urlscan.io logo urlscan.io
SecurityTrails logo

www.topnetgo.com Open in urlscan Pro
82.221.129.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://avoirunenfantdifferent.capitalsuites.org/
Effective URL: https://www.topnetgo.com/sq.php?tk=black127_1
Submission: On May 04 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 82.221.129.44, located in Iceland and belongs to THORDC-AS, IS. The main domain is www.topnetgo.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 30th 2020. Valid for: 3 months.
This is the only time www.topnetgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 111.90.156.83 201133 (VERDINA)
11 82.221.129.44 50613 (THORDC-AS)
1 2 54.76.48.183 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 5
7    111.90.156.83 (Malaysia)

ASN201133 (VERDINA, BZ)
avoirunenfantdifferent.capitalsuites.org
www.capitalsuites.org
11    82.221.129.44 (Iceland)

ASN50613 (THORDC-AS, IS)
PTR: esja.orangewebsite.com
www.topnetgo.com
2    54.76.48.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-48-183.eu-west-1.compute.amazonaws.com
logv2.xiti.com
2    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
11 www.topnetgo.com www.topnetgo.com
6 www.capitalsuites.org www.topnetgo.com
2 fonts.gstatic.com www.topnetgo.com
2 fonts.googleapis.com www.topnetgo.com
2 logv2.xiti.com 1 redirects www.topnetgo.com
1 avoirunenfantdifferent.capitalsuites.org 1 redirects
22 6

This site contains no links.

Subject Issuer Validity Valid
mail.topnetgo.com
Let's Encrypt Authority X3		 2020-04-30 -
2020-07-29		 3 months crt.sh
capitalsuites.org
cPanel, Inc. Certification Authority		 2020-03-03 -
2020-06-01		 3 months crt.sh
*.xiti.com
Thawte RSA CA 2018		 2020-02-27 -
2022-05-22		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.topnetgo.com/sq.php?tk=black127_1
Frame ID: D848E74322B0EE977981D693093CC6D6
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://avoirunenfantdifferent.capitalsuites.org/ HTTP 301
    https://www.topnetgo.com/enfant.php?tk=black127_1 Page URL
  2. https://www.topnetgo.com/sq.php?tk=black127_1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:Start|End) Open Web Analytics Tracker -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

262 kB
Transfer

563 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://avoirunenfantdifferent.capitalsuites.org/ HTTP 301
    https://www.topnetgo.com/enfant.php?tk=black127_1 Page URL
  2. https://www.topnetgo.com/sq.php?tk=black127_1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://avoirunenfantdifferent.capitalsuites.org/ HTTP 301
  • https://www.topnetgo.com/enfant.php?tk=black127_1
Request Chain 3
  • https://logv2.xiti.com/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref= HTTP 302
  • https://logv2.xiti.com/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref=&Rdt=On

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
enfant.php
www.topnetgo.com/
Redirect Chain
  • https://avoirunenfantdifferent.capitalsuites.org/
  • https://www.topnetgo.com/enfant.php?tk=black127_1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
0b2fea6938e5cc89cd92c63aeb03ec74d844f7069ccd3739676880ae8fbea39c

Request headers

:method
GET
:authority
www.topnetgo.com
:scheme
https
:path
/enfant.php?tk=black127_1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-type
text/html; charset=ISO-8859-1
content-length
1023
content-encoding
br
vary
Accept-Encoding
date
Mon, 04 May 2020 09:45:51 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000

Redirect headers

status
301
x-powered-by
PHP/7.2.30
cache-control
no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://www.topnetgo.com/enfant.php?tk=black127_1
content-type
text/html; charset=Off
content-length
0
date
Mon, 04 May 2020 09:45:51 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-24=":443"; ma=2592000, h3-25=":443"; ma=2592000
load.gif
www.topnetgo.com/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.topnetgo.com/img/load.gif
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
c83f260308e1f3be76491435bb375c0488800585c56060666c68cff584587b90

Request headers

Referer
https://www.topnetgo.com/enfant.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:51 GMT
last-modified
Wed, 06 Nov 2019 19:08:31 GMT
server
LiteSpeed
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12548
expires
Mon, 11 May 2020 09:45:51 GMT
owa.tracker-combined-min.js
www.capitalsuites.org/analytics/modules/base/js/ 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capitalsuites.org/analytics/modules/base/js/owa.tracker-combined-min.js
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
806428c8f94a67063a3db0f49df6c0253dba21f3ce8465aea31ae49e60e92dab

Request headers

Referer
https://www.topnetgo.com/enfant.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:51 GMT
content-encoding
br
last-modified
Fri, 22 Nov 2019 19:32:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-24=":443"; ma=2592000, h3-25=":443"; ma=2592000
content-length
20380
g.xiti
logv2.xiti.com/
Redirect Chain
  • https://logv2.xiti.com/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref=
  • https://logv2.xiti.com/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref=&Rdt=On
832 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logv2.xiti.com/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref=&Rdt=On
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.48.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-48-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8e9a1377f9a42761ecd2c4b40830c554105e94d074090b1e381e562b240feb89
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://www.topnetgo.com/enfant.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 04 May 2020 09:45:52 GMT
content-length
832
strict-transport-security
max-age=3600
content-type
image/gif

Redirect headers

status
302
date
Mon, 04 May 2020 09:45:52 GMT
content-type
text/html; charset=utf-8
location
/g.xiti?s=607664&p=enfant&hl=11x45x52&r=1600x1200x24x24&ref=&Rdt=On
content-length
110
strict-transport-security
max-age=3600
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
log.php
www.capitalsuites.org/analytics/ 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capitalsuites.org/analytics/log.php?owa_timestamp=1588585553&owa_event_type=base.page_request&owa_is_new_visitor=true&owa_visitor_id=1588585553912093717&owa_fsts=1588585553&owa_dsfs=0&owa_last_req=&owa_session_id=1588585553590351322&owa_is_new_session=true&owa_nps=1&owa_dsps=0&owa_medium=direct&owa_source=%28none%29&owa_search_terms=%28none%29&owa_session_referer=%28none%29&owa_page_url=https%3A%2F%2Fwww.topnetgo.com%2Fenfant.php%3Ftk%3Dblack127_1&owa_HTTP_REFERER=&owa_page_title=&owa_site_id=192c631cf12583ce69e9efc166540f37&
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed / PHP/7.2.30
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
https://www.topnetgo.com/enfant.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 09:45:51 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.2.30
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Wed, 11 Jan 2000 12:59:00 GMT
log.php
www.capitalsuites.org/analytics/ 		42 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capitalsuites.org/analytics/log.php?owa_timestamp=1588585553&owa_event_type=track.action&owa_site_id=192c631cf12583ce69e9efc166540f37&owa_page_url=https%3A%2F%2Fwww.topnetgo.com%2Fenfant.php%3Ftk%3Dblack127_1&owa_action_group=enfant&owa_action_name=black127&owa_action_label=1&owa_numeric_value=undefined&owa_is_new_visitor=true&owa_visitor_id=1588585553912093717&owa_fsts=1588585553&owa_dsfs=0&owa_last_req=&owa_session_id=1588585553590351322&owa_is_new_session=true&owa_nps=1&owa_dsps=0&owa_medium=direct&owa_source=%28none%29&owa_search_terms=%28none%29&owa_session_referer=%28none%29&owa_HTTP_REFERER=&owa_page_title=&
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/enfant.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed / PHP/7.2.30
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
https://www.topnetgo.com/enfant.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 09:45:51 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.2.30
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Wed, 11 Jan 2000 12:59:00 GMT
Primary Request sq.php
www.topnetgo.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
352cc5e10d26704dead6d76146f6373947861e038684b54ff30a14c8c2c94d87

Request headers

:method
GET
:authority
www.topnetgo.com
:scheme
https
:path
/sq.php?tk=black127_1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.topnetgo.com/enfant.php?tk=black127_1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
owa_v=cdh%3D%3E95c1447c%7C%7C%7Cvid%3D%3E1588585553912093717%7C%7C%7Cfsts%3D%3E1588585553%7C%7C%7Cdsfs%3D%3E0%7C%7C%7Cnps%3D%3E1; owa_s=cdh%3D%3E95c1447c%7C%7C%7Clast_req%3D%3E1588585553%7C%7C%7Csid%3D%3E1588585553590351322%7C%7C%7Cdsps%3D%3E0%7C%7C%7Creferer%3D%3E%28none%29%7C%7C%7Cmedium%3D%3Edirect%7C%7C%7Csource%3D%3E%28none%29%7C%7C%7Csearch_terms%3D%3E%28none%29
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.topnetgo.com/enfant.php?tk=black127_1

Response headers

status
200
cache-control
no-cache, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-type
text/html; charset=ISO-8859-1
content-length
2281
content-encoding
br
vary
Accept-Encoding
date
Mon, 04 May 2020 09:45:52 GMT
server
LiteSpeed
style-sq.css
www.topnetgo.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/css/style-sq.css
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
10c406ce6e2f9e6a82dc13c8a70ff7329e1374621eac3ba627fea5e990f4dd69

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Sun, 24 Nov 2019 20:11:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css; charset=windows-1252
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1187
expires
Mon, 11 May 2020 09:45:53 GMT
bootstrap.min.css
www.topnetgo.com/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/css/bootstrap.min.css
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 19:34:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css; charset=windows-1252
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18134
expires
Mon, 11 May 2020 09:45:53 GMT
font-awesome.min.css
www.topnetgo.com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/css/font-awesome.min.css
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=ISO-8859-1
status
404
cache-control
no-cache, must-revalidate
content-length
2282
expires
Sat, 26 Jul 1997 05:00:00 GMT
cover-list-p.jpg
www.topnetgo.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.topnetgo.com/img/cover-list-p.jpg
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
814ea9e8c40e77866b9a58efbe800108a7d8d6894550ae7cf928a15bddfc5add

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
last-modified
Sun, 24 Nov 2019 20:15:50 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14956
expires
Mon, 11 May 2020 09:45:53 GMT
jquery-3.2.1.min.js
www.topnetgo.com/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/js/jquery-3.2.1.min.js
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
3eadd0ad67e81ab53307b63f8ff5ea779a00eeb653882efdecb6cf380c9b29a3

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Fri, 02 Aug 2019 14:22:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29575
expires
Mon, 11 May 2020 09:45:53 GMT
bootstrap.min-sq.js
www.topnetgo.com/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/js/bootstrap.min-sq.js
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Sat, 19 Oct 2019 13:21:27 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9526
expires
Mon, 11 May 2020 09:45:53 GMT
jquery.exit-modal.js
www.topnetgo.com/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topnetgo.com/js/jquery.exit-modal.js
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
0467c7f9a2894f33a20a0fbd3c72f2b81d3b7db448e1eb7e76435a0f29f329d1

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Tue, 15 Oct 2019 18:04:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1017
expires
Mon, 11 May 2020 09:45:53 GMT
css
fonts.googleapis.com/ 		811 B
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
459d42936208b68b896f3a080deebab3aff9d449324c82a536fdc9473c06e456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 May 2020 09:45:53 GMT
server
ESF
date
Mon, 04 May 2020 09:45:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 May 2020 09:45:53 GMT
css
fonts.googleapis.com/ 		2 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu&display=swap
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
767f465ce2cd75969f101b1333638f68a9c9399a6804cbcfb051ff3c66c3e09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 May 2020 09:45:53 GMT
server
ESF
date
Mon, 04 May 2020 09:45:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 May 2020 09:45:53 GMT
fondsq.jpg
www.topnetgo.com/img/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.topnetgo.com/img/fondsq.jpg
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.221.129.44 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
esja.orangewebsite.com
Software
LiteSpeed /
Resource Hash
155009d018714f55bdab00b5ca15df469466107e06ddf4912a302e24b5868b93

Request headers

Referer
https://www.topnetgo.com/css/style-sq.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
last-modified
Sun, 24 Nov 2019 19:56:40 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
105853
expires
Mon, 11 May 2020 09:45:53 GMT
owa.tracker-combined-min.js
www.capitalsuites.org/analytics/modules/base/js/ 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.capitalsuites.org/analytics/modules/base/js/owa.tracker-combined-min.js
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed /
Resource Hash
806428c8f94a67063a3db0f49df6c0253dba21f3ce8465aea31ae49e60e92dab

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 09:45:53 GMT
content-encoding
br
last-modified
Fri, 22 Nov 2019 19:32:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
20380
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu&display=swap
Origin
https://www.topnetgo.com

Response headers

date
Mon, 27 Apr 2020 23:16:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:45 GMT
server
sffe
age
556162
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Tue, 27 Apr 2021 23:16:32 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato&display=swap
Origin
https://www.topnetgo.com

