872
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13228
X-XSS-Protection
0
Expires
Sat, 21 Nov 2020 03:55:26 GMT
1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
14 KB
Font
General
Full URL
http://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwN4rWqZPANqczVs.woff2
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Raleway%3A700%2C300%2C500%2C800&ver=2.0
Origin
http://royalclouds.xyz

Response headers

Date
Fri, 17 Jan 2020 12:38:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:47:47 GMT
Server
sffe
Age
297104
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13752
X-XSS-Protection
0
Expires
Sat, 16 Jan 2021 12:38:14 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame 7E30
0
0
Document
General
Full URL
http://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5a79af7f4c198200011249cb
Requested by
Host: widget.trustpilot.com
URL: http://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
HTTP/1.1
Server
52.222.155.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-123.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
widget.trustpilot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://royalclouds.xyz/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://royalclouds.xyz/

Response headers

Content-Type
text/html
Content-Length
1922
Connection
keep-alive
Date
Mon, 20 Jan 2020 23:09:59 GMT
Last-Modified
Thu, 09 Jan 2020 10:52:29 GMT
ETag
"0f33c997f4a775ba9f06ec605e0a832c"
x-amz-server-side-encryption
AES256
Cache-Control
max-age=86400
Content-Encoding
gzip
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
7u--qcIIjyT4p58WykFFhlOwwo2Y5qJoCRw0Wrvszwl2pOZKW3ln1Q==
css
fonts.googleapis.com/
781 B
862 B
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Raleway:400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.3/webfont.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc6f30c5639ff1c6ef434c0ad0fdf11ac2ee09b7e564e1fcd982ce1865cb7c3c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jan 2020 23:09:58 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 20 Jan 2020 23:09:58 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
13 KB
Font
General
Full URL
http://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Raleway:400
Origin
http://royalclouds.xyz

Response headers

Date
Mon, 13 Jan 2020 23:16:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:48:04 GMT
Server
sffe
Age
604380
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13428
X-XSS-Protection
0
Expires
Tue, 12 Jan 2021 23:16:58 GMT
atrk.gif
certify.alexametrics.com/
43 B
549 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Economy%20Botting%20Plans%20%E2%80%93%20AmazingRDP.com&time=1579561798087&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Froyalclouds.xyz%2F&random_number=10494630095&sess_cookie=a6917dd116fc53849c66ed2c7be&sess_cookie_flag=1&user_cookie=a6917dd116fc53849c66ed2c7be&user_cookie_flag=1&dynamic=true&domain=amazingrdp.com&account=DAEmp1IWh9107i&jsv=20130128&user_lang=en-US
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.155.132 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-155-132.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 10:35:43 GMT
Via
1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified
20110117123941
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
96771
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
ti91Se_7EC2T_2PS4tIpqpcMRHrNWskNwJ8DSZCrZt4Qhx0hc8_XDg==
test.png
a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net/
Redirect Chain
  • http://cloudfront-labs.amazonaws.com/x.png
  • http://a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net/test.png
58 B
58 B
Image
General
Full URL
http://a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net/test.png
Requested by
Host: royalclouds.xyz
URL: http://royalclouds.xyz/
Protocol
HTTP/1.1
Server
13.226.106.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-106-62.syd4.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 23:09:58 GMT
Via
1.1 0d562be6e5c984e9ac44705ecc8ac2a4.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
YbhkcjflWyCEUtxY3WmVhlM8kKHJJpV_NfNE3C9w2Ec5mZluel2aBA==
Expires
Mon, 20 Jan 2020 23:09:58 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Jan 2020 23:09:57 GMT
Server
Server
Content-Length
0
Location
http://a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net/test.png
common.js
maps.googleapis.com/maps-api-v3/api/js/39/6/
77 KB
28 KB
Script
General
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/39/6/common.js
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?key=AIzaSyBK9f7sXWmqQ1E-ufRXV3VpXOn_ifKsDuc&ver=4.9.6
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c10a596d20fa578d14d556530bf21e8c16e5e01312cf58e6164d9fd9a8dfead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 09 Jan 2020 18:59:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jan 2020 18:42:10 GMT
Server
sffe
Age
965449
Vary
Accept-Encoding, Origin
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
28654
X-XSS-Protection
0
Expires
Fri, 08 Jan 2021 18:59:13 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/39/6/
144 KB
53 KB
Script
General
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/39/6/util.js
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?key=AIzaSyBK9f7sXWmqQ1E-ufRXV3VpXOn_ifKsDuc&ver=4.9.6
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76ca8321b42e23d31c2d99c4905e5f8c89e98f5dacd996da85c1e97bcbe6db51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 01:13:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jan 2020 18:42:10 GMT
Server
sffe
Age
251812
Vary
Accept-Encoding, Origin
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
54359
X-XSS-Protection
0
Expires
Sun, 17 Jan 2021 01:13:10 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/
62 B
438 B
Script
General
Full URL
http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Froyalclouds.xyz%2F&4sAIzaSyBK9f7sXWmqQ1E-ufRXV3VpXOn_ifKsDuc&callback=_xdc_._itb9o2&key=AIzaSyBK9f7sXWmqQ1E-ufRXV3VpXOn_ifKsDuc&token=80371
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps-api-v3/api/js/39/6/common.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
e56b6b4335020cc18054b84186cc5fca05e6fce24197c4eb5f85e3f3feb42976
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://royalclouds.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Jan 2020 23:10:03 GMT
Content-Encoding
gzip
Server
mafe
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Content-Disposition
attachment
Server-Timing
gfet4t7; dur=10
Content-Length
63
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WebFontConfig object| _wpemojiSettings object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| _atrk_opts function| wsg_inject_script function| w3counter function| w3counter_conversion number| _w3counter object| Trustpilot object| webfont object| WebFont function| atrk boolean| _atrk_fired object| _xdc_

