navi-drop.fun Open in urlscan Pro
185.149.120.71  Malicious Activity! Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response navi-drop.fun/	88 KB 27 KB	260ms 104ms	Document text/html	185.149.120.71 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.149.120.71 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f932130f386bd1dc4061d0d01e1ce36a84a664c7972a81bb34dff54f8779dbc2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-origin * content-encoding gzip content-security-policy upgrade-insecure-requests; content-type text/html; charset=utf-8 date Fri, 22 Jul 2022 22:49:08 GMT server ddos-guard
GET H2	200	script.js Show response navi-drop.fun/53vi/	29 KB 15 KB	93ms 90ms	Script application/javascript	185.149.120.71 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://navi-drop.fun/53vi/script.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.149.120.71 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash bfdac123c60b3fec8c90366b6c5d8561dae4e727075d60e8be62a4b9d0f55693 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-origin * content-security-policy upgrade-insecure-requests; content-encoding gzip date Fri, 22 Jul 2022 22:49:08 GMT server ddos-guard access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-type application/javascript; charset=UTF-8
GET H2	200	123.css posh-conflicts.000webhostapp.com/	1 MB 205 KB	410ms 121ms	Stylesheet text/css	2a02:4780:dead:5506::1 AWEX
General Check archive.org Show headers Download Go to Full URL https://posh-conflicts.000webhostapp.com/123.css Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:4780:dead:5506::1 , United States, ASN204915 (AWEX, CY), Reverse DNS Software awex / Resource Hash c13499c105c34e8d2d5880d1fc8b7dbf5b0835d2154325c6863c96d6a1183416 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:08 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 22 Jul 2022 18:11:21 GMT server awex content-type text/css x-xss-protection 1; mode=block x-request-id 6f02d24bfab9eeb3cb3dad2aca09a8ec
GET H2	200	jquery.js Show response csgofreeskins.eu/wp-includes/js/jquery/	95 KB 95 KB	415ms 38ms	Script application/javascript	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Full URL https://csgofreeskins.eu/wp-includes/js/jquery/jquery.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:08 GMT last-modified Thu, 05 Sep 2019 12:32:25 GMT server nginx etag "5d710059-17a6a" content-type application/javascript cache-control max-age=2592000 accept-ranges bytes, bytes content-length 96874 expires Sun, 21 Aug 2022 22:49:08 GMT
GET H2	200	/ Show response navi-drop.fun/53vi/login/	51 KB 14 KB	101ms 101ms	Fetch text/html	185.149.120.71 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://navi-drop.fun/53vi/login/ Requested by Host: navi-drop.fun URL: https://navi-drop.fun/53vi/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.149.120.71 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 2b4e9a012a04d2d46ad2a4740e894a8cf92308a5c35fd57f44359eb9ebeafdca Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard etag W/"cdf4-/d3R5WgM4y3GwAIv8MoUxo0Lw6U" content-type text/html; charset=utf-8 access-control-allow-origin * date Fri, 22 Jul 2022 22:49:08 GMT access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
POST H2	200	/ Show response navi-drop.fun/	16 B 331 B	128ms 128ms	Fetch application/json	185.149.120.71 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://navi-drop.fun/ Requested by Host: navi-drop.fun URL: https://navi-drop.fun/53vi/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.149.120.71 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://navi-drop.fun/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json Response headers content-security-policy upgrade-insecure-requests; server ddos-guard etag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" content-type application/json; charset=utf-8 access-control-allow-origin * date Fri, 22 Jul 2022 22:49:08 GMT access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 16
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/	84 KB 29 KB	87ms 25ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-14e4a" vary Accept-Encoding x-hw 1658530149.dop129.fr8.t,1658530149.cds222.fr8.hn,1658530149.cds140.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29811
GET H2	200	CSSPlugin.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.17.0/plugins/	37 KB 14 KB	74ms 27ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.17.0/plugins/CSSPlugin.min.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98917d6902c17c785296fbfe5be590baee51cef21194dad2f92e91ef18843269 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5524756 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13247 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-936d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ExqmGx2rqWjrKixQG5WiQh7Fl6B6AIF7%2BT0ts%2BvCwLaQMo8Ox8SydRCJ8thKaJ%2BGAvJ6ISEyfDaovFEaGXMGrFVoMW0UbUB2v5URVSFY69kXQwswQ%2F9Fhi1J%2Bj2EGYs1rnK6Qc7%2F5yHZzWpnE%2BYNB44"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72efba5aad2f9a2a-FRA expires Wed, 12 Jul 2023 22:49:09 GMT
