www.fafaslotr.com Open in urlscan Pro
172.67.149.110  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.fafaslotr.com/	46 KB 12 KB	1054ms 798ms	Document text/html	172.67.149.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafaslotr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.149.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash b7e1f117fb4281fdd3311d15d39c4b2c7b29b6ad4adc4c496587d901c518242a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85ca413f1a15f110-CDG content-encoding br content-type text/html; charset=UTF-8 date Wed, 28 Feb 2024 17:05:53 GMT last-modified Wed, 28 Feb 2024 00:14:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y572Hw4PrEwsKkm1mmKQDxfooSJFa4qhCM6Be0fgHl27OjbH0OyMXnvu86m4rolkivCQ6q5hP64Fpr7bOdMGM8RgWrwTRoWSDZmNbG8V5tZ1MgX3cO7m3ewhtD76WpQdQbK9MA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-litespeed-cache hit x-powered-by PHP/7.4.33 x-turbo-charged-by LiteSpeed
GET H2	200	amp-form-latest.js Show response cdn.ampproject.org/v0/	49 KB 16 KB	450ms 122ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-form-latest.js Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 83ef2af8e25adb02f930d3279d16a88b8e804e0b3135c5d35b205002a3d75e1c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Wed, 28 Feb 2024 17:05:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14981 x-xss-protection 0 server sffe etag "773202a9ce19c708" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Feb 2024 17:05:53 GMT
GET H2	200	icomoon.ttf www.fafaslotr.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/swift/fonts/	116 KB 117 KB	1133ms 1130ms	Font application/x-font-ttf	172.67.149.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.fafaslotr.com/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/swift/fonts/icomoon.ttf Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.149.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30e5d95572f44e8f0bf3bd87e7320c65e1d58bd05d332a2d6dc288b5aa54454e Request headers Referer https://www.fafaslotr.com/ Origin https://www.fafaslotr.com accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Feb 2024 17:05:54 GMT cf-cache-status MISS last-modified Fri, 02 Feb 2024 06:48:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRxKDSfW8WG9EBvCiJxYjf8CwbF%2BfjzVJOUoaHb7RtJiET%2BglMOIz7MNTm4UOpGe2ewalQ%2F0Xxxy1EbOehaipJbccqydb%2B%2BNu6SlG69REYLQxELYA%2BRFMuDRnGexQj%2F0HAO9PA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-font-ttf cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85ca41442a29f110-CDG alt-svc h3=":443"; ma=86400 content-length 119252 expires Thu, 27 Feb 2025 17:05:53 GMT
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	514ms 189ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 28452f2846f30ae5d7cbc35229e88de55e637e2410e7692381a35ae128c415ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Wed, 28 Feb 2024 17:05:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73115 x-xss-protection 0 server sffe etag "ea45357c26d229f2" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Feb 2024 17:05:53 GMT
GET H2	200	amp-bind-latest.js Show response cdn.ampproject.org/v0/	50 KB 16 KB	440ms 143ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-bind-latest.js Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 79643d3585030861f9229f07791028ea9cfc11db44e8f50dfff45f151f930091 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Wed, 28 Feb 2024 17:05:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16380 x-xss-protection 0 server sffe etag "ee5d65d5e095e8bf" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 28 Feb 2024 17:05:53 GMT
GET DATA	200 OK	truncated /	85 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8cde83baf2cc91ba4176a8cac8c04650074a733e8c2505460f0155d2417d122e Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	84 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9743b4c8176ed7822e35c869aad2f43fc74a9ca6247fdf66dc56824bd3a192fc Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	fafaslot-1536x566.jpg www.fafaslotr.com/wp-content/uploads/2023/05/	152 KB 153 KB	1173ms 1172ms	Image image/jpeg	172.67.149.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafaslotr.com/wp-content/uploads/2023/05/fafaslot-1536x566.jpg Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 216bbf9df6908ecf2ba96592981c471a568975d21eb2f50de542dd1e662dcde6 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Feb 2024 17:05:54 GMT cf-cache-status MISS last-modified Wed, 03 May 2023 18:56:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzkqSul7sKc2POfBT%2BU%2Fq2VyEk20d4UzbkOfb4OtYWSWXytR%2BNDqV0JAmRFfPQ0C7IHu%2BS8cVEYCG8ysovZk%2BoAgtw6sHFmK3Ras3LlvsKw7cFMDdyXR0qV44jVtBmdELWEGMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85ca41483a54f09f-CDG alt-svc h3=":443"; ma=86400 content-length 155898 expires Thu, 27 Feb 2025 17:05:54 GMT