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a04e2ad890ad164196d8a1503220d9e71.profile.syd4-c2.cloudfront.net
ajax.googleapis.com
amazingrdp.com
certify.alexametrics.com
cloudfront-labs.amazonaws.com
d31qbv1cthcecs.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
royalclouds.xyz
themelooks.us
widget.trustpilot.com
www.w3counter.com
13.226.106.62
185.107.80.7
2606:4700:20::681a:75d
2606:4700:20::681a:ae5
2606:4700:3031::681b:ac31
2a00:1450:4001:806::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81c::2003
52.222.155.123
52.222.155.132
52.222.155.193
52.94.234.174
046fa5c62e3b17b46ea2f8c601465dacfd5c153aee7a71754a9be582de74a385
06c00708149ee5cb76eaa453f4a84216e0d4dde1a131524c1e8f629c5c281107
078c34f35d009e833ee2922b40612f843714cc5f98b3c08cbd9f4e703b29e483
36ef095d011c4ced97b0acef551ca36d76b95299518595dc1acab792a2344601
43e0b6f2e1c42eb0a9a640f323e54253a395c8443bd1615c34461e0b63c4f51e
4a6561d7098cfba48e5a66d0b687706948014d110d9563b62553f7a10b52f1d6
57ea0df27f94fe8adaa86f8d242f731168e6710731f1d493ca04ac2a850ca875
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5dda075b7bfc8dc6b8c0a9db068476118eba4cc6baea36c0d73e7df5ac216d58
76ca8321b42e23d31c2d99c4905e5f8c89e98f5dacd996da85c1e97bcbe6db51
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c10a596d20fa578d14d556530bf21e8c16e5e01312cf58e6164d9fd9a8dfead
8e677a944de624aacc9e55c9d62f69444fe41f7ee0b7c3def50b8215a0a5e86f
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
b62fe870d0127fcd6eeccee46a7d65db554a4f3c3f00ec626de0e3a0df3dcf27
bc7081871b81f6ecb4f855855a6a2d381c7cd7f10c98b7ba49bc937b6f5a7bca
dc6f30c5639ff1c6ef434c0ad0fdf11ac2ee09b7e564e1fcd982ce1865cb7c3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b6b4335020cc18054b84186cc5fca05e6fce24197c4eb5f85e3f3feb42976