URL: https://csgocheats.neverban.xaa.pl/
Submission Tags: phishingrod
Submission: On January 13 via api from DE — Scanned from PL

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 94.23.90.35, located in Poland and belongs to OVH, FR. The main domain is csgocheats.neverban.xaa.pl.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.23.90.35 16276 (OVH)
1 142.250.186.170 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
10 185.53.177.31 61969 (TEAMINTER...)
1 2 212.91.26.249 57367 (ECO-ATMAN...)
1 195.78.67.57 41079 (CF-GDA)
2 146.75.116.193 54113 (FASTLY)
2 142.250.186.67 15169 (GOOGLE)
21 9
Apex Domain
Subdomains
Transfer
10 gocheats.eu
gocheats.eu
80 B
2 gstatic.com
fonts.gstatic.com
82 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7298
380 KB
2 gadu-gadu.pl
www.gadu-gadu.pl
gadu-gadu.pl — Cisco Umbrella Rank: 491492
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
36 KB
1 cskatowice.com
cskatowice.com
2 KB
1 xaa.pl
csgocheats.neverban.xaa.pl
29 KB
21 8
Domain Requested by
10 gocheats.eu csgocheats.neverban.xaa.pl
2 fonts.gstatic.com fonts.googleapis.com
2 i.imgur.com csgocheats.neverban.xaa.pl
2 cdnjs.cloudflare.com csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com
1 cskatowice.com csgocheats.neverban.xaa.pl
1 gadu-gadu.pl csgocheats.neverban.xaa.pl
1 www.gadu-gadu.pl 1 redirects
1 ajax.googleapis.com csgocheats.neverban.xaa.pl
1 fonts.googleapis.com csgocheats.neverban.xaa.pl
1 csgocheats.neverban.xaa.pl
21 10

This site contains links to these domains. Also see Links.

Domain
gocheats.eu
steamcommunity.com
Subject Issuer Validity Valid
www.csgocheats.neverban.xaa.pl
R3
2024-01-13 -
2024-04-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.parkingcrew.net
Thawte TLS RSA CA G1
2020-07-20 -
2022-09-18
2 years crt.sh
cskatowice.com
R3
2023-12-21 -
2024-03-20
3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-13 -
2024-03-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://csgocheats.neverban.xaa.pl/
Frame ID: 3A624F3900414149ADB839A567BF8E3F
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Private Cheats

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

21
Requests

48 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

615 kB
Transfer

859 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
csgocheats.neverban.xaa.pl/
134 KB
29 KB
Document
General
Full URL
https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
267474d6b4ef8a49d0d7bfd9dbcead718ccf73a64fe6ea5d64ef83479e9c6b03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 13 Jan 2024 01:13:28 GMT
expires
Fri, 12 Jan 2024 01:13:28 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-nginx-upstream-cache-status
BYPASS
x-server-powered-by
Nginx
css
fonts.googleapis.com/
55 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
a4692a7234b95c9908d1a9068f1bc9191815a6b1d9e3b3b84ad12ee10caaaaee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Jan 2024 01:13:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 01:13:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Jan 2024 01:13:28 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 01:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5700357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdmMvNIX3VdgllR4Pj3TTr0d50Iw4Ry5GjCbDm58kKqr9WnWxLVwCJcm7vTM6nO95PxpOF11gyRYPwyP7WxJ8zAqN8j6OJSu5JpKziYZs69%2FngH9292OKjrOp6Gar%2Br%2BgQq%2F7U7c"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8449c6e2cda28fe3-FRA
expires
Thu, 02 Jan 2025 01:13:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Jan 2025 09:16:13 GMT
cookie.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/cookie.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

prototype.js
gocheats.eu/public/js/3rd_party/
0
0
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/prototype.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ipb.js
gocheats.eu/public/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

scriptaculous-cache.js
gocheats.eu/public/js/3rd_party/scriptaculous/
0
0
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ipb.lang.js
gocheats.eu/cache/lang_cache/2/
0
0
Script
General
Full URL
https://gocheats.eu/cache/lang_cache/2/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GCi999.png
gocheats.eu/img/
20 B
20 B
Image
General
Full URL
https://gocheats.eu/img/GCi999.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 01:13:29 GMT
X-Blocked
11015.10
Server
nginx
Content-Length
20
Content-Type
text/html; charset=UTF-8
status.asp
gadu-gadu.pl/users/
Redirect Chain
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
3 KB
3 KB
Image
General
Full URL
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
212.91.26.249 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-212-91-26-249.gadu-gadu.pl
Software
nginx /
Resource Hash
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 01:13:29 GMT
content-encoding
gzip
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
3178
Content-Type
image/png

