urlscan.io logo urlscan.io
SecurityTrails logo

duhestyce.com Open in urlscan Pro
2a00:1178:1:4b::17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://powerful-spells.com/
Effective URL: https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_...
Submission: On July 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 11 domains to perform 71 HTTP transactions. The main IP is 2a00:1178:1:4b::17, located in Netherlands and belongs to WEBZILLA, NL. The main domain is duhestyce.com. The Cisco Umbrella rank of the primary domain is 791000.
TLS certificate: Issued by R3 on May 24th 2022. Valid for: 3 months.
This is the only time duhestyce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    198.23.59.166 (United States)

ASN32748 (STEADFAST, US)
PTR: buildal.net
powerful-spells.com
2    101.99.95.147 (Malaysia)

ASN201133 (VERDINA, BZ)
PTR: vps.euromeds.to
track.greengoplatform.com
js.cofounderspecials.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
2    91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)
spectre.cofounderspecials.com
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
8    2a04:4e42:6f::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
3    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2a00:1178:1:4b::17 (Netherlands)

ASN35415 (WEBZILLA, NL)
duhestyce.com
Apex Domain
Subdomains		 Transfer
28 powerful-spells.com
powerful-spells.com
274 KB
12 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1464
pbs.twimg.com — Cisco Umbrella Rank: 634
ton.twimg.com — Cisco Umbrella Rank: 6509
181 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 720
syndication.twitter.com — Cisco Umbrella Rank: 967 Failed
214 KB
3 duhestyce.com
duhestyce.com — Cisco Umbrella Rank: 791000 Failed
2 KB
3 cofounderspecials.com
js.cofounderspecials.com — Cisco Umbrella Rank: 325370
spectre.cofounderspecials.com — Cisco Umbrella Rank: 336374 Failed
2 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 553
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
9 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 17
996 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
2 KB
1 greengoplatform.com
track.greengoplatform.com — Cisco Umbrella Rank: 387612
collect.greengoplatform.com Failed
1 KB
71 11
Domain Requested by
28 powerful-spells.com 1 redirects powerful-spells.com
8 pbs.twimg.com
6 platform.twitter.com powerful-spells.com
platform.twitter.com
3 duhestyce.com spectre.cofounderspecials.com
3 ton.twimg.com platform.twitter.com
ton.twimg.com
2 spectre.cofounderspecials.com js.cofounderspecials.com
1 cdn.syndication.twimg.com platform.twitter.com
1 syndication.twitter.com platform.twitter.com
1 static.xx.fbcdn.net www.facebook.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 www.facebook.com powerful-spells.com
1 js.cofounderspecials.com powerful-spells.com
1 www.google.com powerful-spells.com
1 fonts.googleapis.com powerful-spells.com
1 track.greengoplatform.com powerful-spells.com
0 collect.greengoplatform.com Failed powerful-spells.com
71 17

This site contains no links.

Subject Issuer Validity Valid
powerful-spells.com
cPanel, Inc. Certification Authority		 2022-05-29 -
2022-08-27		 3 months crt.sh
transportgoline.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
js.cofounderspecials.com
R3		 2022-07-06 -
2022-10-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-26 -
2022-07-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
spectre.cofounderspecials.com
R3		 2022-07-08 -
2022-10-06		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
duhestyce.com
R3		 2022-05-24 -
2022-08-22		 3 months crt.sh

This page contains 4 frames:

Frame: https://duhestyce.com/ccGdF-z.cfzg9hkia_XkQl9mMnT-Yp1qOrDsE_1uMvDwExw-NzTAYB2CM_zEYFxGMHT-IJyKOLSMZ_wOdPDQ1RN-aTlUVV4WT_lYRZFaNbE-5d5eUfXgh_OiajlkUl0-TnVoRpVqd_0s1tUuQvT-FxKyRzVAJ_GCSDkEdFK-eHWIIJyKR_mMtNZObPU-ZR1SWTkUN_SWaXGYJZt-ObXcVdleV_zgFh2iZjF-hlNman0op_EqZr3sltN-RvEw0x1yT_lARBOCaDV-lFqGQHTIV_PKRL0MkNz-WPVQdRVSN_FUlVUWRXX-dZNaabmcd_5eTfjgJhG-ajkk9lEmT_ToBpNqerk-UtzuSvkwR_JyMzkA1Bq-WDXEdFPGV_EIUJwKTL0-ENtOLPSQZ_yScTmUVVx-aXDY1ZmaY_jcZdkeOfG-UhyiMjmkU_3mYnjoUpw-ZrWsIt0uN_jwAx1yMzm-IB0CNDzER_kGZHTIgJ0-ZLGMINyON_iQZRyScTm-lVkWPXTYI_1aYbTcAdz-MfzgkhwiM_mkJllmNnj-ApyqMrzsk_5uMvzwUx3-NzDAJBiCZ_TElFmGNHD-ZJlKYLjMM_wOJPnQJRz-cTmUMV9Wb_3YVZ0aJbn-NdJeZfDg0_0iNjDkcl4-OnTocp0qJ_nsRt2ucvj-0xwyJznAp_vCbDmEVFJ-ZHDI0JyKN_TMEN1OMPT-gR3S
Frame ID: 6B1DBA5A825776227803A9A934487846
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fprofmamanabirah%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 822CC10CF8B000D13825A16C1F5E0ED0
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fpowerful-spells.com
Frame ID: C5712316F3004E1361CBDAF21C620EF7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: 131C8A3E24C1F65FF2A080DBFD5AF889
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://powerful-spells.com/ HTTP 301
    https://powerful-spells.com/ Page URL
  2. https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555 HTTP 302
    https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257 Page URL
  3. https://duhestyce.com/bN3tV.0mP/3GpavGbhmoVjJiZADL0B0ONxD_cL4/O/T/cH0ZLITcQE0kNVz/gf5/N-zGUI HTTP 302
    https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

71
Requests

80 %
HTTPS

73 %
IPv6

11
Domains

17
Subdomains

16
IPs

5
Countries

690 kB
Transfer

1964 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://powerful-spells.com/ HTTP 301
    https://powerful-spells.com/ Page URL
  2. https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555 HTTP 302
    https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257 Page URL
  3. https://duhestyce.com/bN3tV.0mP/3GpavGbhmoVjJiZADL0B0ONxD_cL4/O/T/cH0ZLITcQE0kNVz/gf5/N-zGUI HTTP 302
    https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_NgmhViijM-zlAmmncon_NqyrYszt1-vvdwXxQym_cA0BlCkDP-TFQG0HNIz_gK5LNMzNQ-mPdQHRZSy_PUTVAWmXe-mZ9aubZcU_lekfPgThI-1jMkTlUmx_OoDpcq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://powerful-spells.com/ HTTP 301
  • https://powerful-spells.com/
Request Chain 50
  • https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555 HTTP 302
  • https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
powerful-spells.com/
Redirect Chain
  • http://powerful-spells.com/
  • https://powerful-spells.com/
76 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed / PHP/7.2.34
Resource Hash
cab4b4ab5ee5749db6a0a8aec9b61c799d74ff5fe2ffb7485d3de61eb7f6fdda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Jul 2022 13:15:02 GMT
etag
"2876-1657639460;br"
link
<https://powerful-spells.com/wp-json/>; rel="https://api.w.org/" <https://powerful-spells.com/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json" <https://powerful-spells.com/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.2.34

Redirect headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
102
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Jul 2022 13:15:02 GMT
Location
https://powerful-spells.com/
Server
LiteSpeed
Vary
Accept-Encoding
X-LiteSpeed-Cache
hit
X-Powered-By
PHP/7.2.34
X-Redirect-By
WordPress
smile.js
track.greengoplatform.com/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.greengoplatform.com/smile.js?v=1.1.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.95.147 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
vps.euromeds.to
Software
nginx /
Resource Hash
f99fee323858acd702ae0d4f99339dc1941b86c65af09f22f096f7685d266613

