URL: https://csgocheats.neverban.xaa.pl/
Submission Tags: phishingrod
Submission: On February 12 via api from DE — Scanned from PL

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 94.23.90.35, located in Poland and belongs to OVH, FR. The main domain is csgocheats.neverban.xaa.pl.
TLS certificate: Issued by R3 on February 12th 2023. Valid for: 3 months.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 94.23.90.35 16276 (OVH)
1 142.251.39.74 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
1 2 212.91.26.248 15694 (ATMAN-ISP...)
1 195.78.67.57 41079 (CF-GDA)
2 199.232.16.193 54113 (FASTLY)
2 172.217.16.131 15169 (GOOGLE)
24 8
Apex Domain
Subdomains
Transfer
13 gocheats.eu
gocheats.eu
358 KB
2 gstatic.com
fonts.gstatic.com
75 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6088
380 KB
2 gadu-gadu.pl
www.gadu-gadu.pl
gadu-gadu.pl — Cisco Umbrella Rank: 487509
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 299
35 KB
1 cskatowice.com
cskatowice.com
2 KB
1 xaa.pl
csgocheats.neverban.xaa.pl
29 KB
24 8
Domain Requested by
13 gocheats.eu csgocheats.neverban.xaa.pl
gocheats.eu
2 fonts.gstatic.com fonts.googleapis.com
2 i.imgur.com csgocheats.neverban.xaa.pl
2 cdnjs.cloudflare.com csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com
1 cskatowice.com csgocheats.neverban.xaa.pl
1 gadu-gadu.pl csgocheats.neverban.xaa.pl
1 www.gadu-gadu.pl 1 redirects
1 ajax.googleapis.com csgocheats.neverban.xaa.pl
1 fonts.googleapis.com csgocheats.neverban.xaa.pl
1 csgocheats.neverban.xaa.pl
24 10

This site contains links to these domains. Also see Links.

Domain
gocheats.eu
steamcommunity.com
Subject Issuer Validity Valid
gocheats.eu
R3
2023-02-12 -
2023-05-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
cskatowice.com
R3
2022-12-25 -
2023-03-25
3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-03-16
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://csgocheats.neverban.xaa.pl/
Frame ID: 580B96C8713F55C6E4BED526DE590820
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Private Cheats

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

965 kB
Transfer

1507 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
csgocheats.neverban.xaa.pl/
134 KB
29 KB
Document
General
Full URL
https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
eeeacfff10aeb12ff356a9db59bffc001e1e51356da306e59a4ebc3c237da471

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 12 Feb 2023 01:13:40 GMT
expires
Sat, 11 Feb 2023 01:13:40 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-nginx-upstream-cache-status
BYPASS
x-server-powered-by
PS
css
fonts.googleapis.com/
26 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s39-in-f10.1e100.net
Software
ESF /
Resource Hash
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Feb 2023 01:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Feb 2023 01:13:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Feb 2023 01:13:40 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 01:13:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1470403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa7RTqRyFKBYL3YrVpVz8rfRjC8tdn6Mol8smmSNZGlevTGWwPUuFqt150HD7KDhgNaA5VJkn81%2BMs%2FI2kqLKV5DpbZC4UjN6c%2BqX6%2B600MU20HKfEc2%2Bl20MtAmJsxZTh3bYLg3"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7981768a5c8e350f-WAW
expires
Fri, 02 Feb 2024 01:13:40 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 17:55:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 17:55:55 GMT
cookie.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/cookie.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

prototype.js
gocheats.eu/public/js/3rd_party/
177 KB
41 KB
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/prototype.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:10:05 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.js
gocheats.eu/public/js/
125 KB
31 KB
Script
General
Full URL
https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
scriptaculous-cache.js
gocheats.eu/public/js/3rd_party/scriptaculous/
76 KB
19 KB
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:11:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.lang.js
gocheats.eu/cache/lang_cache/2/
31 KB
9 KB
Script
General
Full URL
https://gocheats.eu/cache/lang_cache/2/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:15:37 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
GCi999.png
gocheats.eu/img/
246 KB
247 KB
Image
General
Full URL
https://gocheats.eu/img/GCi999.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 13 Apr 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
last-modified
Fri, 15 Mar 2019 15:13:50 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
252015
x-nginx-upstream-cache-status
MISS
status.asp
gadu-gadu.pl/users/
Redirect Chain
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
3 KB
3 KB
Image
General
Full URL
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
212.91.26.248 Warsaw, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
ip-212-91-26-248.gadu-gadu.pl
Software
nginx /
Resource Hash
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 01:13:40 GMT
content-encoding
gzip
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
3178
Content-Type
image/png

