URL: http://csgocheats.neverban.xaa.pl/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On June 15 via api from DE — Scanned from PL

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 20 HTTP transactions. The main IP is 94.23.90.35, located in Poland and belongs to OVH, FR. The main domain is csgocheats.neverban.xaa.pl.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 94.23.90.35 16276 (OVH)
1 172.217.18.10 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
1 1 212.91.26.249 57367 (ECO-ATMAN...)
1 212.91.26.248 57367 (ECO-ATMAN...)
1 2 195.78.67.57 41079 (CF-GDA)
1 1 146.75.116.193 54113 (FASTLY)
2 146.75.120.193 54113 (FASTLY)
2 172.217.16.195 15169 (GOOGLE)
20 8
Apex Domain
Subdomains
Transfer
9 gocheats.eu
gocheats.eu
353 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6533
381 KB
2 gstatic.com
fonts.gstatic.com
82 KB
2 cskatowice.com
cskatowice.com
3 KB
2 gadu-gadu.pl
www.gadu-gadu.pl
gadu-gadu.pl — Cisco Umbrella Rank: 447279
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
ajax.googleapis.com — Cisco Umbrella Rank: 422
35 KB
1 xaa.pl
csgocheats.neverban.xaa.pl
8 KB
20 8
Domain Requested by
9 gocheats.eu csgocheats.neverban.xaa.pl
gocheats.eu
3 i.imgur.com 1 redirects csgocheats.neverban.xaa.pl
gocheats.eu
2 fonts.gstatic.com fonts.googleapis.com
2 cskatowice.com 1 redirects csgocheats.neverban.xaa.pl
2 cdnjs.cloudflare.com csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com
1 gadu-gadu.pl csgocheats.neverban.xaa.pl
1 www.gadu-gadu.pl 1 redirects
1 ajax.googleapis.com csgocheats.neverban.xaa.pl
1 fonts.googleapis.com csgocheats.neverban.xaa.pl
1 csgocheats.neverban.xaa.pl
20 10

This site contains links to these domains. Also see Links.

Domain
gocheats.eu
steamcommunity.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-13 -
2024-03-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: http://csgocheats.neverban.xaa.pl/
Frame ID: F50C84A3BE17B39FAEE2805DBE286B40
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Private Cheats

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+ipb_[^>]+\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

30 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

946 kB
Transfer

1395 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Request Chain 10
  • http://cskatowice.com/public/style_extra/signin/login-steam-icon.png HTTP 301
  • https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Request Chain 12
  • http://i.imgur.com/2QCNnUm.png HTTP 301
  • https://i.imgur.com/2QCNnUm.png

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
csgocheats.neverban.xaa.pl/
36 KB
8 KB
Document
General
Full URL
http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
56991a6f83f74e148153e8f5121d8e91fc1bbbee2ce6a6acb5712cbb0190c3c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 15 Jun 2023 00:10:18 GMT
Expires
Wed, 14 Jun 2023 00:10:18 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Nginx-Upstream-Cache-Status
BYPASS
X-Server-Powered-By
Nginx
css
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 00:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 00:10:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 00:10:19 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1995940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itK73nZTJBYOjtL%2FEIrzHJAJEETiil9D9v35OIAV4bX0zRmz2Q9T88TR59DCju9dHInFUF2XTkruE0aO%2FyVoSTaLBC%2BkfQ6LZunKGPbJphtBwx7ZQSDOKfdRQG%2FMs3eY9%2FvTAzKG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d7696dcafff3486-WAW
expires
Tue, 04 Jun 2024 00:10:18 GMT
index.php
gocheats.eu/public/min/
97 KB
22 KB
Stylesheet
General
Full URL
http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
4b32e8ca73c2555f35b99c17cd4e887461d5b08277e6d37b464d3cc6484ecdc7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
Fri, 14 Jun 2024 00:10:19 GMT
Date
Thu, 15 Jun 2023 00:10:19 GMT
X-Server-Powered-By
Nginx
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2019 10:16:34 GMT
Server
nginx
ETag
W/"pub1559297794"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Connection
keep-alive
X-Nginx-Upstream-Cache-Status
BYPASS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:49:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
213652
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33333
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 11 Jun 2024 12:49:26 GMT
cookie.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
http://gocheats.eu/public/style_images/lameria/js/cookie.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
http://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

index.php
gocheats.eu/public/min/
189 KB
48 KB
Script
General
Full URL
http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&g=js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
9226d203e76e6833d15dea74a396f7c6b2548b042cdd5572a9101417bb05c89e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
Fri, 14 Jun 2024 00:10:19 GMT
Date
Thu, 15 Jun 2023 00:10:19 GMT
X-Server-Powered-By
Nginx
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2019 10:11:35 GMT
Server
nginx
ETag
W/"pub1559297495"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
max-age=31536000
Connection
keep-alive
X-Nginx-Upstream-Cache-Status
BYPASS
index.php
gocheats.eu/public/min/
128 KB
34 KB
Script
General
Full URL
http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&charset=UTF-8&f=public/js/ipb.js,cache/lang_cache/2/ipb.lang.js,public/js/ips.hovercard.js,public/js/ips.quickpm.js,public/js/ips.board.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
85c1fb87852d37e18c767c9e1791406c407548f62121863500578949dfab688c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
Fri, 14 Jun 2024 00:10:19 GMT
Date
Thu, 15 Jun 2023 00:10:19 GMT
X-Server-Powered-By
Nginx
Content-Encoding
gzip
Last-Modified
Fri, 31 May 2019 10:15:37 GMT
Server
nginx
ETag
W/"pub1559297737"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
max-age=31536000
Connection
keep-alive
X-Nginx-Upstream-Cache-Status
BYPASS
GCi999.png
gocheats.eu/img/
246 KB
246 KB
Image
General
Full URL
http://gocheats.eu/img/GCi999.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
Mon, 14 Aug 2023 00:10:19 GMT
Date
Thu, 15 Jun 2023 00:10:19 GMT
X-Server-Powered-By
Nginx
Last-Modified
Fri, 15 Mar 2019 15:13:50 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
252015
X-Nginx-Upstream-Cache-Status
STALE
status.asp
gadu-gadu.pl/users/
Redirect Chain
  • http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
3 KB
3 KB
Image
General
Full URL
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
212.91.26.248 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-212-91-26-248.gadu-gadu.pl
Software
nginx /
Resource Hash
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 00:10:19 GMT
content-encoding
gzip
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
3178
Content-Type
image/png

Redirect headers

Location
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Date
Thu, 15 Jun 2023 00:10:19 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
154
Content-Type
text/html
login-steam-icon.png
cskatowice.com/public/style_extra/signin/
Redirect Chain
  • http://cskatowice.com/public/style_extra/signin/login-steam-icon.png
  • https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
2 KB
2 KB
Image
General
Full URL
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
H2
Server
195.78.67.57 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s179.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
last-modified
Mon, 21 Nov 2016 19:03:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1975
x-xss-protection
1; mode=block
expires
max-age=29030400, public

Redirect headers

date
Thu, 15 Jun 2023 00:10:19 GMT
server
LiteSpeed
vary
User-Agent
content-type
text/html
location
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
x-xss-protection
1; mode=block
expires
max-age=29030400, public
default_large.png
gocheats.eu/public/style_images/lameria/profile/
3 KB
3 KB
Image
General
Full URL
http://gocheats.eu/public/style_images/lameria/profile/default_large.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
Mon, 14 Aug 2023 00:10:19 GMT
Date
Thu, 15 Jun 2023 00:10:19 GMT
X-Server-Powered-By
Nginx
Last-Modified
Tue, 03 May 2016 16:42:18 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2589
X-Nginx-Upstream-Cache-Status
STALE
2QCNnUm.png
i.imgur.com/
Redirect Chain
  • http://i.imgur.com/2QCNnUm.png
  • https://i.imgur.com/2QCNnUm.png
927 B
1 KB
Image
General
Full URL
https://i.imgur.com/2QCNnUm.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: http://csgocheats.neverban.xaa.pl/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
543508
x-cache
Miss from cloudfront, MISS, HIT
content-length
927
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-etou8220094-FRA
last-modified
Tue, 09 Aug 2016 12:00:58 GMT
server
cat factory 1.0
x-timer
S1686787819.336326,VS0,VE1
etag
"f915bca0362cf332c74b70a475c3ea51"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XjuiyGrMFEHqwFSpJskYBUzGvPOlXeRlydOL-xneKF4P7wp-szI86g==
x-cache-hits
0, 1

Redirect headers

X-Served-By
cache-fra-eddf8230137-FRA
Date
Thu, 15 Jun 2023 00:10:19 GMT
Strict-Transport-Security
max-age=300
Server
cat factory 1.0
X-Timer
S1686787819.280473,VS0,VE0
X-Cache
HIT
Access-Control-Allow-Methods
GET, OPTIONS
Location
https://i.imgur.com/2QCNnUm.png
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
0
Retry-After
0
X-Cache-Hits
0
pM9xQTq.png
i.imgur.com/
378 KB
379 KB
Image
General
Full URL
https://i.imgur.com/pM9xQTq.png
Requested by
Host: gocheats.eu
URL: http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://gocheats.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1748881
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
387559
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-etou8220094-FRA
last-modified
Mon, 04 Dec 2017 14:25:11 GMT
server
cat factory 1.0
x-timer
S1686787819.336265,VS0,VE3
etag
"5ec167b4c65453a9da25bb8f03248abc"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tG-P-86tWEJqAon0A5U3velDIEdeVp-xSKy6D50_yOCe6LqsLulg0g==
x-cache-hits
12, 1
highlight_faint.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
http://gocheats.eu/public/style_images/lameria/highlight_faint.png
Requested by
Host: gocheats.eu
URL: http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

highlight.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
http://gocheats.eu/public/style_images/lameria/highlight.png
Requested by
Host: gocheats.eu
URL: http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
Protocol
HTTP/1.1
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://gocheats.eu/public/min/index.php?ipbv=40da81d309748ca6f9827f9202f6ce1e&f=public/style_css/css_13/ipb_help.css,public/style_css/css_13/calendar_select.css,public/style_css/css_13/ipb_styles.css,public/style_css/css_13/ipb_common.css,public/style_css/css_13/ipshoutbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 00:21:44 GMT
x-content-type-options
nosniff
age
431315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 00:21:44 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
http://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
80713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlttGnRN%2Fq%2FMymGIXWSLLUhBuHh3p3pzyOGzeqMrfbE1VuLZ%2Bi2yc2BRte%2BzPL4PVO7LcwB%2FKf1t4%2BdbUMQKyZA2fPIZ%2B7ZCJzNXFSAG0%2FVhFOHxF8kiymMAxHlIp2cF1QjTozRq"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d7696de6fbf34d4-WAW
expires
Tue, 04 Jun 2024 00:10:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 13:09:47 GMT
x-content-type-options
nosniff
age
385232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35184
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:11:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 13:09:47 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| _quickpm function| _idx function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb string| markerURL string| unreadIcon object| skip object| cookies string| title string| cookie

1 Cookies

Domain/Path Name / Value
csgocheats.neverban.xaa.pl/ Name: session_id
Value: 45309c12fa6d98dfa74629df024acdf6

4 Console Messages

Source Level URL
Text
network error URL: http://gocheats.eu/public/style_images/lameria/js/cookie.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gocheats.eu/public/style_images/lameria/highlight_faint.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gocheats.eu/public/style_images/lameria/highlight.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
csgocheats.neverban.xaa.pl
cskatowice.com
fonts.googleapis.com
fonts.gstatic.com
gadu-gadu.pl
gocheats.eu
i.imgur.com
www.gadu-gadu.pl
104.17.24.14
142.250.186.138
146.75.116.193
146.75.120.193
172.217.16.195
172.217.18.10
195.78.67.57
212.91.26.248
212.91.26.249
94.23.90.35
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
4b32e8ca73c2555f35b99c17cd4e887461d5b08277e6d37b464d3cc6484ecdc7
56991a6f83f74e148153e8f5121d8e91fc1bbbee2ce6a6acb5712cbb0190c3c7
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
85c1fb87852d37e18c767c9e1791406c407548f62121863500578949dfab688c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9226d203e76e6833d15dea74a396f7c6b2548b042cdd5572a9101417bb05c89e
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46