Spoiler: Original text Back in 2023 or so, some developer effort was focused on having a client that could check for version and self-update. The game client had a wrapper added that checked for version/updates at https://cdn.royals.ms/info/mr. Unfortunately, this was implemented without "warming up" the domain. As you might imagine, a sudden influx of network activity phoning home to a really new domain (that at the time had nothing else on it) looks like textbook botnet command and control activity. Threat monitoring systems that also work on an endpoint level would've also seen these calls being made by an unsigned application leading to negative URL classification. This negative reputation was probably also compounded when the old mapleroyals.com was taken down through ICANN UDRP arbitration, and the game had to also move the website to this new domain - increasing traffic to an already suspicious new domain. This landed the royals.ms domain on reputation lists, which get aggregated into threat intelligence feeds that ISPs or their security SaaSes subscribe to. It is a good thing that ISPs have security offerings to protect their customers. The average user on the Internet is pretty stupid and easily compromised (ahem disabling windows defender for the mapleroyals folder), and ISPs don't want their customer networks to be used to launch attacks eating into their bandwidth. Unfortunately these lists and services all feed each other in a bad feedback loop, so once a domain ends up with negative reputation, it's pretty hard to get out of the hole. The fact that you're looking for help on this issue is a good example of this, even after 2-3 years royals.ms is still blocked in various networks. I believe (not 100% sure) the version check functionality was eventually removed in February 2025 due to an influx of players unable to start the game. Note that even if players were unable to access the website (or start the game due to the version check failing), running the game itself is not affected because the login and game servers are hardcoded into the client. Given how domains are blocked by these security services, there are 3 (eh, 3.5-ish) ways to "work around" them: 1. Use another ISP This is a good way to verify if your specific ISP is the one blocking the domain. Try using your hotspot, and since most people aren't subscribed to multiple ISPs at home, try going to another location like work, school, a cafe. If you ask for help in forum or Discord, someone helping you like @Dave Deviluke will first ask you to try this, alongside asking you for your country and ISP to surveil and identify patterns that may be emerging. If you can access royals.ms on another network, then you know it's your ISP blocking the domain. If you want to "fix" the situation and be able to access the website on your ISP: 2. Adjust ISP security service settings to either allow royals.ms or disable the service outright You are likely experiencing a block due to ISP security products with names like: AT&T ActiveArmor Bell Canada Guard (might be Plume/HomePass, so maybe Webroot) Bezeq Smart Net Orange Cybersecure SingTel Broadband Protect/Security Spectrum Security Shield (CUJO/Avira which uses BrightCloud?) Verizon Home Network Protection (McAfee GTI) Voda Secure Net Xfinity Advanced Security (Akamai SPS?) Use your ISP's provided controls (which could even be through a mobile app) to adjust the security service's settings. You will need to do some research. For example, when I search "xfinity advanced security settings" I find this support article which I can follow to disable the service: https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security If you have the ability to just "allow list" royals.ms, you should use that over disabling the service completely. If you are unable to adjust ISP security settings, you can change the way you interact with DNS to bypass your ISP's security service: 3. Change the DNS servers you use For this option, you can change the DNS servers you use to one that doesn't filter and block domains. You can either do so on the whole network (by changing router settings) or on your computer only. Note that if you change DNS settings within your computer, and you take this computer to other networks, it may affect your ability to log onto them especially if they use captive portals - you will need to revert this change to access those networks. First, decide which recursive DNS server provider you want to use. Examples include but are not limited to: Cloudflare: such as 1.1.1.1 Google: such as 8.8.8.8 If your ISP MITMs (intercepts) your traffic, and hijacks your DNS packets, this will not be a viable option. See 3.5 on how to change the way you connect to DNS servers to query them instead which also may be easier for you. 3a. Change the DNS servers you use on the whole network (by changing router settings) You can log into your router, or use your ISPs companion app, to change DNS settings that are issued to devices that connect to your network. Instructions vary from ISP and router device. If you are not familiar with home networking, this may be a difficult option, and you may wish to use option 3b or 3.5 instead. 3b. Change the DNS servers you use on your computer only Again, note that if you change DNS settings within your computer, and you take this computer to other networks, it may affect your ability to log onto them especially if they use captive portals - you will need to revert this change to access those networks. This video only covers IPv4, you may wish to also change IPv6: 3.5. Option 3b. but also: Change not just the DNS servers you use on your computer browser, but how you connect to them Again, note that if you change DNS settings within your computer, and you take this computer to other networks, it may affect your ability to log onto them especially if they use captive portals - you will need to revert this change to access those networks. This option utilizes "DNS over HTTPS" which encrypts your connection between you and the DoH provider. Your ISP will not be able to MITM this connection and hijack your DNS queries. Operating systems don't really support DoH beyond experimental projects. DoH is more prevalent within browsers, so while your computer itself will make unencrypted queries to whatever DNS servers are advertised by DHCP or configured in network settings, your browser will perform its own DNS queries. Cloudflare has instructions for configuring DoH for various browsers: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/encrypted-dns-browsers/ Most browsers will come with some pre-configured options, for example Chrome has the following pre-configured DoH options: CleanBrowsing Google Cloudflare OpenDNS NextDNS AI version edited by @Dave Deviluke: Summary: Why royals.ms may be blocked and how to work around it In 2023, a client update introduced a version-check system that contacted a new domain (cdn.royals.ms). Because this domain was new and suddenly received a large amount of automated traffic from an unsigned game client, it was flagged by security systems as suspicious. Around the same time, the old mapleroyals.com domain was taken down, which pushed even more traffic to the new domain and worsened its reputation. As a result, royals.ms ended up on threat reputation lists used by ISPs and security services. Once a domain is flagged this way, it can remain blocked for years due to shared threat intelligence feeds, even after the original cause is removed. Although the version check was likely removed in early 2025, the reputation issue persists on some networks. Importantly, game servers are not affected, since login and channel servers are hardcoded into the client. Only website access and launcher-related connections are impacted. Common workarounds 1. Test another network Try a mobile hotspot, workplace, school, or café. If the site works elsewhere, your ISP is likely blocking it. 2. Adjust or disable ISP security services Many ISPs run security filters (e.g. SingTel Broadband Protect, Xfinity Advanced Security, Verizon Home Network Protection, etc.). If possible, allowlist royals.ms. Disabling the service entirely also works but is less ideal. 3. Change DNS providers Switching to public DNS servers like: Cloudflare (1.1.1.1) Google (8.8.8.8) can bypass ISP filtering. This can be done at the router level or per device. 3.5 Use DNS over HTTPS (DoH) If your ISP intercepts DNS traffic, enabling DoH in your browser encrypts DNS queries so they cannot be filtered. Most modern browsers support this (Cloudflare, Google, OpenDNS, etc.). Bottom line This is a domain reputation / ISP filtering issue, not a server outage or client bug. Access varies by ISP, country, and security configuration, and workarounds involve changing networks, DNS, or ISP security settings.