Redirect headers

Location
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Date
Sun, 12 Feb 2023 01:13:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
154
Content-Type
text/html
login-steam-icon.png
cskatowice.com/public/style_extra/signin/
2 KB
2 KB
Image
General
Full URL
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.57 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s179.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 01:13:40 GMT
last-modified
Mon, 21 Nov 2016 19:03:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1975
x-xss-protection
1; mode=block
expires
max-age=29030400, public
default_large.png
gocheats.eu/public/style_images/lameria/profile/
3 KB
3 KB
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/profile/default_large.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Thu, 13 Apr 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
last-modified
Tue, 03 May 2016 16:42:18 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2589
x-nginx-upstream-cache-status
MISS
2QCNnUm.png
i.imgur.com/
927 B
1 KB
Image
General
Full URL
https://i.imgur.com/2QCNnUm.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 01:13:40 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
92634
x-cache
HIT, HIT
content-length
927
x-served-by
cache-iad-kcgs7200126-IAD, cache-vie6341-VIE
last-modified
Tue, 09 Aug 2016 12:00:58 GMT
server
cat factory 1.0
x-timer
S1676164421.766858,VS0,VE1
etag
"f915bca0362cf332c74b70a475c3ea51"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
ips.quickpm.js
gocheats.eu/public/js/
7 KB
2 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.quickpm.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:57 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.hovercard.js
gocheats.eu/public/js/
12 KB
4 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.hovercard.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:56 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.board.js
gocheats.eu/public/js/
9 KB
3 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.board.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Tue, 14 Mar 2023 01:13:40 GMT
date
Sun, 12 Feb 2023 01:13:40 GMT
x-server-powered-by
PS
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
pM9xQTq.png
i.imgur.com/
378 KB
379 KB
Image
General
Full URL
https://i.imgur.com/pM9xQTq.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 01:13:40 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2103060
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
387559
x-served-by
cache-iad-kiad7000154-IAD, cache-vie6341-VIE
last-modified
Mon, 04 Dec 2017 14:25:11 GMT
server
cat factory 1.0
x-timer
S1676164421.766789,VS0,VE2
etag
"5ec167b4c65453a9da25bb8f03248abc"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23, 1
highlight_faint.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

highlight.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 04:22:26 GMT
x-content-type-options
nosniff
age
75074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 04:22:26 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 01:13:40 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1421883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRH2u0KA3%2B9nLwahfacsVmK4FzuMMuTUOhuTkuXkhaNVaQ9RoYwyd3C88AssykuigwyDUWSJBJjTVclnNRnd4KELIpymZlB%2FTLhdztI2ccRSmlzSWjye1SKV4hj3ti0pBcL2M2Dh"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7981768d0c32357b-WAW
expires
Fri, 02 Feb 2024 01:13:40 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 05:31:45 GMT
x-content-type-options
nosniff
age
243715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31320
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:11:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 05:31:45 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| _quickpm function| _idx string| markerURL string| unreadIcon object| skip object| cookies string| title string| cookie

1 Cookies

Domain/Path Name / Value
csgocheats.neverban.xaa.pl/ Name: session_id
Value: 233ab48d27928ff768e698f0411f7a9a

16 Console Messages

Source Level URL
Text
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/js/cookie.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.hovercard.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.board.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1285)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1285)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1285)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/highlight.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
csgocheats.neverban.xaa.pl
cskatowice.com
fonts.googleapis.com
fonts.gstatic.com
gadu-gadu.pl
gocheats.eu
i.imgur.com
www.gadu-gadu.pl
104.17.24.14
142.250.186.138
142.251.39.74
172.217.16.131
195.78.67.57
199.232.16.193
212.91.26.248
94.23.90.35
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeeacfff10aeb12ff356a9db59bffc001e1e51356da306e59a4ebc3c237da471
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46