GET H3	200	live-chat.png www.fafaslotr.com/wp-content/uploads/2023/05/	23 KB 23 KB	804ms 804ms	Image image/png	172.67.149.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafaslotr.com/wp-content/uploads/2023/05/live-chat.png Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e143dcdf14f69e3f47e89bb13edc4b4d1d3c5dba025c6074b72e953c7ed1f375 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Feb 2024 17:05:54 GMT cf-cache-status MISS last-modified Wed, 03 May 2023 19:08:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAQvIdz1ZLsm6RxJRi3oDn73NEN3kfAG13dCcb%2BsgGtxHt8gmL7Gp67xQ4HYkSihPI%2BWkvuEIILyYfwiyOrzQo2VA0lOhLJbGo0GS4IfHcDcMl%2FVlQARsMg%2Fyu96ILUw8pH9lw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85ca41483a57f09f-CDG alt-svc h3=":443"; ma=86400 content-length 23500 expires Thu, 27 Feb 2025 17:05:54 GMT
GET H3	200	logo-fafaslot.png www.fafaslotr.com/wp-content/uploads/2023/05/	143 KB 143 KB	1061ms 1060ms	Image image/png	172.67.149.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.fafaslotr.com/wp-content/uploads/2023/05/logo-fafaslot.png Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86332f70693429f2cb808d2d3c73b130ed4e07b74601934dc857452320f567f9 Request headers accept-language he-IL,he;q=0.9 Referer https://www.fafaslotr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Feb 2024 17:05:54 GMT cf-cache-status MISS last-modified Wed, 03 May 2023 18:56:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAbZJP%2FNE8gCDghKO9StaLKLUWYQlJsdovYn%2FDoMBq2iHtG%2BYe6Cz2QfDpmnUrZVv94H%2FpqsPEnO5f3bITyaTo%2B7V56WnJpeOwBTRaQo9UbslyCGVFOkvePzxTXyv67viNiSqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 85ca41483a5bf09f-CDG alt-svc h3=":443"; ma=86400 content-length 146346 expires Thu, 27 Feb 2025 17:05:54 GMT
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012402080818000/v0/	8 KB 3 KB	390ms 161ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402080818000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 99f7b2a5cb2633f09255dbf282e781debc92494b50391e833713aee57e61a9ea Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.fafaslotr.com/ Origin https://www.fafaslotr.com accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 27 Feb 2024 09:11:34 GMT age 114860 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2975 x-xss-protection 0 server sffe etag "9642737be4ce8b86" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 26 Feb 2025 09:11:34 GMT
GET H3	200	ww.js Show response cdn.ampproject.org/rtv/012402080818000/	51 KB 14 KB	329ms 114ms	Fetch text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402080818000/ww.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash bf6561faab0c09ea14bea849118354eb0636ccd1d9f1e5dd9b5fdcedff464131 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept text/plain Referer https://www.fafaslotr.com/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 27 Feb 2024 09:08:43 GMT age 115031 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14455 x-xss-protection 0 server sffe etag "fe79ff91efe8faa1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 26 Feb 2025 09:08:43 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012402080818000/v0/	12 KB 4 KB	367ms 152ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012402080818000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash 653a8b2d6c8fef44b5d1b07aa4403e96ef0959f6590071eb3f1fe5e7e2bbd48a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.fafaslotr.com/ Origin https://www.fafaslotr.com accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 27 Feb 2024 22:24:10 GMT age 67304 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3940 x-xss-protection 0 server sffe etag "e84d49c5b65ada2b" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 26 Feb 2025 22:24:10 GMT
GET BLOB	200 OK	a61f8967-7e46-475e-982b-453550cc67c9 https://www.fafaslotr.com/	51 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.fafaslotr.com/a61f8967-7e46-475e-982b-453550cc67c9 Requested by Host: www.fafaslotr.com URL: https://www.fafaslotr.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 23132363dfb504dc0fb177a6fb01f06def45a3a1768843ef482237d5f90326c6 Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 52080 Content-Type text/javascript

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
www.fafaslotr.com
142.250.185.161
172.67.149.110
216bbf9df6908ecf2ba96592981c471a568975d21eb2f50de542dd1e662dcde6
23132363dfb504dc0fb177a6fb01f06def45a3a1768843ef482237d5f90326c6
28452f2846f30ae5d7cbc35229e88de55e637e2410e7692381a35ae128c415ba
30e5d95572f44e8f0bf3bd87e7320c65e1d58bd05d332a2d6dc288b5aa54454e
653a8b2d6c8fef44b5d1b07aa4403e96ef0959f6590071eb3f1fe5e7e2bbd48a
79643d3585030861f9229f07791028ea9cfc11db44e8f50dfff45f151f930091
83ef2af8e25adb02f930d3279d16a88b8e804e0b3135c5d35b205002a3d75e1c
86332f70693429f2cb808d2d3c73b130ed4e07b74601934dc857452320f567f9
8cde83baf2cc91ba4176a8cac8c04650074a733e8c2505460f0155d2417d122e
9743b4c8176ed7822e35c869aad2f43fc74a9ca6247fdf66dc56824bd3a192fc
99f7b2a5cb2633f09255dbf282e781debc92494b50391e833713aee57e61a9ea
b7e1f117fb4281fdd3311d15d39c4b2c7b29b6ad4adc4c496587d901c518242a
bf6561faab0c09ea14bea849118354eb0636ccd1d9f1e5dd9b5fdcedff464131
e143dcdf14f69e3f47e89bb13edc4b4d1d3c5dba025c6074b72e953c7ed1f375