GET H2	200	TweenMax.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/	108 KB 32 KB	74ms 28ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/TweenMax.min.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3706723 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 32043 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-1aeba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB1UJb8FU7tr0oSueFM4zFaLQxM80k17SCxfUWnoC8Qd9x65MF2HmmS7yRwDyloiy7XTKMjWdaE5ssHpKQo6yS9MeINwYkr07UymyuGUG7cFxNVc7SYLha07YdVRZrgx8iky2kNBfVRdQq4wPqT94Hz%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72efba5aad309a2a-FRA expires Wed, 12 Jul 2023 22:49:09 GMT
GET H2	200	TimelineMax.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/	20 KB 5 KB	77ms 31ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/TimelineMax.min.js Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba4f6b51b81ff3942cee16141f54843baa48a66de8fd74d1c24c3f6c59b7bdaf Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9265865 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5155 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-4e88" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXN%2Fu%2FmMax3XoCP0AFWcpZKbNV8XHw%2BATTbuxbtGweURhYGKrPu0srqqIp%2BzD2Rzrb0igP3buHMkxUJndEZ%2FJfLRTltkNPrE61qwPxwD97dq%2FGcnYIqb3jR6QQHvc5lUoi3guWtJQhmEgYSmKAp%2FlFXl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72efba5aad319a2a-FRA expires Wed, 12 Jul 2023 22:49:09 GMT
GET H2	200	autoptimize_single_460811f62a4c1c302d9b38fc3c754fb7.php Show response csgofreeskins.eu/wp-content/cache/autoptimize/	8 KB 4 KB	150ms 148ms	Script text/javascript	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Full URL https://csgofreeskins.eu/wp-content/cache/autoptimize/autoptimize_single_460811f62a4c1c302d9b38fc3c754fb7.php Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / PHP/7.3.32 Resource Hash 2115c58ce3a890f65a24bda0c8444563e1e03297a1abe4df9f092f75fb4cb139 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding gzip last-modified Thu, 16 Jul 2020 20:26:31 GMT server nginx x-powered-by PHP/7.3.32 etag 5a5d30837298507de34ccfd98a445f51 vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control max-age=2592000, public, immutable, max-age=30672000, public, immutable content-length 3383 expires Sun, 21 Aug 2022 22:49:09 GMT, Wed, 12 Jul 2023 22:49:09 GMT
GET H2	200	autoptimize_b1b2eef97c4f1f3a5f649f3dcd60c5b2.php Show response csgofreeskins.eu/wp-content/cache/autoptimize/	474 KB 113 KB	150ms 148ms	Script text/javascript	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Full URL https://csgofreeskins.eu/wp-content/cache/autoptimize/autoptimize_b1b2eef97c4f1f3a5f649f3dcd60c5b2.php Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / PHP/7.3.32 Resource Hash fec0312bffbe52a96bb334e824525d07447db866d1e6879f8aa5d547f1e41a14 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT content-encoding gzip last-modified Thu, 13 May 2021 16:42:31 GMT server nginx x-powered-by PHP/7.3.32 etag 00214c46bcc4bf8141c9c2bc62e8e3d9 vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control max-age=2592000, public, immutable, max-age=30672000, public, immutable content-length 115396 expires Sun, 21 Aug 2022 22:49:09 GMT, Wed, 12 Jul 2023 22:49:09 GMT
GET H2	200	loader.js Show response www.smartsuppchat.com/	18 KB 5 KB	74ms 21ms	Script application/javascript	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.smartsuppchat.com/loader.js? Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a320df24001eaff2b9da352bcf0d72a65d30488fdf52f9d7364fa0358d27075d Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-77-nzt Abk73BBiSr7/OQAAAA x-accel-expires @1658530152 date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br etag W/"623a0cdb-4792" last-modified Tue, 22 Mar 2022 17:52:27 GMT server CDN77-Turbo x-77-nzt-ray S4OxWToYHq0 x-77-cache HIT content-type application/javascript cache-control max-age=300, public, s-maxage=60 x-cache HIT x-age 57 x-77-pop frankfurtDE expires Tue, 22 Mar 2022 17:58:26 GMT
GET H2	200	640px-NAVI_Logo.svg.png upload.wikimedia.org/wikipedia/ru/thumb/5/5f/NAVI_Logo.svg/	21 KB 23 KB	117ms 49ms	Image image/png	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/ru/thumb/5/5f/NAVI_Logo.svg/640px-NAVI_Logo.svg.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash 5ef9189a81163c83f4528e9db5a155ea27333b1da2277e4848036b49be5120f4 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 07:26:44 GMT x-content-security-policy-report-only default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json& nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 55345 x-cache-status hit-front content-security-policy-report-only default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json& x-cache cp3057 hit, cp3051 hit/10 content-disposition inline;filename*=UTF-8''NAVI_Logo.svg.png server-timing cache;desc="hit-front", host;desc="cp3051" content-length 21572 x-client-ip 2001:1b60:1010:2:1012:2e48:4abb:fda9 accept-ranges bytes last-modified Sun, 01 Aug 2021 20:17:11 GMT server ATS/8.0.8 etag 83e0ffb60ab07783163502caa50ee41e x-webkit-csp-report-only default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json& strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version timing-allow-origin *
GET H2	200	ak47-fire-serpent.png csgofreeskins.eu/wp-content/uploads/2017/06/	71 KB 71 KB	113ms 110ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/ak47-fire-serpent.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 989df9df715ebcc01a844ebff9c18759317cd34c3223072d169c3a36b7cdd090 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:47 GMT server nginx etag "59403d2b-11c50" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 72784 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	glock-fade.png csgofreeskins.eu/wp-content/uploads/2017/06/	59 KB 59 KB	76ms 74ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/glock-fade.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 68b493b6a75b9c92ffb570af35eb7fc07d46c3c5068e6f12a4e0d31737afdb73 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:30:02 GMT server nginx etag "59403d3a-ec52" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 60498 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	desert-eagle-blaze.png csgofreeskins.eu/wp-content/uploads/2017/06/	77 KB 77 KB	149ms 147ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/desert-eagle-blaze.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash e52dbc7f0d4a04dfaff8fc38b151ff44d2a72bb37d5bab492ceeae40014ba1dc Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:30:00 GMT server nginx etag "59403d38-1338c" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 78732 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a1s-knight.png csgofreeskins.eu/wp-content/uploads/2017/06/	45 KB 45 KB	148ms 146ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a1s-knight.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash ffe65f3a1e3dbb6ac9bda5037cfd3b055c060c285fe2f40552189a6986f01618 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:53 GMT server nginx etag "59403d31-b444" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 46148 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a1s-hot-rod.png csgofreeskins.eu/wp-content/uploads/2017/06/	43 KB 43 KB	149ms 147ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a1s-hot-rod.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 4fe47c46caf0ad3369f77283e4f62d1f0580bc916fcba90f8abe750638dc80cf Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:52 GMT server nginx etag "59403d30-ac63" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 44131 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a1s-icarus-fell.png csgofreeskins.eu/wp-content/uploads/2017/06/	53 KB 53 KB	148ms 147ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a1s-icarus-fell.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 18316eda6760eddc6415ba1469467dbe026aa02b27760cf7ed549086ff23a132 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:55 GMT server nginx etag "59403d33-d445" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 54341 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a1s-master-piece.png csgofreeskins.eu/wp-content/uploads/2017/06/	60 KB 60 KB	148ms 147ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a1s-master-piece.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 3547fcbd894424a9837a7f1b6d7061a764a73691a10249da25d74f980c00f9d2 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:30:07 GMT server nginx etag "59403d3f-f063" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 61539 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a4-howl.png csgofreeskins.eu/wp-content/uploads/2017/06/	76 KB 77 KB	148ms 146ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a4-howl.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 5fc9b4238f84a294591280cfd6ff083dd797b5f50db1129ffaf0c760bbadd546 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:56 GMT server nginx etag "59403d34-1319a" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 78234 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	m4a4-poseidon.png csgofreeskins.eu/wp-content/uploads/2017/06/	87 KB 87 KB	150ms 148ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/m4a4-poseidon.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 311e6eaf86cb181046e3f67b1deb9536f947226f4c27f5484e85784ccbad4f8a Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:58 GMT server nginx etag "59403d36-15c77" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 89207 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	bowie-knife-marble-fade.png csgofreeskins.eu/wp-content/uploads/2017/06/	53 KB 54 KB	149ms 148ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/bowie-knife-marble-fade.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 9be3b7c168ae5f878432db955537407a4b346416f13a68eb94f11266cba05709 Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:30:06 GMT server nginx etag "59403d3e-d5fc" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 54780 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	awp-dragon-lore.png csgofreeskins.eu/wp-content/uploads/2017/06/	89 KB 90 KB	149ms 148ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/06/awp-dragon-lore.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 12e95fc5c5e6144002c5950ab2f570091ed41883c3d5f5d83f008cfc74ba82ea Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Tue, 13 Jun 2017 19:29:50 GMT server nginx etag "59403d2e-16539" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 91449 expires Sat, 22 Jul 2023 22:49:09 GMT
GET H2	200	04_1.png static.copyrighted.com/badges/125x25/	866 B 2 KB	88ms 28ms	Image image/png	2606:4700:3032::ac43:c05f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.copyrighted.com/badges/125x25/04_1.png Requested by Host: navi-drop.fun URL: https://navi-drop.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c05f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e589b18aab8c1d0badbb6fe1bd1dd4398285cc850c7d8f2ffc789ce0c8dda7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://navi-drop.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2080042 vary Accept-Encoding content-length 866 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 26 Feb 2018 19:24:58 GMT server cloudflare x-frame-options SAMEORIGIN etag "5a945f0a-362" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZeDCr9sxNBETb2pH2rqDedqzfUVwzeSsDlzLtfTRRArilVK4zEIb%2FbInfvv8FXoLWmRyvDJGFrT%2FntPGcDdBFHjxxqRK1kFNWEjETqDxEd0KO3S%2FUFKQngSbKSrLbt325%2BJvRmBEayneDyHtNjBqnii7jpZ"}],"group":"cf-nel","max_age":604800} content-type image/png alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=2592000, public accept-ranges bytes cf-ray 72efba5acadd9b1c-FRA expires Thu, 28 Jul 2022 21:01:47 GMT
GET H2	200	cybere499e8e96a9.jpg s5o.ru/storage/simple/cyber/edt/66/6c/02/cb/	157 KB 157 KB	174ms 57ms	Image image/jpeg	37.209.240.8 SPORTS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s5o.ru/storage/simple/cyber/edt/66/6c/02/cb/cybere499e8e96a9.jpg Requested by Host: posh-conflicts.000webhostapp.com URL: https://posh-conflicts.000webhostapp.com/123.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 37.209.240.8 , Russian Federation, ASN58045 (SPORTS-AS, RU), Reverse DNS Software nginx / Resource Hash b995cec9ad392db40144864d3a1b7b235df3c628e20732c16ff409f1c62ef711 Request headers accept-language de-DE,de;q=0.9 Referer https://posh-conflicts.000webhostapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Sat, 22 Jan 2022 19:49:31 GMT server nginx etag "61ec5fcb-27240" content-type image/jpeg cache-control max-age=86400, public, must-revalidate accept-ranges bytes content-length 160320 expires Sat, 23 Jul 2022 19:55:57 GMT
GET H2	200	bg001-1.png csgofreeskins.eu/wp-content/uploads/2017/03/	43 KB 43 KB	138ms 138ms	Image image/png	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/03/bg001-1.png Requested by Host: posh-conflicts.000webhostapp.com URL: https://posh-conflicts.000webhostapp.com/123.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 67c2150ec3bbf33f1163966a1aa60926dfee777c4ceadc7da370c084af4d7799 Request headers accept-language de-DE,de;q=0.9 Referer https://posh-conflicts.000webhostapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Wed, 01 Mar 2017 17:50:31 GMT server nginx etag "58b709e7-ab8f" content-type image/png cache-control max-age=31536000 accept-ranges bytes, bytes content-length 43919 expires Sat, 22 Jul 2023 22:49:09 GMT
GET DATA	200 OK	truncated /	123 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e0e3620aa725b6d08666b9164e827d79bc3d3ec387c672b3291d8f689502c11 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	288 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f19889d154512803a28635eaac5bb593138c3fd3fadd47031391bc057319aec9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H2	200	csgo-skin-reward.jpg csgofreeskins.eu/wp-content/uploads/2017/08/	19 KB 19 KB	138ms 138ms	Image image/jpeg	212.91.26.8 ATMAN-ISP-AS ATM ...
General Check archive.org Show headers Download Go to Show image Full URL https://csgofreeskins.eu/wp-content/uploads/2017/08/csgo-skin-reward.jpg Requested by Host: posh-conflicts.000webhostapp.com URL: https://posh-conflicts.000webhostapp.com/123.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.91.26.8 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL), Reverse DNS web20.mydevil.net Software nginx / Resource Hash 28d30a21b2a81180f22a6664e8a4f01933b1a5ac335c54f539072fadbf8b1f35 Request headers accept-language de-DE,de;q=0.9 Referer https://posh-conflicts.000webhostapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 22:49:09 GMT last-modified Sun, 13 Aug 2017 20:15:29 GMT server nginx etag "5990b361-4cfd" content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes, bytes content-length 19709 expires Sat, 22 Jul 2023 22:49:09 GMT
GET		glyphicons-halflings-regular.woff2 csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/	0 0
GET H2	200	b9a578d841a843f46a6c7bb0fd3dca0d72d65ad9.json Show response bootstrap.smartsuppchat.com/widget/	1 KB 644 B	77ms 27ms	XHR application/json	18.194.46.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.smartsuppchat.com/widget/b9a578d841a843f46a6c7bb0fd3dca0d72d65ad9.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.46.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-46-141.eu-central-1.compute.amazonaws.com Software / Resource Hash b14f659c1fa7fc6adc0878a29e72f5d73041704418f483fc74ec0b1562e1a0f7 Request headers Referer https://navi-drop.fun/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers x-version 59b565974e575f0f8465de75e4e9d5fe420304b7 date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-hit redis etag "40f-OxXAsXGnwoBQOXAsSNarHe4nQHE" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, max-age=0, must-revalidate
GET		glyphicons-halflings-regular.woff csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/	0 0
GET H2	200	asset-manifest.json Show response widget-v2.smartsuppcdn.com/	2 KB 706 B	147ms 19ms	XHR application/json	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/asset-manifest.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 666518ed9e91c024b839dbdcfac7f45900012d89c998a931f09482279c27e269 Request headers Referer https://navi-drop.fun/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers x-77-pop frankfurtDE date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-77-nzt-ray av89e+Huy4M x-77-cache HIT x-cache HIT x-age 58 x-77-nzt AZySIRAw4Ur/OgAAAA x-accel-expires @1658530151 last-modified Wed, 15 Jun 2022 15:32:06 GMT server CDN77-Turbo etag W/"62a9fb76-6ce" content-type application/json access-control-allow-origin * cache-control max-age=300, public, s-maxage=60 expires Wed, 15 Jun 2022 15:51:04 GMT
GET		glyphicons-halflings-regular.ttf csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/	0 0
GET H2	200	runtime-main.f96a8cb3.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame E43E	2 KB 2 KB	64ms 20ms	Script application/javascript	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/runtime-main.f96a8cb3.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ee9f6ee9fe518505cd93dbfe14657f396eec263954145af01c6198b38dc66d2a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-77-pop frankfurtDE date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-77-nzt-ray +GvDe759hUg x-77-cache HIT x-cache HIT x-age 3222126 x-77-nzt AZySIRButzz/bioxAA x-accel-expires @1686844023 last-modified Wed, 15 Jun 2022 15:32:06 GMT server CDN77-Turbo etag W/"62a9fb76-9bd" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Thu, 15 Jun 2023 15:47:03 GMT
GET H2	200	6.fffa7e5c.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame E43E	510 KB 142 KB	108ms 64ms	Script application/javascript	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/6.fffa7e5c.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash aaddbc751b83029cf015c5db33c759ef1aacea5686e9e6782eee735956e34a7f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-77-pop frankfurtDE date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-77-nzt-ray of3J54plObQ x-77-cache HIT x-cache HIT x-age 3222187 x-77-nzt AZySIRAuCl//qyoxAA x-accel-expires @1686843962 last-modified Wed, 15 Jun 2022 15:32:06 GMT server CDN77-Turbo etag W/"62a9fb76-7f9f8" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Thu, 15 Jun 2023 15:46:02 GMT
GET H2	200	main.500b0156.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame E43E	117 KB 27 KB	84ms 40ms	Script application/javascript	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/main.500b0156.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 652369a1d8494c6f8e38a3af225e3834f0162a04c318c26fd9558af097d7415c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-77-pop frankfurtDE date Fri, 22 Jul 2022 22:49:09 GMT content-encoding br x-77-nzt-ray c1agXP4UAKY x-77-cache HIT x-cache HIT x-age 3222126 x-77-nzt AZySIRA7Hcn/bioxAA x-accel-expires @1686844023 last-modified Wed, 15 Jun 2022 15:32:06 GMT server CDN77-Turbo etag W/"62a9fb76-1d29d" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Thu, 15 Jun 2023 15:47:03 GMT
GET H2	200	en.json Show response widget-v2.smartsuppcdn.com/translates/ Frame E43E	4 KB 2 KB	20ms 20ms	Fetch application/json	2a02:6ea0:c700::17 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/translates/en.json?v=4c0e4dd11fb1158445a57e06376e80d2564860cc Requested by Host: widget-v2.smartsuppcdn.com URL: https://widget-v2.smartsuppcdn.com/static/js/main.500b0156.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 012790c3e6ea7aa6b6e45cd1d578dafd3fc382323dde28098060a59c40524427 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-77-pop frankfurtDE date Fri, 22 Jul 2022 22:49:10 GMT content-encoding br x-77-nzt-ray Ymh1dEyiEIQ x-77-cache HIT x-cache HIT x-age 3222161 x-77-nzt AZySIRD4DSb/kSoxAA x-accel-expires @1686843989 last-modified Wed, 15 Jun 2022 15:31:09 GMT server CDN77-Turbo etag W/"62a9fb3d-fc9" content-type application/json access-control-allow-origin * cache-control max-age=31536000, public, immutable expires Thu, 15 Jun 2023 15:46:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

csgofreeskins.eu

URL

https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2

Domain

csgofreeskins.eu

URL

https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff

Domain

csgofreeskins.eu

URL

https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| makeAuthOnClick object| authSettings function| postXHR function| J function| j function| openAuth function| doStat function| $ function| jQuery function| X object| ajax_var object| _smartsupp function| smartsupp object| authTriggers object| _gsScope object| _gsQueue boolean| SMARTSUPP_LOADED object| $smartsupp object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| notifyBox undefined| notifyTimer number| notifyDivMax number| notifyTimeMin number| notifyTimeMax number| notifyAppearSpeed number| notifyDisappearSpeed string| notifyAddPos string| notifyTogglePos string| notifyDiv string| notifyToggleDiv string| notifications_all object| notifications function| notifyInit function| notifyAdd function| notifyRandom function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| moment function| jarallax object| skrollr object| youplay object| true object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| tl

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.navi-drop.fun/	1970-01-20 13:27:46	Name: __ddg1_ Value: jlqWdqrU0zvnFly8vopR
			navi-drop.fun/	1969-12-31 23:59:59	Name: session Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjMxMDEyLCJvd25lciI6MTU4NiwiZG9tYWluSUQiOjYxNDMsImRvbWFpbiI6Im5hdmktZHJvcC5mdW4iLCJwYXRoIjoiIiwicmVhbElwIjoiODQuMTkuMTc1LjE4MyIsImlhdCI6MTY1ODUzMDE0OCwiZmFrZV92aXNpdCI6dHJ1ZX0.oSdpSMDf0qRQo3jpbtoHrXrgojcimhU7L6BkDb76v7s
			navi-drop.fun/	1970-01-20 04:42:10	Name: __session:0.0373863074191394: Value: https:
			navi-drop.fun/	1970-01-20 09:04:14	Name: ssupp.vid Value: vi5VOt33j2GB
			navi-drop.fun/	1970-01-20 09:04:14	Name: ssupp.visits Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://navi-drop.fun/ Message: Access to font at 'https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2' from origin 'https://navi-drop.fun' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://navi-drop.fun/ Message: Access to font at 'https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff' from origin 'https://navi-drop.fun' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://navi-drop.fun/ Message: Access to font at 'https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.ttf' from origin 'https://navi-drop.fun' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://csgofreeskins.eu/wp-content/themes/freecsgoskins/assets/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;