Redirect headers

Location
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Date
Sat, 13 Jan 2024 01:13:29 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
154
Content-Type
text/html
login-steam-icon.png
cskatowice.com/public/style_extra/signin/
2 KB
2 KB
Image
General
Full URL
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.57 Konstancin-Jeziorna, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s179.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 01:13:28 GMT
last-modified
Mon, 21 Nov 2016 19:03:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1975
x-xss-protection
1; mode=block
expires
max-age=29030400, public
default_large.png
gocheats.eu/public/style_images/lameria/profile/
20 B
20 B
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/profile/default_large.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 01:13:29 GMT
X-Blocked
11015.10
Server
nginx
Content-Length
20
Content-Type
text/html; charset=UTF-8
2QCNnUm.png
i.imgur.com/
927 B
1 KB
Image
General
Full URL
https://i.imgur.com/2QCNnUm.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 01:13:29 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
0
x-cache
Miss from cloudfront, MISS, HIT
content-length
927
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-eddf8230136-FRA
last-modified
Tue, 09 Aug 2016 12:00:58 GMT
server
cat factory 1.0
x-timer
S1705108409.005594,VS0,VE122
etag
"f915bca0362cf332c74b70a475c3ea51"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jOqogCFAVeORXNUwaNeci47IJ9Tg0uCETsIQct3YLNCGyjzYMr5mnQ==
x-cache-hits
0, 1
pM9xQTq.png
i.imgur.com/
378 KB
379 KB
Image
General
Full URL
https://i.imgur.com/pM9xQTq.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 01:13:29 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C5
age
0
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
387559
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230136-FRA
last-modified
Mon, 04 Dec 2017 14:25:11 GMT
server
cat factory 1.0
x-timer
S1705108409.005597,VS0,VE344
etag
"5ec167b4c65453a9da25bb8f03248abc"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
pFnrm_vfGu7mn7fYJYU6XmA5MVAyHt5azc0yrqWgtIhjnmApgfo1UQ==
x-cache-hits
7, 1
highlight_faint.png
gocheats.eu/public/style_images/lameria/
20 B
20 B
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 01:13:29 GMT
X-Blocked
11015.10
Server
nginx
Content-Length
20
Content-Type
text/html; charset=UTF-8
highlight.png
gocheats.eu/public/style_images/lameria/
20 B
20 B
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Sat, 13 Jan 2024 01:13:29 GMT
X-Blocked
11015.10
Server
nginx
Content-Length
20
Content-Type
text/html; charset=UTF-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
155146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 01:13:29 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
196323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC%2FJqZgwRnrOdhkxEIQjd0wjAVqGl0bEhyNQ85o9KOt0dMxpJ5ZKnDpFaYBGdI9Sk5XXu8zmgqdxVraUc%2FHVLRX6TVFBXAVQIZxYKm5ithG8Z36ksUP6BXQ%2F2E0Vq5LwSTQhR%2FX2"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8449c6e63f905d75-FRA
expires
Thu, 02 Jan 2025 01:13:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:57:07 GMT
x-content-type-options
nosniff
age
317782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:57:07 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery undefined| markerURL undefined| unreadIcon

1 Cookies

Domain/Path Name / Value
csgocheats.neverban.xaa.pl/ Name: session_id
Value: b9085c8fde2872fb3e60537e1a6dddf5

12 Console Messages

Source Level URL
Text
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/img/GCi999.png
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://gocheats.eu/public/style_images/lameria/profile/default_large.png
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://gocheats.eu/public/style_images/lameria/highlight.png
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)