csgocheats.neverban.xaa.pl
Open in
urlscan Pro
94.23.90.35
Public Scan
Submission Tags: phishingrod
Submission: On February 12 via api from DE — Scanned from PL
Summary
TLS certificate: Issued by R3 on February 12th 2023. Valid for: 3 months.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 94.23.90.35 94.23.90.35 | 16276 (OVH) (OVH) | |
1 | 142.251.39.74 142.251.39.74 | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.186.138 142.250.186.138 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 212.91.26.248 212.91.26.248 | 15694 (ATMAN-ISP...) (ATMAN-ISP-AS ATM S.A.) | |
1 | 195.78.67.57 195.78.67.57 | 41079 (CF-GDA) (CF-GDA) | |
2 | 199.232.16.193 199.232.16.193 | 54113 (FASTLY) (FASTLY) | |
2 | 172.217.16.131 172.217.16.131 | 15169 (GOOGLE) (GOOGLE) | |
24 | 8 |
ASN16276 (OVH, FR)
PTR: s33.proserwer.pl
csgocheats.neverban.xaa.pl | |
gocheats.eu |
ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com |
ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: ip-212-91-26-248.gadu-gadu.pl
www.gadu-gadu.pl | |
gadu-gadu.pl |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
gocheats.eu
gocheats.eu |
358 KB |
2 |
gstatic.com
fonts.gstatic.com |
75 KB |
2 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 6088 |
380 KB |
2 |
gadu-gadu.pl
1 redirects
www.gadu-gadu.pl gadu-gadu.pl — Cisco Umbrella Rank: 487509 |
4 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202 |
82 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 299 |
35 KB |
1 |
cskatowice.com
cskatowice.com |
2 KB |
1 |
xaa.pl
csgocheats.neverban.xaa.pl |
29 KB |
24 | 8 |
Domain | Requested by | |
---|---|---|
13 | gocheats.eu |
csgocheats.neverban.xaa.pl
gocheats.eu |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | i.imgur.com |
csgocheats.neverban.xaa.pl
|
2 | cdnjs.cloudflare.com |
csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com |
1 | cskatowice.com |
csgocheats.neverban.xaa.pl
|
1 | gadu-gadu.pl |
csgocheats.neverban.xaa.pl
|
1 | www.gadu-gadu.pl | 1 redirects |
1 | ajax.googleapis.com |
csgocheats.neverban.xaa.pl
|
1 | fonts.googleapis.com |
csgocheats.neverban.xaa.pl
|
1 | csgocheats.neverban.xaa.pl | |
24 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
gocheats.eu |
steamcommunity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gocheats.eu R3 |
2023-02-12 - 2023-05-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
cskatowice.com R3 |
2022-12-25 - 2023-03-25 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://csgocheats.neverban.xaa.pl/
Frame ID: 580B96C8713F55C6E4BED526DE590820
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Private CheatsDetected technologies
Prototype (JavaScript Frameworks) ExpandDetected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
script.aculo.us (JavaScript Libraries) Expand
Detected patterns
- /(?:scriptaculous|protoaculous)(?:\.js|/)
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: Forums
Search URL Search Domain Scan URL
Title: Members
Search URL Search Domain Scan URL
Title: VIP Members
Search URL Search Domain Scan URL
Title: Existing user? Sign In
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: All Activity
Search URL Search Domain Scan URL
Title: Navigation
Search URL Search Domain Scan URL
Title: Owner
Search URL Search Domain Scan URL
Title: Główne forum
Search URL Search Domain Scan URL
Title: Aktualności
Search URL Search Domain Scan URL
Title: HumanBot EasyAntiCheat
Search URL Search Domain Scan URL
Title: INFO
Search URL Search Domain Scan URL
Title: 30 mar 2018
Search URL Search Domain Scan URL
Title: Filmy z cheatami
Search URL Search Domain Scan URL
Title: simpleEsp XDDDD
Search URL Search Domain Scan URL
Title: Tydzień temu
Search URL Search Domain Scan URL
Title: Opinie użytkowników o czitach
Search URL Search Domain Scan URL
Title: Pytanie owner
Search URL Search Domain Scan URL
Title: 19 gru 2022
Search URL Search Domain Scan URL
Title: GOCHEATS
Search URL Search Domain Scan URL
Title: HumanBot(50zł PAYPAL/60ZŁ PSC)
Search URL Search Domain Scan URL
Title: HumanBot (VAC, MM, SMAC) -...
Search URL Search Domain Scan URL
Title: 04 gru 2015
Search URL Search Domain Scan URL
Title: HumanAim(40ZŁ PAYPAL/50ZŁ PSC)
Search URL Search Domain Scan URL
Title: HumanAim (VAC, MM, SMAC) -...
Search URL Search Domain Scan URL
Title: 05 gru 2015
Search URL Search Domain Scan URL
Title: SimpleESP(20ZŁ PAYPAL/30ZŁ PSC)
Search URL Search Domain Scan URL
Title: SimpleESP(VAC,MM,SMAC)
Search URL Search Domain Scan URL
Title: 05 gru 2015
Search URL Search Domain Scan URL
Title: (Wyświetl pełną listę)
Search URL Search Domain Scan URL
Title: Aktulizacja?
Search URL Search Domain Scan URL
Title: BATTLEROYAL
Search URL Search Domain Scan URL
Title: Taki tam meczyk na simple esp na supremy prosze o ocenke <3
Search URL Search Domain Scan URL
Title: Taki tam meczyk na simple esp na lemy prosze o ocenke <3
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
- https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
csgocheats.neverban.xaa.pl/ |
134 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
37 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ |
92 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
gocheats.eu/public/style_images/lameria/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prototype.js
gocheats.eu/public/js/3rd_party/ |
177 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipb.js
gocheats.eu/public/js/ |
125 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scriptaculous-cache.js
gocheats.eu/public/js/3rd_party/scriptaculous/ |
76 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipb.lang.js
gocheats.eu/cache/lang_cache/2/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GCi999.png
gocheats.eu/img/ |
246 KB 247 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
status.asp
gadu-gadu.pl/users/ Redirect Chain
|
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-steam-icon.png
cskatowice.com/public/style_extra/signin/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default_large.png
gocheats.eu/public/style_images/lameria/profile/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2QCNnUm.png
i.imgur.com/ |
927 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ips.quickpm.js
gocheats.eu/public/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ips.hovercard.js
gocheats.eu/public/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ips.board.js
gocheats.eu/public/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pM9xQTq.png
i.imgur.com/ |
378 KB 379 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight_faint.png
gocheats.eu/public/style_images/lameria/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.png
gocheats.eu/public/style_images/lameria/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| _quickpm function| _idx string| markerURL string| unreadIcon object| skip object| cookies string| title string| cookie1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
csgocheats.neverban.xaa.pl/ | Name: session_id Value: 233ab48d27928ff768e698f0411f7a9a |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
csgocheats.neverban.xaa.pl
cskatowice.com
fonts.googleapis.com
fonts.gstatic.com
gadu-gadu.pl
gocheats.eu
i.imgur.com
www.gadu-gadu.pl
104.17.24.14
142.250.186.138
142.251.39.74
172.217.16.131
195.78.67.57
199.232.16.193
212.91.26.248
94.23.90.35
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeeacfff10aeb12ff356a9db59bffc001e1e51356da306e59a4ebc3c237da471
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46