Response headers

date
Sat, 04 Apr 2020 10:25:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
2589622
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Sun, 04 Apr 2021 10:25:32 GMT
log.php
www.capitalsuites.org/analytics/ 		42 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capitalsuites.org/analytics/log.php?owa_timestamp=1588585554&owa_event_type=base.page_request&owa_visitor_id=1588585553912093717&owa_fsts=1588585553&owa_dsfs=0&owa_last_req=1588585553&owa_session_id=1588585553590351322&owa_nps=1&owa_dsps=0&owa_medium=direct&owa_source=%28none%29&owa_search_terms=%28none%29&owa_session_referer=%28none%29&owa_page_url=https%3A%2F%2Fwww.topnetgo.com%2Fsq.php%3Ftk%3Dblack127_1&owa_HTTP_REFERER=https%3A%2F%2Fwww.topnetgo.com%2Fenfant.php%3Ftk%3Dblack127_1&owa_page_title=Cr%C3%A9ez-vous+un+second+revenu+%C3%A0+domicile&owa_site_id=192c631cf12583ce69e9efc166540f37&
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed / PHP/7.2.30
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 09:45:53 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.2.30
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Wed, 11 Jan 2000 12:59:00 GMT
log.php
www.capitalsuites.org/analytics/ 		42 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.capitalsuites.org/analytics/log.php?owa_timestamp=1588585554&owa_event_type=track.action&owa_site_id=192c631cf12583ce69e9efc166540f37&owa_page_url=https%3A%2F%2Fwww.topnetgo.com%2Fsq.php%3Ftk%3Dblack127_1&owa_action_group=Marketing&owa_action_name=black127&owa_action_label=1&owa_numeric_value=undefined&owa_visitor_id=1588585553912093717&owa_fsts=1588585553&owa_dsfs=0&owa_last_req=1588585553&owa_session_id=1588585553590351322&owa_nps=1&owa_dsps=0&owa_medium=direct&owa_source=%28none%29&owa_search_terms=%28none%29&owa_session_referer=%28none%29&owa_HTTP_REFERER=https%3A%2F%2Fwww.topnetgo.com%2Fenfant.php%3Ftk%3Dblack127_1&owa_page_title=Cr%C3%A9ez-vous+un+second+revenu+%C3%A0+domicile&
Requested by
Host: www.topnetgo.com
URL: https://www.topnetgo.com/sq.php?tk=black127_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.156.83 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
Software
LiteSpeed / PHP/7.2.30
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Request headers

Referer
https://www.topnetgo.com/sq.php?tk=black127_1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 09:45:53 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.2.30
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Wed, 11 Jan 2000 12:59:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| owa_baseUrl object| owa_cmds function| $ function| jQuery object| OWA object| LazyLoad object| OWATracker

2 Cookies

Domain/Path Name / Value
.topnetgo.com/ Name: owa_s
Value: cdh%3D%3E95c1447c%7C%7C%7Clast_req%3D%3E1588585554%7C%7C%7Csid%3D%3E1588585553590351322%7C%7C%7Cdsps%3D%3E0%7C%7C%7Creferer%3D%3E%28none%29%7C%7C%7Cmedium%3D%3Edirect%7C%7C%7Csource%3D%3E%28none%29%7C%7C%7Csearch_terms%3D%3E%28none%29
.topnetgo.com/ Name: owa_v
Value: cdh%3D%3E95c1447c%7C%7C%7Cvid%3D%3E1588585553912093717%7C%7C%7Cfsts%3D%3E1588585553%7C%7C%7Cdsfs%3D%3E0%7C%7C%7Cnps%3D%3E1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avoirunenfantdifferent.capitalsuites.org
fonts.googleapis.com
fonts.gstatic.com
logv2.xiti.com
www.capitalsuites.org
www.topnetgo.com
111.90.156.83
2a00:1450:4001:814::200a
2a00:1450:4001:81f::2003
54.76.48.183
82.221.129.44
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0467c7f9a2894f33a20a0fbd3c72f2b81d3b7db448e1eb7e76435a0f29f329d1
0b2fea6938e5cc89cd92c63aeb03ec74d844f7069ccd3739676880ae8fbea39c
10c406ce6e2f9e6a82dc13c8a70ff7329e1374621eac3ba627fea5e990f4dd69
155009d018714f55bdab00b5ca15df469466107e06ddf4912a302e24b5868b93
352cc5e10d26704dead6d76146f6373947861e038684b54ff30a14c8c2c94d87
3eadd0ad67e81ab53307b63f8ff5ea779a00eeb653882efdecb6cf380c9b29a3
459d42936208b68b896f3a080deebab3aff9d449324c82a536fdc9473c06e456
612553e6a88fa4e0196ef0c81f332c75ce887d471b1dd0abe2c3bd05ce861353
767f465ce2cd75969f101b1333638f68a9c9399a6804cbcfb051ff3c66c3e09b
806428c8f94a67063a3db0f49df6c0253dba21f3ce8465aea31ae49e60e92dab
814ea9e8c40e77866b9a58efbe800108a7d8d6894550ae7cf928a15bddfc5add
8e9a1377f9a42761ecd2c4b40830c554105e94d074090b1e381e562b240feb89
934b265c36a554e34c2ad890d922f7a6f5f33900f835ba2db4cc5ac0944331a5
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
c83f260308e1f3be76491435bb375c0488800585c56060666c68cff584587b90