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
987
Content-Type
text/plain; charset=utf-8
style.min.css
powerful-spells.com/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Wed, 13 Jul 2022 03:30:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10946
expires
Mon, 25 Jul 2022 13:15:03 GMT
styles.css
powerful-spells.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Mon, 14 Mar 2022 15:22:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
848
expires
Mon, 25 Jul 2022 13:15:03 GMT
style.css
powerful-spells.com/wp-content/themes/twentytwenty/ 		119 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/themes/twentytwenty/style.css?ver=1.9
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
a51a63ee65cc7ba8e858653cfc3a101af6815c64030d5f62937a00313e461d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 22 Jan 2022 20:51:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21583
expires
Mon, 25 Jul 2022 13:15:03 GMT
elementor-icons.min.css
powerful-spells.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3603
expires
Mon, 25 Jul 2022 13:15:03 GMT
frontend-lite.min.css
powerful-spells.com/wp-content/plugins/elementor/assets/css/ 		105 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
36d0d251e28b907fe469f852a138d1e9e0b6920fa1f372be2ca75f550c7240ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:53 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12889
expires
Mon, 25 Jul 2022 13:15:03 GMT
post-6.css
powerful-spells.com/wp-content/uploads/elementor/css/ 		1 KB
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/uploads/elementor/css/post-6.css?ver=1648294514
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
e12ff66a75d9ddee67aee7a8545ed1c43fef385f402748608f95c777da90c24d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:35:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
305
expires
Mon, 25 Jul 2022 13:15:03 GMT
global.css
powerful-spells.com/wp-content/uploads/elementor/css/ 		9 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/uploads/elementor/css/global.css?ver=1648294514
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:35:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
756
expires
Mon, 25 Jul 2022 13:15:03 GMT
post-125.css
powerful-spells.com/wp-content/uploads/elementor/css/ 		5 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/uploads/elementor/css/post-125.css?ver=1648294514
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
64a3c86b8c475bc4131ce119b70a3621aa97d0ae0011daa5266a8eba7beb97ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:35:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
713
expires
Mon, 25 Jul 2022 13:15:03 GMT
css
fonts.googleapis.com/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo+Black%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f99a5e0ea555759460cf34494b208310fb1f67c7f397ae6c7530541871e233c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 13:15:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Jul 2022 13:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jul 2022 13:15:03 GMT
fontawesome.min.css
powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12133
expires
Mon, 25 Jul 2022 13:15:03 GMT
solid.min.css
powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		669 B
343 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:49 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
286
expires
Mon, 25 Jul 2022 13:15:03 GMT
jquery.min.js
powerful-spells.com/wp-includes/js/jquery/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
a9605f7347d6b365d0158e7e25ae845b3417380de330bf99d23be41e3c39266b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Tue, 21 Jun 2022 15:51:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
31783
expires
Mon, 25 Jul 2022 13:15:03 GMT
jquery-migrate.min.js
powerful-spells.com/wp-includes/js/jquery/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
04c7cf1cc84542a72eaa352e47ca8a72874190a443907cfdcafece15657b536b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Tue, 21 Jun 2022 15:51:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5526
expires
Mon, 25 Jul 2022 13:15:03 GMT
index.js
powerful-spells.com/wp-content/themes/twentytwenty/assets/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.9
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
419a06ea366aeb0ae904b9d89acc6af6d7121d8eff642841fcb880e7d07f0974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 03 Jul 2021 14:44:58 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7517
expires
Mon, 25 Jul 2022 13:15:03 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Age
1407
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29251
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 23:29:05 GMT
Server
ECS (frb/67BE)
Etag
"6bd810ca00e69f1e65a4c1093054e30c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
332.app.js
powerful-spells.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.8
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
6baba57abed8b07c8adf7f1a45e60877d087d7055e4372fe3c8c564de3e679e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:31:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2553
expires
Mon, 25 Jul 2022 13:15:03 GMT
regenerator-runtime.min.js
powerful-spells.com/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
c7eb9b235a0fd4cd60da4d8bb9bf891ff02b9ddad405f3e2b0e2208a7c786db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 03:22:53 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3294
expires
Mon, 25 Jul 2022 13:15:03 GMT
wp-polyfill.min.js
powerful-spells.com/wp-includes/js/dist/vendor/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
7e4366a8be749e206983c6ebb930d60f6f656a98651edfb5e9a057494855a3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 03:22:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7775
expires
Mon, 25 Jul 2022 13:15:03 GMT
index.js
powerful-spells.com/wp-content/plugins/contact-form-7/includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
44a58b86107cb0acaf8b518b54d5a99ba7e0a0ed7e368968d945feaee77d2fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Mon, 14 Mar 2022 15:22:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3970
expires
Mon, 25 Jul 2022 13:15:03 GMT
api.js
www.google.com/recaptcha/ 		884 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfilOoeAAAAAEp8b4_hfTGPqVbbglCq-HpWMAVH&ver=3.0
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
45349d648da31b367dfc389cdec361bf7bd97b3f5899c03af537a5d12029371e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Mon, 18 Jul 2022 13:15:03 GMT
index.js
powerful-spells.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
82b6741c3adb7861a165066885e8ad4313a414b700e1d4f746ec90e5082579bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Mon, 14 Mar 2022 15:22:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1329
expires
Mon, 25 Jul 2022 13:15:03 GMT
webpack.runtime.min.js
powerful-spells.com/wp-content/plugins/elementor/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
75615455b157c104a27672cdafe99381cde08bdbc1b8971ce0eaf259206fe319

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2952
expires
Mon, 25 Jul 2022 13:15:03 GMT
frontend-modules.min.js
powerful-spells.com/wp-content/plugins/elementor/assets/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
56fba65aedd5dc4d1b3b7b0a61f71b00cb66354323a7c6e1bcbf2a96824ebc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5374
expires
Mon, 25 Jul 2022 13:15:03 GMT
waypoints.min.js
powerful-spells.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
ebfb292b500e2a2e554c33c96bc41511fb917e6a38556773db1c9bc2e9eb5dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3809
expires
Mon, 25 Jul 2022 13:15:03 GMT
core.min.js
powerful-spells.com/wp-includes/js/jquery/ui/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
6940fa712a3ce8ea46d196d85e669169dcc6214eb7ba696cbfd3ddfff602e1ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 03:22:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7564
expires
Mon, 25 Jul 2022 13:15:03 GMT
frontend.min.js
powerful-spells.com/wp-content/plugins/elementor/assets/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.1
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
9f8f5073c2c3bc0b61c313a126bb75d2b0c0d0c0f3b11284bbecf7a8e1063eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Sat, 26 Mar 2022 11:34:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11533
expires
Mon, 25 Jul 2022 13:15:03 GMT
splash.js
js.cofounderspecials.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cofounderspecials.com/splash.js?v=9.2.9
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
101.99.95.147 , Malaysia, ASN201133 (VERDINA, BZ),
Reverse DNS
vps.euromeds.to
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 11:34:28 GMT
Server
nginx
ETag
W/"62c81644-b64"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
print.css
powerful-spells.com/wp-content/themes/twentytwenty/ 		3 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/themes/twentytwenty/print.css?ver=1.9
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
content-encoding
br
last-modified
Tue, 25 May 2021 00:11:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
891
expires
Mon, 25 Jul 2022 13:15:03 GMT
flag.js
collect.greengoplatform.com/ 		0
0
Inter-upright-var.woff2
powerful-spells.com/wp-content/themes/twentytwenty/assets/fonts/inter/ 		60 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/wp-content/themes/twentytwenty/style.css?ver=1.9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://powerful-spells.com/wp-content/themes/twentytwenty/style.css?ver=1.9
Origin
https://powerful-spells.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
last-modified
Tue, 22 Oct 2019 23:57:08 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
223892
expires
Mon, 25 Jul 2022 13:15:03 GMT
page.php
www.facebook.com/plugins/ Frame 822C 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fprofmamanabirah%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a831fbbf622dba8cb1f2b699df425943f241131170a33a8bdbfd235d701b6c9e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerful-spells.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 18 Jul 2022 13:15:04 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
dYFUc/hzJqtF6ovtlypaTErCn5hgz0dW5Tdi80Wf92gVnemmMtvJNr8c124wwTlAlYtWj9jIEK9suPs2PHGB0Q==
x-fb-rlafr
0
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		50 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfilOoeAAAAAEp8b4_hfTGPqVbbglCq-HpWMAVH&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerful-spells.com/
Origin
https://powerful-spells.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 11:46:32 GMT
happy-relationship.jpg
powerful-spells.com/wp-content/uploads/2022/03/ 		0
0
happy-couple.jpg
powerful-spells.com/wp-content/uploads/2022/03/ 		0
0
local-traditional-medicine.jpg
powerful-spells.com/wp-content/uploads/2022/03/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo+Black%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://powerful-spells.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 16:26:19 GMT
x-content-type-options
nosniff
age
420525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 16:26:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		0
0
HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v17/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		0
0
fa-solid-900.woff2
powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
lottery.jpg
powerful-spells.com/wp-content/uploads/2022/03/ 		0
0
widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html
platform.twitter.com/widgets/ Frame C571 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fpowerful-spells.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://powerful-spells.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
318509
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Jul 2022 13:15:04 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Mon, 11 Jul 2022 22:43:33 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D4)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
text-editor.289ae80d76f0c5abea44.bundle.min.js
powerful-spells.com/wp-content/plugins/elementor/assets/js/ 		0
0
aUe7A9Op25L.css
static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/ Frame 822C 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/aUe7A9Op25L.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fprofmamanabirah%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GeJb9A+tRA6+qIuDA3Y8HA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5088
x-fb-rlafr
0
x-fb-debug
CDvcu7oRgK+pkbWVnlZrMR3Z+oKBVZsplSvRl6hUNg4wMnJYIDJh5DJCY57l0+6yde9b93oE4zQGkN7erlIHzQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 17 Jul 2023 16:37:05 GMT
settings
syndication.twitter.com/ Frame C571 		0
0
fa-solid-900.woff
powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		99 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
Requested by
Host: powerful-spells.com
URL: https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
198.23.59.166 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
buildal.net
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin
https://powerful-spells.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:03 GMT
last-modified
Sat, 26 Mar 2022 11:34:49 GMT
server
LiteSpeed
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
101652
expires
Mon, 25 Jul 2022 13:15:03 GMT
fine.php
spectre.cofounderspecials.com/ 		0
0
fine.php
spectre.cofounderspecials.com/ 		0
0
fine.php
spectre.cofounderspecials.com/
Redirect Chain
  • https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555
  • https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257
916 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257
Requested by
Host: js.cofounderspecials.com
URL: https://js.cofounderspecials.com/splash.js?v=9.2.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://powerful-spells.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
439
content-type
text/html; charset=UTF-8
date
Mon, 18 Jul 2022 13:15:05 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Jul 2022 13:15:05 GMT
location
https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257
server
nginx
strict-transport-security
max-age=15768000;
moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js
platform.twitter.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline.d73eae5387f08ab9f8b71dcf9d12d391.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Age
318509
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
8085
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 22:43:26 GMT
Server
ECS (frb/6763)
Etag
"6eb1c1b6c98676595ef63fdeab0f96cf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.ef1e579d99cb7409198460b5a0fa4ac6.js
platform.twitter.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.ef1e579d99cb7409198460b5a0fa4ac6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Age
318510
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
6583
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 22:43:26 GMT
Server
ECS (frb/67BE)
Etag
"4a1879769d9d9fbbce1a234be9cfbeed+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
profile
cdn.syndication.twimg.com/timeline/ 		128 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_SpellsPowerful_old&dnt=false&domain=powerful-spells.com&lang=en&screen_name=SpellsPowerful&suppress_response_codes=true&t=1842389&tz=GMT%2B0000&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=217
content-length
9782
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
202
last-modified
Mon, 18 Jul 2022 13:15:04 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
f6baf2851014f80e02ecf9e51fa812278f71215ea7f5080ff799946d3c0cc3b8
timing-allow-origin
*
x-transaction
0f46ad52a80f0c9c
expires
Mon, 18 Jul 2022 13:20:04 GMT
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 131C 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Age
318509
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 22:43:24 GMT
Server
ECS (frb/6796)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 18 Jul 2022 13:15:04 GMT
Content-Encoding
gzip
Age
318509
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length
12144
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 22:43:24 GMT
Server
ECS (frb/6796)
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Km_Tp9wG_normal.jpg
pbs.twimg.com/profile_images/1488216383599128579/ Frame 131C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1488216383599128579/Km_Tp9wG_normal.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 31 Jan 2022 18:21:30 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2111
x-served-by
cache-lhr7377-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FIP-vWhWYAI01mc
pbs.twimg.com/tweet_video_thumb/ Frame 131C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FIP-vWhWYAI01mc?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 09:57:58 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
15610
x-served-by
cache-lhr7374-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FIP9ZpEXMAA5fbF
pbs.twimg.com/tweet_video_thumb/ Frame 131C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/tweet_video_thumb/FIP9ZpEXMAA5fbF?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 09:52:06 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
16180
x-served-by
cache-lhr7345-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FIP8Nm9XwAAarIs
pbs.twimg.com/media/ Frame 131C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FIP8Nm9XwAAarIs?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 09:46:55 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
19653
x-served-by
cache-lhr6625-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FHmy6N_XoAAPJLH
pbs.twimg.com/media/ Frame 131C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FHmy6N_XoAAPJLH?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 27 Dec 2021 10:01:50 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
11392
x-served-by
cache-lhr7354-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FHmyg6QXoAA7nY5
pbs.twimg.com/media/ Frame 131C 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FHmyg6QXoAA7nY5?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 27 Dec 2021 10:00:07 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
26728
x-served-by
cache-lhr7340-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
FHmyVF0X0AMFSls
pbs.twimg.com/media/ Frame 131C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FHmyVF0X0AMFSls?format=jpg&name=small
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 27 Dec 2021 09:59:18 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
11375
x-served-by
cache-lhr7360-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
DyA1ie3WwAEze3d
pbs.twimg.com/media/ Frame 131C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/DyA1ie3WwAEze3d?format=jpg&name=360x360
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:6f::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 16:53:30 GMT
date
Mon, 18 Jul 2022 13:15:05 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
17513
x-served-by
cache-lhr7335-LHR, cache-muc13965-MUC, cache-tw-ZZZ1
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 131C 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351986
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
9d28073cd3dbc1d37939d01f260ade06fce785235f91f906fbcf61870437bae6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 25 Jul 2022 13:15:04 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351987
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
9d28073cd3dbc1d37939d01f260ade06fce785235f91f906fbcf61870437bae6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 25 Jul 2022 13:15:05 GMT
truncated
/ Frame 131C 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 131C 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 131C 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 131C 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 131C 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 131C 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
jot
syndication.twitter.com/i/ 		43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpowerful-spells.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3ASpellsPowerful%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658150105070%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%223235bd17138fa%3A1657578976990%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=bfb09f027ac94356176d3311f679b59ae9df1d96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://powerful-spells.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Mon, 18 Jul 2022 13:15:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
224f2ab103130316edce4c408eea867e9beae20926fce258e8ea2edd1d8b1ff5
x-transaction
18e7c90154e07f3b
expires
Tue, 31 Mar 1981 05:00:00 GMT
news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame 131C 		829 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
Requested by
Host: ton.twimg.com
URL: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F54) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 13:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463380
x-ton-expected-size
829
x-cache
HIT
vary
Accept-Encoding
content-length
395
x-response-time
7
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8F54)
etag
"CTUg6L9PuY+d9h5xpE0zmw=="
strict-transport-security
max-age=631138519
content-type
image/svg+xml
access-control-allow-origin
*
x-connection-hash
e0457f7c563be95f3f6224f7dff41204dcd6684e8f34a60d310a13f3bc39d66c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Mon, 25 Jul 2022 13:15:05 GMT
N-zGUI
duhestyce.com/bN3tV.0mP/3GpavGbhmoVjJiZADL0B0ONxD_cL4/O/T/cH0ZLITcQE0kNVz/gf5/ 		0
0
Primary Request bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_NgmhViijM-zlAmmncon_NqyrYszt1-vvdwXxQym_cA0BlCkDP-TFQG0HNIz_gK5LNMzNQ-mPdQHRZSy_PUTVAWmXe-mZ9aubZcU_l...
duhestyce.com/
Redirect Chain
  • https://duhestyce.com/bN3tV.0mP/3GpavGbhmoVjJiZADL0B0ONxD_cL4/O/T/cH0ZLITcQE0kNVz/gf5/N-zGUI
  • https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_NgmhViijM-zlAmmncon_NqyrYszt1-vvdwXxQym_cA0BlCkDP-TFQG0HNIz_gK5LNMzNQ-mPdQHRZSy...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_NgmhViijM-zlAmmncon_NqyrYszt1-vvdwXxQym_cA0BlCkDP-TFQG0HNIz_gK5LNMzNQ-mPdQHRZSy_PUTVAWmXe-mZ9aubZcU_lekfPgThI-1jMkTlUmx_OoDpcq
Requested by
Host: spectre.cofounderspecials.com
URL: https://spectre.cofounderspecials.com/fine.php?sid=3256&lid=5478658&cid=2257
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::17 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 18 Jul 2022 13:15:05 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 18 Jul 2022 13:15:05 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
location
https://duhestyce.com/bl3-Vn0oP.3pJqy_asWtQu9vM-jxVyhzMAD_MCzDOETFA-yHYImJUK2_MMDNIOzPO-TRkSzTNUT_cW0XMYmZJ-lbOcWdYe0_NgmhViijM-zlAmmncon_NqyrYszt1-vvdwXxQym_cA0BlCkDP-TFQG0HNIz_gK5LNMzNQ-mPdQHRZSy_PUTVAWmXe-mZ9aubZcU_lekfPgThI-1jMkTlUmx_OoDpcq
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-content-type-options
nosniff
x-frame-options
DENY
ccGdF-z.cfzg9hkia_XkQl9mMnT-Yp1qOrDsE_1uMvDwExw-NzTAYB2CM_zEYFxGMHT-IJyKOLSMZ_wOdPDQ1RN-aTlUVV4WT_lYRZFaNbE-5d5eUfXgh_OiajlkUl0-TnVoRpVqd_0s1tUuQvT-FxKyRzVAJ_GCSDkEdFK-eHWIIJyKR_mMtNZObPU-ZR1SWTkUN...
duhestyce.com/ 		0
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://duhestyce.com/ccGdF-z.cfzg9hkia_XkQl9mMnT-Yp1qOrDsE_1uMvDwExw-NzTAYB2CM_zEYFxGMHT-IJyKOLSMZ_wOdPDQ1RN-aTlUVV4WT_lYRZFaNbE-5d5eUfXgh_OiajlkUl0-TnVoRpVqd_0s1tUuQvT-FxKyRzVAJ_GCSDkEdFK-eHWIIJyKR_mMtNZObPU-ZR1SWTkUN_SWaXGYJZt-ObXcVdleV_zgFh2iZjF-hlNman0op_EqZr3sltN-RvEw0x1yT_lARBOCaDV-lFqGQHTIV_PKRL0MkNz-WPVQdRVSN_FUlVUWRXX-dZNaabmcd_5eTfjgJhG-ajkk9lEmT_ToBpNqerk-UtzuSvkwR_JyMzkA1Bq-WDXEdFPGV_EIUJwKTL0-ENtOLPSQZ_yScTmUVVx-aXDY1ZmaY_jcZdkeOfG-UhyiMjmkU_3mYnjoUpw-ZrWsIt0uN_jwAx1yMzm-IB0CNDzER_kGZHTIgJ0-ZLGMINyON_iQZRyScTm-lVkWPXTYI_1aYbTcAdz-MfzgkhwiM_mkJllmNnj-ApyqMrzsk_5uMvzwUx3-NzDAJBiCZ_TElFmGNHD-ZJlKYLjMM_wOJPnQJRz-cTmUMV9Wb_3YVZ0aJbn-NdJeZfDg0_0iNjDkcl4-OnTocp0qJ_nsRt2ucvj-0xwyJznAp_vCbDmEVFJ-ZHDI0JyKN_TMEN1OMPT-gR3S
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::17 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 18 Jul 2022 13:15:05 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
collect.greengoplatform.com
URL
https://collect.greengoplatform.com/flag.js?v=7.1.3
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/uploads/2022/03/happy-relationship.jpg
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/uploads/2022/03/happy-couple.jpg
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/uploads/2022/03/local-traditional-medicine.jpg
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/archivoblack/v17/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/uploads/2022/03/lottery.jpg
Domain
powerful-spells.com
URL
https://powerful-spells.com/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
Domain
syndication.twitter.com
URL
https://syndication.twitter.com/settings?session_id=bfb09f027ac94356176d3311f679b59ae9df1d96
Domain
spectre.cofounderspecials.com
URL
https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555
Domain
spectre.cofounderspecials.com
URL
https://spectre.cofounderspecials.com/fine.php?pid=4362&tid=68964&cid=555
Domain
duhestyce.com
URL
https://duhestyce.com/bN3tV.0mP/3GpavGbhmoVjJiZADL0B0ONxD_cL4/O/T/cH0ZLITcQE0kNVz/gf5/N-zGUI

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.syndication.twimg.com
collect.greengoplatform.com
duhestyce.com
fonts.googleapis.com
fonts.gstatic.com
js.cofounderspecials.com
pbs.twimg.com
platform.twitter.com
powerful-spells.com
spectre.cofounderspecials.com
static.xx.fbcdn.net
syndication.twitter.com
ton.twimg.com
track.greengoplatform.com
www.facebook.com
www.google.com
www.gstatic.com
collect.greengoplatform.com
duhestyce.com
fonts.gstatic.com
powerful-spells.com
spectre.cofounderspecials.com
syndication.twitter.com
101.99.95.147
104.244.42.200
198.23.59.166
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2a00:1178:1:4b::17
2a00:1450:4001:80e::2004
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:6f::159
91.211.91.104
04c7cf1cc84542a72eaa352e47ca8a72874190a443907cfdcafece15657b536b
0f99a5e0ea555759460cf34494b208310fb1f67c7f397ae6c7530541871e233c
36d0d251e28b907fe469f852a138d1e9e0b6920fa1f372be2ca75f550c7240ec
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
419a06ea366aeb0ae904b9d89acc6af6d7121d8eff642841fcb880e7d07f0974
44a58b86107cb0acaf8b518b54d5a99ba7e0a0ed7e368968d945feaee77d2fb8
45349d648da31b367dfc389cdec361bf7bd97b3f5899c03af537a5d12029371e
56fba65aedd5dc4d1b3b7b0a61f71b00cb66354323a7c6e1bcbf2a96824ebc51
64a3c86b8c475bc4131ce119b70a3621aa97d0ae0011daa5266a8eba7beb97ba
6940fa712a3ce8ea46d196d85e669169dcc6214eb7ba696cbfd3ddfff602e1ec
6baba57abed8b07c8adf7f1a45e60877d087d7055e4372fe3c8c564de3e679e2
75615455b157c104a27672cdafe99381cde08bdbc1b8971ce0eaf259206fe319
7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4
7e4366a8be749e206983c6ebb930d60f6f656a98651edfb5e9a057494855a3f4
82b6741c3adb7861a165066885e8ad4313a414b700e1d4f746ec90e5082579bc
9f8f5073c2c3bc0b61c313a126bb75d2b0c0d0c0f3b11284bbecf7a8e1063eae
a51a63ee65cc7ba8e858653cfc3a101af6815c64030d5f62937a00313e461d2c
a831fbbf622dba8cb1f2b699df425943f241131170a33a8bdbfd235d701b6c9e
a9605f7347d6b365d0158e7e25ae845b3417380de330bf99d23be41e3c39266b
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
c7eb9b235a0fd4cd60da4d8bb9bf891ff02b9ddad405f3e2b0e2208a7c786db9
cab4b4ab5ee5749db6a0a8aec9b61c799d74ff5fe2ffb7485d3de61eb7f6fdda
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2
e12ff66a75d9ddee67aee7a8545ed1c43fef385f402748608f95c777da90c24d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ebfb292b500e2a2e554c33c96bc41511fb917e6a38556773db1c9bc2e9eb5dec
f99fee323858acd702ae0d4f99339dc1941b86c65af09f22f096f7685d266613