mysterymagic.net Open in urlscan Pro
149.56.229.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mysterymagic.net/teste/BOTTLE/
Effective URL:
http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Submission: On July 04 via automatic, source phishtank (July 4th 2018, 2:29:40 am UTC)

Summary HTTP 25 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 25 HTTP transactions. The main IP is 149.56.229.60, located in Montréal, Canada and belongs to OVH, FR. The main domain is mysterymagic.net.

This is the only time mysterymagic.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	149.56.229.60 149.56.229.60	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f12... 2a03:2880:f12d:86:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
25	9

12 149.56.229.60 (Montréal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: cpanel1.hostmf.com.br

mysterymagic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onbley.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	onbley.com onbley.com	103 KB
4	facebook.com www.facebook.com staticxx.facebook.com	296 B
2	google-analytics.com www.google-analytics.com	14 KB
2	gstatic.com fonts.gstatic.com	17 KB
2	mysterymagic.net 1 redirects mysterymagic.net	4 KB
1	facebook.net connect.facebook.net	73 KB
1	googleapis.com fonts.googleapis.com	940 B
1	googletagmanager.com www.googletagmanager.com	24 KB
25	8

	Domain	Requested by
10	onbley.com	mysterymagic.net
2	staticxx.facebook.com	connect.facebook.net
2	www.facebook.com	mysterymagic.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com mysterymagic.net
2	fonts.gstatic.com	mysterymagic.net
2	mysterymagic.net	1 redirects
1	connect.facebook.net	mysterymagic.net
1	fonts.googleapis.com	mysterymagic.net
1	www.googletagmanager.com	mysterymagic.net
25	9

This site contains links to these domains. Also see Links.

Domain
facebook.com
cliente.onbley.com
onbley.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Frame ID: CAEEF675A5A74A2AE8D554FC4253A006
Requests: 22 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Frame ID: F70D84DF732FE0A062EA99ACBDF8503A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
Frame ID: 20466AE14A03D9B55B9EF22D244119E0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/customerchat.php?app_id=1678638095724206&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Dfc3b6650568c1%26domain%3Dmysterymagic.net%26origin%3Dhttp%253A%252F%252Fmysterymagic.net%252Ff3a0c13d40493a8%26relation%3Dparent.parent&container_width=0&locale=pt_BR&page_id=406631329731417&sdk=joey
Frame ID: CFB0C0A6A7A8B7F5262A48FA318DD787
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mysterymagic.net/teste/BOTTLE/ HTTP 302
http://mysterymagic.net/cgi-sys/suspendedpage.cgi Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

25
Requests

8 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

236 kB
Transfer

805 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/onbley
Title: Facebook

Search URL Search Domain Scan URL

URL: https://cliente.onbley.com/register.php
Title: Cadastre-se

Search URL Search Domain Scan URL

URL: https://cliente.onbley.com/submitticket.php?step=2&deptid=2
Title: Fale conosco

Search URL Search Domain Scan URL

URL: http://cliente.onbley.com/clientarea.php
Title: Central do Cliente

Search URL Search Domain Scan URL

URL: http://onbley.com/contact
Title: Contate-nos

Search URL Search Domain Scan URL

URL: https://cliente.onbley.com/clientarea.php
Title: Suporte

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onbley

Search URL Search Domain Scan URL

URL: https://twitter.com/onbley

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mysterymagic.net/teste/BOTTLE/ HTTP 302
http://mysterymagic.net/cgi-sys/suspendedpage.cgi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js HTTP 307
https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request suspendedpage.cgi Show response
mysterymagic.net/cgi-sys/
Redirect Chain

http://mysterymagic.net/teste/BOTTLE/
http://mysterymagic.net/cgi-sys/suspendedpage.cgi

10 KB
3 KB

229ms
229ms

Document
text/html

149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

HTTP/1.1

Server

149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),

Reverse DNS

cpanel1.hostmf.com.br

Software

nginx /

Resource Hash

b2836003fd1d9c051493c904e6f1bf06f8c7a399feabccb757431dc4ca977cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: mysterymagic.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CAEEF675A5A74A2AE8D554FC4253A006

Response headers

Server: nginx
Date: Wed, 04 Jul 2018 02:29:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 04 Jul 2018 02:29:27 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 233
Connection: keep-alive
Location: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron

GET
S 200 bootstrap.min.css
onbley.com/css/ 118 KB
20 KB 868ms
186ms Stylesheet
text/css 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/css/bootstrap.min.css
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:28 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:28 GMT

GET
S 200 font-awesome.min.css
onbley.com/css/ 30 KB
7 KB 778ms
96ms Stylesheet
text/css 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/css/font-awesome.min.css
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:28 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:28 GMT

GET
S 200 slick.css
onbley.com/css/ 2 KB
743 B 868ms
186ms Stylesheet
text/css 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/css/slick.css
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:28 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:28 GMT

GET
S 200 style.css
onbley.com/css/ 87 KB
11 KB 948ms
266ms Stylesheet
text/css 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/css/style.css?v=1
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: d7f8bbcedb61b848c15c364367d395bd74ca8319a58f6d02937dc5dfff33d5ba

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:28 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2017 01:22:45 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:28 GMT

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
24 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107837155-1

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

00af5921ad0a229940f0243665ccc63034b0683d84ef7ac03de815302c0cd3b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 24842
x-xss-protection: 1; mode=block
expires: Wed, 04 Jul 2018 02:29:29 GMT

GET
S 200 logo-servers.png
onbley.com/images/ 8 KB
8 KB 95ms
94ms Image
image/png 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onbley.com/images/logo-servers.png
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: d78607b151a803e11fe48d7a2c4b18fdb8f3781c2a7652b7f299c11fae17bbf7

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
last-modified: Sat, 19 Aug 2017 21:43:55 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 8255
expires: Sun, 02 Sep 2018 02:29:29 GMT

GET
S 200 jquery.min.js Show response
onbley.com/js/ 95 KB
33 KB 179ms
179ms Script
application/javascript 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/js/jquery.min.js
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:29 GMT

GET
S 200 bootstrap.min.js Show response
onbley.com/js/ 36 KB
10 KB 180ms
180ms Script
application/javascript 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/js/bootstrap.min.js
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:29 GMT

GET
S 200 slick.min.js Show response
onbley.com/js/ 41 KB
10 KB 220ms
220ms Script
application/javascript 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/js/slick.min.js
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:29 GMT

GET
S 200 main.js Show response
onbley.com/js/ 3 KB
1 KB 260ms
259ms Script
application/javascript 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/js/main.js
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: a4470bb99b8dfbc01129685bdf75f2088ead4437819b06df0f81aafdd5740234

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 12:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:29 GMT

GET
S 200 css
fonts.googleapis.com/ 12 KB
940 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d133ba6c3606f15996eaecffe9eb3ac1341711db1f4a1851a72b7c619d6b95b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Wed, 04 Jul 2018 02:29:29 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 04 Jul 2018 02:29:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 04 Jul 2018 02:29:29 GMT

GET
S 200 hostino.css
onbley.com/fonts/ 2 KB
803 B 94ms
94ms Stylesheet
text/css 149.56.229.60
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onbley.com/fonts/hostino.css
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 149.56.229.60 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS: cpanel1.hostmf.com.br
Software: nginx /
Resource Hash: 4efcaa6035db5f9660e81cf5985820a043287278bd389d580c53ad3f8e58471c

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jul 2018 02:29:29 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2017 13:12:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
expires: Fri, 03 Aug 2018 02:29:29 GMT

GET fontawesome-webfont.woff2
onbley.com/fonts/ 0
0

GET
S 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: http://mysterymagic.net

Response headers

date: Fri, 22 Jun 2018 17:13:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 983777
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 22 Jun 2019 17:13:12 GMT

GET
S 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: http://mysterymagic.net

Response headers

date: Mon, 18 Jun 2018 10:46:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 1352554
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 8800
x-xss-protection: 1; mode=block
expires: Tue, 18 Jun 2019 10:46:55 GMT

GET
S

200

xfbml.customerchat.js Show response
connect.facebook.net/pt_BR/sdk/
Redirect Chain

http://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js
https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

239 KB
73 KB

20ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

94d4ec0e8a0d30c56c3a76f40ad40dd471d3e3f048b43480628dabf03aff24dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RN4xAOFCCFoUp6H2S1z1MQ==
status: 200
content-length: 74061
x-xss-protection: 0
x-ua-compatible: IE=edge,chrome=1
x-fb-debug: YdMyDahsZ2/LHxLU0QYiNAZ6zop2GpBSCr23mfj4h98LBU4P7cURJ1BRZ/PW0BvL4RmPmbOAOn4Ax0zxr5JuzA==
x-fb-content-md5: 935463e8fab19b3e0e75b5e60cfd02d3
x-frame-options: DENY
date: Wed, 04 Jul 2018 02:29:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cd5151c3a533a309d11025eab8e65f8e"
timing-allow-origin: *
expires: Wed, 04 Jul 2018 02:34:42 GMT

Redirect headers

Location: https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js
Non-Authoritative-Reason: HSTS

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107837155-1

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1326
date: Wed, 04 Jul 2018 02:07:23 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Wed, 04 Jul 2018 04:07:23 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1013209875&t=pageview&_s=1&dl=http%3A%2F%2Fmysterymagic.net%2Fcgi-sys%2Fsuspendedpage.cgi&ul=en-us&de=UTF-8&dt=Conta%20Suspensa%20%7C%20Onbley%20Servers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1884310965&gjid=243280440&cid=1310182435.1530671369&tid=UA-107837155-1&_gid=2048823733.1530671369&_r=1&gtm=u6c&z=358353330

Requested by

Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Protocol

SPDY

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jul 2018 02:29:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
296 B 27ms
5ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1678638095724206&ev=fb_page_view&dl=http%3A%2F%2Fmysterymagic.net%2Fcgi-sys%2Fsuspendedpage.cgi&rl=&if=false&ts=1530671369426&sw=1600&sh=1200
Requested by: Host: mysterymagic.net
URL: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Protocol: SPDY
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 04 Jul 2018 02:29:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 04 Jul 2018 02:29:29 GMT

GET
H/1.1 200
OK xaOI6zd9HW9.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame F70D 0
0 8ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

http://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Protocol

HTTP/1.1

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: staticxx.facebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CAEEF675A5A74A2AE8D554FC4253A006
Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Response headers

Expires: Wed, 03 Jul 2019 18:46:23 GMT
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-XSS-Protection: 0
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset=utf-8
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: NdesP2P8BrOgZtop0vKHPwxTRgFo1OBF0jpEUKNSztwdNk5Xgrf29AdD79AfAKsMiZRCUvJOWLPGQPp76rrJZA==
Date: Wed, 04 Jul 2018 02:29:29 GMT
Connection: close
Content-Length: 13919

GET
H2 200 xaOI6zd9HW9.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2046 0
0 9ms
7ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/xaOI6zd9HW9.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CAEEF675A5A74A2AE8D554FC4253A006
Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Response headers

status: 200
expires: Mon, 01 Jul 2019 21:56:33 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: EQ7wQkoKx3/QaWtEVnNOYH4mSpJcN4otvpEr+dNBjq7IO37MnrV8O3w6wSfzy/qE47ABePMBhipqfylgA6XAMA==
content-length: 13896
date: Wed, 04 Jul 2018 02:29:29 GMT

GET fontawesome-webfont.woff
onbley.com/fonts/ 0
0

GET fontawesome-webfont.ttf
onbley.com/fonts/ 0
0

GET
H2 200 customerchat.php
www.facebook.com/v2.10/plugins/ Frame CFB0 0
0 61ms
60ms Document
text/html 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/customerchat.php?app_id=1678638095724206&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Dfc3b6650568c1%26domain%3Dmysterymagic.net%26origin%3Dhttp%253A%252F%252Fmysterymagic.net%252Ff3a0c13d40493a8%26relation%3Dparent.parent&container_width=0&locale=pt_BR&page_id=406631329731417&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; frame-ancestors https://www.facebook.com;report-uri https://www.facebook.com/csp.php;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.10/plugins/customerchat.php?app_id=1678638095724206&channel=http%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FxaOI6zd9HW9.js%3Fversion%3D42%23cb%3Dfc3b6650568c1%26domain%3Dmysterymagic.net%26origin%3Dhttp%253A%252F%252Fmysterymagic.net%252Ff3a0c13d40493a8%26relation%3Dparent.parent&container_width=0&locale=pt_BR&page_id=406631329731417&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi
accept-encoding: gzip, deflate
cookie: fr=0uZnPabAQpKwZ3T7a..BbPDEJ...1.0.BbPDEJ.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CAEEF675A5A74A2AE8D554FC4253A006
Referer: http://mysterymagic.net/cgi-sys/suspendedpage.cgi

Response headers

status: 200
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; frame-ancestors https://www.facebook.com;report-uri https://www.facebook.com/csp.php;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v2.10
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-fb-debug: QjGOR0Bht/d0vYTU8WwyvcmJa3oezQKmSho9jQU9H7jMXbq0NrKGmBi+2sTtVNf+DVpjxQ6JZGvySaJC24chFA==
date: Wed, 04 Jul 2018 02:29:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onbley.com
URL: https://onbley.com/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: onbley.com
URL: https://onbley.com/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: onbley.com
URL: https://onbley.com/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mysterymagic.net/	1970-01-18 17:11:11	Name: _gat_gtag_UA_107837155_1 Value: 1
.facebook.com/	1970-01-18 19:20:47	Name: fr Value: 0uZnPabAQpKwZ3T7a..BbPDEJ...1.0.BbPDEJ.
.mysterymagic.net/	1970-01-18 17:12:37	Name: _gid Value: GA1.2.2048823733.1530671369
.mysterymagic.net/	1970-01-19 10:42:23	Name: _ga Value: GA1.2.1310182435.1530671369

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mysterymagic.net
onbley.com
staticxx.facebook.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
onbley.com
149.56.229.60
2a00:1450:4001:816::2008
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
00af5921ad0a229940f0243665ccc63034b0683d84ef7ac03de815302c0cd3b7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4efcaa6035db5f9660e81cf5985820a043287278bd389d580c53ad3f8e58471c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
94d4ec0e8a0d30c56c3a76f40ad40dd471d3e3f048b43480628dabf03aff24dd
a4470bb99b8dfbc01129685bdf75f2088ead4437819b06df0f81aafdd5740234
b2836003fd1d9c051493c904e6f1bf06f8c7a399feabccb757431dc4ca977cb1
d133ba6c3606f15996eaecffe9eb3ac1341711db1f4a1851a72b7c619d6b95b9
d78607b151a803e11fe48d7a2c4b18fdb8f3781c2a7652b7f299c11fae17bbf7
d7f8bbcedb61b848c15c364367d395bd74ca8319a58f6d02937dc5dfff33d5ba
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

mysterymagic.net Open in urlscan Pro 149.56.229.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

8 %HTTPS

88 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

236 kBTransfer

805 kBSize

4 Cookies

8 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

mysterymagic.net Open in urlscan Pro
149.56.229.60 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

8 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

236 kB
Transfer

805 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions