vault.rlgsupport.com Open in urlscan Pro
185.101.28.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vault.rlgsupport.com/
Submission: On September 18 via automatic, source certstream-suspicious (September 18th 2020, 7:01:09 am UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.101.28.138, located in Nantes, France and belongs to ATSYS-ASN, FR. The main domain is vault.rlgsupport.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 18th 2020. Valid for: 3 months.

This is the only time vault.rlgsupport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
11	185.101.28.138 185.101.28.138		203901 (ATSYS-ASN) (ATSYS-ASN)
11	1

11 185.101.28.138 (Nantes, France)

ASN203901 (ATSYS-ASN, FR)
PTR: vault.rlgsupport.com

vault.rlgsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rlgsupport.com vault.rlgsupport.com	2 MB
11	1

	Domain	Requested by
11	vault.rlgsupport.com	vault.rlgsupport.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
vault.rlgsupport.com Let's Encrypt Authority X3	`2020-09-18` - `2020-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vault.rlgsupport.com/
Frame ID: 47886FDECBC67D641E680B4CB5164401
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1574 kB
Transfer

6238 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vault.rlgsupport.com/ 1 KB
1 KB 164ms
53ms Document
text/html 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

852b6060a342fdca69fdad70470595e2df8a52eddc3ae305e0ad90e56176da09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: vault.rlgsupport.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=15768000
Content-Type: text/html
Vary: Accept-Encoding
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
ETag: W/"1d64e41212635dd"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK main.44503f821bca8b2d0c85.css
vault.rlgsupport.com/app/ 278 KB
49 KB 48ms
47ms Stylesheet
text/css 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

5d9880725b0ee19ea2294c95184209d383d1a8990de1f77e0d874b2367c4197a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"1d64e4121226865"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: text/css
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK logo-dark@2x.png
vault.rlgsupport.com/images/ 10 KB
11 KB 121ms
55ms Image
image/png 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vault.rlgsupport.com/images/logo-dark@2x.png

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

d03e60482dcc74b2fe7602f12617b07a2817f8d71b691d3ff9608fe4fa8c25a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10380
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1d64e412126180c"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: image/png
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK polyfills.44503f821bca8b2d0c85.js Show response
vault.rlgsupport.com/app/ 137 KB
45 KB 122ms
62ms Script
application/javascript 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/app/polyfills.44503f821bca8b2d0c85.js

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

c39c9cfdee77b1e8dfa8b6c41aba7440c23b2b1bf14df1e607f956fc277037f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"1d64e41212413c4"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK vendor.44503f821bca8b2d0c85.js Show response
vault.rlgsupport.com/app/ 2 MB
840 KB 109ms
49ms Script
application/javascript 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/app/vendor.44503f821bca8b2d0c85.js

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

22bb1d9f30b0ad6054cdd82fd19bacd157c22cf57e9d48edca59b97e446775e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"1d64e41210073b2"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK main.44503f821bca8b2d0c85.js Show response
vault.rlgsupport.com/app/ 3 MB
408 KB 130ms
65ms Script
application/javascript 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.js

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

8e9cfbba1363129dd725235208a485ee2cb62a0585ac1662bbfa59db830c5534

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"1d64e4121161868"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK fontawesome-webfont.woff2
vault.rlgsupport.com/fonts/ 75 KB
76 KB 87ms
84ms Font
font/woff2 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/fonts/fontawesome-webfont.woff2

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://vault.rlgsupport.com
Referer: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 77160
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1d64e4121271de8"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: font/woff2
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK Open_Sans-normal-400.woff
vault.rlgsupport.com/fonts/ 54 KB
55 KB 42ms
39ms Font
application/font-woff 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/fonts/Open_Sans-normal-400.woff

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://vault.rlgsupport.com
Referer: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 55268
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1d64e412126e764"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/font-woff
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK messages.json Show response
vault.rlgsupport.com/locales/en/ 85 KB
19 KB 44ms
44ms Fetch
application/json 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/locales/en/messages.json?cache=ar3sy

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/app/polyfills.44503f821bca8b2d0c85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

a418515d6e026971c54122fceafc4b5a4753418d3f6c19f6ddc69c4f83d97bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"1d64e4121276302"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/json
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK logo-dark@2x.png
vault.rlgsupport.com/images/ 10 KB
11 KB 35ms
34ms Image
image/png 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vault.rlgsupport.com/images/logo-dark@2x.png

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/app/vendor.44503f821bca8b2d0c85.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

d03e60482dcc74b2fe7602f12617b07a2817f8d71b691d3ff9608fe4fa8c25a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vault.rlgsupport.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:55 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10380
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1d64e412126180c"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: image/png
Cache-Control: max-age=604800
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK Open_Sans-normal-600.woff
vault.rlgsupport.com/fonts/ 56 KB
57 KB 38ms
37ms Font
application/font-woff 185.101.28.138
ATSYS-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.rlgsupport.com/fonts/Open_Sans-normal-600.woff

Requested by

Host: vault.rlgsupport.com
URL: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.101.28.138 Nantes, France, ASN203901 (ATSYS-ASN, FR),

Reverse DNS

vault.rlgsupport.com

Software

nginx /

Resource Hash

9aedda6dc1f4b694308bdb972962044ab0c1f2a3929dead40c3f208168d98f5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://vault.rlgsupport.com
Referer: https://vault.rlgsupport.com/app/main.44503f821bca8b2d0c85.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 07:00:55 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 57632
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 29 Jun 2020 18:14:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "1d64e412126d1a0"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=15768000
Content-Type: application/font-woff
Cache-Control: max-age=1209600
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://.duosecurity.com; frame-src 'self' https://.duosecurity.com; connect-src 'self' wss://vault.rlgsupport.com https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

vault.rlgsupport.com
185.101.28.138
22bb1d9f30b0ad6054cdd82fd19bacd157c22cf57e9d48edca59b97e446775e1
2770b375eb18d7a74fbbd60a0f9a14214857770f35dac85ce9c5daf9353faf97
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
5d9880725b0ee19ea2294c95184209d383d1a8990de1f77e0d874b2367c4197a
852b6060a342fdca69fdad70470595e2df8a52eddc3ae305e0ad90e56176da09
8e9cfbba1363129dd725235208a485ee2cb62a0585ac1662bbfa59db830c5534
9aedda6dc1f4b694308bdb972962044ab0c1f2a3929dead40c3f208168d98f5a
a418515d6e026971c54122fceafc4b5a4753418d3f6c19f6ddc69c4f83d97bad
c39c9cfdee77b1e8dfa8b6c41aba7440c23b2b1bf14df1e607f956fc277037f0
d03e60482dcc74b2fe7602f12617b07a2817f8d71b691d3ff9608fe4fa8c25a3

vault.rlgsupport.com Open in urlscan Pro 185.101.28.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1574 kBTransfer

6238 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

vault.rlgsupport.com Open in urlscan Pro
185.101.28.138 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1574 kB
Transfer

6238 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions