urlscan.io logo urlscan.io
SecurityTrails logo

csgocheats.neverban.xaa.pl Open in urlscan Pro
94.23.90.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://csgocheats.neverban.xaa.pl/
Submission Tags: phishingrod
Submission: On October 15 via api from DE — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 25 HTTP transactions. The main IP is 94.23.90.35, located in Poland and belongs to OVH, FR. The main domain is csgocheats.neverban.xaa.pl.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 94.23.90.35 16276 (OVH)
1 142.250.186.74 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
1 1 212.91.26.248 15694 (ATMAN-ISP...)
1 212.91.26.249 57367 (ECO-ATMAN...)
1 195.78.67.57 41079 (CF-GDA)
2 146.75.116.193 54113 (FASTLY)
3 142.250.185.131 15169 (GOOGLE)
25 8
14    94.23.90.35 (Poland)

ASN16276 (OVH, FR)
PTR: s33.proserwer.pl
csgocheats.neverban.xaa.pl
gocheats.eu
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com
1    212.91.26.248 (Warsaw, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: ip-212-91-26-248.gadu-gadu.pl
www.gadu-gadu.pl
1    212.91.26.249 (Warsaw, Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-212-91-26-249.gadu-gadu.pl
gadu-gadu.pl
1    195.78.67.57 (Poland)

ASN41079 (CF-GDA, PL)
PTR: s179.cyber-folks.pl
cskatowice.com
2    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
3    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 gocheats.eu
gocheats.eu
358 KB
3 gstatic.com
fonts.gstatic.com
108 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7529
380 KB
2 gadu-gadu.pl
www.gadu-gadu.pl
gadu-gadu.pl — Cisco Umbrella Rank: 484457
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
35 KB
1 cskatowice.com
cskatowice.com
2 KB
1 xaa.pl
csgocheats.neverban.xaa.pl
29 KB
25 8
Domain Requested by
13 gocheats.eu csgocheats.neverban.xaa.pl
gocheats.eu
3 fonts.gstatic.com fonts.googleapis.com
2 i.imgur.com csgocheats.neverban.xaa.pl
2 cdnjs.cloudflare.com csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com
1 cskatowice.com csgocheats.neverban.xaa.pl
1 gadu-gadu.pl csgocheats.neverban.xaa.pl
1 www.gadu-gadu.pl 1 redirects
1 ajax.googleapis.com csgocheats.neverban.xaa.pl
1 fonts.googleapis.com csgocheats.neverban.xaa.pl
1 csgocheats.neverban.xaa.pl
25 10

This site contains links to these domains. Also see Links.

Domain
gocheats.eu
steamcommunity.com
Subject Issuer Validity Valid
*.gocheats.eu
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cskatowice.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://csgocheats.neverban.xaa.pl/
Frame ID: 0933BDB91F540BCA6F33A571F3CFDBAE
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Private Cheats

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

998 kB
Transfer

1542 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
csgocheats.neverban.xaa.pl/ 		134 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
faa609d74253ffb8de4e7a4d8677d5ba74836f494625413d1b5658abd81d2920

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 15 Oct 2023 00:12:17 GMT
expires
Sat, 14 Oct 2023 00:12:17 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-nginx-upstream-cache-status
BYPASS
x-server-powered-by
Nginx
css
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 15 Oct 2023 00:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 00:12:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 15 Oct 2023 00:12:17 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:12:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7439558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5872
last-modified
Thu, 22 Jun 2023 11:02:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3a-16f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuqt%2FhD1GnsLYS3d38RQ8I1AbkiSzHjEBAXIXuhpmzYfe2L%2FaVezePvibfkbBQWUsoZbrmvZln4ko33LTxHEhOsmhxE%2Fw1icVfPymaoSju9GZqpOLlEXOYJer8cbxlO8Tjt53VuF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8163d9824ad3bf42-WAW
expires
Fri, 04 Oct 2024 00:12:17 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 20:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 20:31:01 GMT
cookie.js
gocheats.eu/public/style_images/lameria/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/style_images/lameria/js/cookie.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
prototype.js
gocheats.eu/public/js/3rd_party/ 		177 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/3rd_party/prototype.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:10:05 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.js
gocheats.eu/public/js/ 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
scriptaculous-cache.js
gocheats.eu/public/js/3rd_party/scriptaculous/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:11:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.lang.js
gocheats.eu/cache/lang_cache/2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/cache/lang_cache/2/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:15:37 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
GCi999.png
gocheats.eu/img/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocheats.eu/img/GCi999.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
last-modified
Fri, 15 Mar 2019 15:13:50 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
252015
x-nginx-upstream-cache-status
HIT
status.asp
gadu-gadu.pl/users/
Redirect Chain
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
212.91.26.249 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-212-91-26-249.gadu-gadu.pl
Software
nginx /
Resource Hash
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 00:12:18 GMT
content-encoding
gzip
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
3178
Content-Type
image/png

Redirect headers

Location
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Date
Sun, 15 Oct 2023 00:12:17 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
154
Content-Type
text/html
login-steam-icon.png
cskatowice.com/public/style_extra/signin/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.57 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s179.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:12:17 GMT
last-modified
Mon, 21 Nov 2016 19:03:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1975
x-xss-protection
1; mode=block
expires
max-age=29030400, public
default_large.png
gocheats.eu/public/style_images/lameria/profile/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocheats.eu/public/style_images/lameria/profile/default_large.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
last-modified
Tue, 03 May 2016 16:42:18 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2589
x-nginx-upstream-cache-status
HIT
2QCNnUm.png
i.imgur.com/ 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/2QCNnUm.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:12:17 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
2098317
x-cache
Miss from cloudfront, MISS, HIT
content-length
927
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 09 Aug 2016 12:00:58 GMT
server
cat factory 1.0
x-timer
S1697328738.973728,VS0,VE1
etag
"f915bca0362cf332c74b70a475c3ea51"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jOqogCFAVeORXNUwaNeci47IJ9Tg0uCETsIQct3YLNCGyjzYMr5mnQ==
x-cache-hits
0, 1
ips.quickpm.js
gocheats.eu/public/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/ips.quickpm.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:57 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.hovercard.js
gocheats.eu/public/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/ips.hovercard.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:56 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.board.js
gocheats.eu/public/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gocheats.eu/public/js/ips.board.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Nov 2023 00:12:17 GMT
date
Sun, 15 Oct 2023 00:12:17 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
pM9xQTq.png
i.imgur.com/ 		378 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/pM9xQTq.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:12:17 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C5
age
2643279
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
387559
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 04 Dec 2017 14:25:11 GMT
server
cat factory 1.0
x-timer
S1697328738.973644,VS0,VE0
etag
"5ec167b4c65453a9da25bb8f03248abc"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pFnrm_vfGu7mn7fYJYU6XmA5MVAyHt5azc0yrqWgtIhjnmApgfo1UQ==
x-cache-hits
7, 24
highlight_faint.png
gocheats.eu/public/style_images/lameria/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
highlight.png
gocheats.eu/public/style_images/lameria/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocheats.eu/public/style_images/lameria/highlight.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
194064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:17:53 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 00:12:17 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3208968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Thu, 22 Jun 2023 11:02:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3a-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyn7SC9sVjAVyeYpVM2dXtE3rWOeLWdEEK0qn17L0xfY1UwAj72taq7%2F9yfy4po41PdwT1IIqcrAJThUVI0f6HBzC5rGumHtsSv4O5eAC7ybSrcnNCPESJB6AdIDBEEOKEQLtxFo"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8163d983f84ffc6b-WAW
expires
Fri, 04 Oct 2024 00:12:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:19:24 GMT
x-content-type-options
nosniff
age
193973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35120
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:03:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:19:24 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:27:08 GMT
x-content-type-options
nosniff
age
193509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26640
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:27:08 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| _quickpm function| _idx string| markerURL string| unreadIcon object| skip object| cookies string| title string| cookie

1 Cookies

Domain/Path Name / Value
csgocheats.neverban.xaa.pl/ Name: session_id
Value: 70035452bacc4c7cf1cc1beb34700b06

16 Console Messages

Source Level URL
Text
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/js/cookie.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.hovercard.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.board.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/highlight.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
csgocheats.neverban.xaa.pl
cskatowice.com
fonts.googleapis.com
fonts.gstatic.com
gadu-gadu.pl
gocheats.eu
i.imgur.com
www.gadu-gadu.pl
104.17.25.14
142.250.185.131
142.250.186.138
142.250.186.74
146.75.116.193
195.78.67.57
212.91.26.248
212.91.26.249
94.23.90.35
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
b13d4ba577f8a1e50ca84576732bd47c5608583931791b476d06bf7bed513585
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d
faa609d74253ffb8de4e7a4d8677d5ba74836f494625413d1b5658abd81d2920
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46