URL: https://csgocheats.neverban.xaa.pl/
Submission Tags: phishingrod
Submission: On June 15 via api from DE — Scanned from PL

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 94.23.90.35, located in Poland and belongs to OVH, FR. The main domain is csgocheats.neverban.xaa.pl.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.
This is the only time csgocheats.neverban.xaa.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 94.23.90.35 16276 (OVH)
1 172.217.18.10 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
1 1 212.91.26.249 15694 (ATMAN-ISP...)
1 212.91.26.248 57367 (ECO-ATMAN...)
1 195.78.67.57 41079 (CF-GDA)
2 146.75.120.193 54113 (FASTLY)
2 172.217.16.195 15169 (GOOGLE)
24 8
Apex Domain
Subdomains
Transfer
13 gocheats.eu
gocheats.eu
358 KB
2 gstatic.com
fonts.gstatic.com
82 KB
2 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6533
380 KB
2 gadu-gadu.pl
www.gadu-gadu.pl
gadu-gadu.pl — Cisco Umbrella Rank: 447279
4 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
ajax.googleapis.com — Cisco Umbrella Rank: 422
94 KB
1 cskatowice.com
cskatowice.com
2 KB
1 xaa.pl
csgocheats.neverban.xaa.pl
29 KB
24 8
Domain Requested by
13 gocheats.eu csgocheats.neverban.xaa.pl
gocheats.eu
2 fonts.gstatic.com fonts.googleapis.com
2 i.imgur.com csgocheats.neverban.xaa.pl
2 cdnjs.cloudflare.com csgocheats.neverban.xaa.pl
cdnjs.cloudflare.com
1 cskatowice.com csgocheats.neverban.xaa.pl
1 gadu-gadu.pl csgocheats.neverban.xaa.pl
1 www.gadu-gadu.pl 1 redirects
1 ajax.googleapis.com csgocheats.neverban.xaa.pl
1 fonts.googleapis.com csgocheats.neverban.xaa.pl
1 csgocheats.neverban.xaa.pl
24 10

This site contains links to these domains. Also see Links.

Domain
gocheats.eu
steamcommunity.com
Subject Issuer Validity Valid
*.neverban.xaa.pl
R3
2023-06-14 -
2023-09-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
cskatowice.com
R3
2023-04-25 -
2023-07-24
3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-13 -
2024-03-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-05-22 -
2023-08-14
3 months crt.sh

This page contains 1 frames:

Primary Page: https://csgocheats.neverban.xaa.pl/
Frame ID: E1B19CB3C08B5FA0D2D0AEAA0B81911D
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Private Cheats

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

1031 kB
Transfer

1515 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1 HTTP 302
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
csgocheats.neverban.xaa.pl/
134 KB
29 KB
Document
General
Full URL
https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b63edb6408498d3734442e22d4d4c8dd5b38743b33407904d8b68f4495e012f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 15 Jun 2023 00:10:19 GMT
expires
Wed, 14 Jun 2023 00:10:19 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-nginx-upstream-cache-status
BYPASS
x-server-powered-by
Nginx
css
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
ESF /
Resource Hash
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 00:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 00:10:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 00:10:19 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1995941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5884
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM%2BsYugsMpI6HFExEeBla7Dmbz5X4TinjCJOxBjIIEaVbNP8Q7SCA1iYYGqv4W2gvUGjBqblhAFTKqPLTRxepL4mHkJs4Px2kyADPewOM970Z9yyVEzaW%2FUDD%2FBAU4B1%2FogwZKSe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d7696de5dfd3500-WAW
expires
Tue, 04 Jun 2024 00:10:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
92 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 02:20:53 GMT
x-content-type-options
nosniff
age
424166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 02:20:53 GMT
cookie.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/cookie.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

ipbforumskins.js
gocheats.eu/public/style_images/lameria/js/
0
0
Script
General
Full URL
https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

prototype.js
gocheats.eu/public/js/3rd_party/
177 KB
41 KB
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/prototype.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:10:05 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.js
gocheats.eu/public/js/
125 KB
31 KB
Script
General
Full URL
https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
scriptaculous-cache.js
gocheats.eu/public/js/3rd_party/scriptaculous/
76 KB
19 KB
Script
General
Full URL
https://gocheats.eu/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:11:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ipb.lang.js
gocheats.eu/cache/lang_cache/2/
31 KB
9 KB
Script
General
Full URL
https://gocheats.eu/cache/lang_cache/2/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:15:37 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
GCi999.png
gocheats.eu/img/
246 KB
247 KB
Image
General
Full URL
https://gocheats.eu/img/GCi999.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
last-modified
Fri, 15 Mar 2019 15:13:50 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
252015
x-nginx-upstream-cache-status
HIT
status.asp
gadu-gadu.pl/users/
Redirect Chain
  • https://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1
  • https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
3 KB
3 KB
Image
General
Full URL
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
HTTP/1.1
Server
212.91.26.248 Warsaw, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
ip-212-91-26-248.gadu-gadu.pl
Software
nginx /
Resource Hash
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 00:10:19 GMT
content-encoding
gzip
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
3178
Content-Type
image/png

Redirect headers

Location
https://gadu-gadu.pl/users/status.asp?id=52142260&styl=1
Date
Thu, 15 Jun 2023 00:10:19 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
154
Content-Type
text/html
login-steam-icon.png
cskatowice.com/public/style_extra/signin/
2 KB
2 KB
Image
General
Full URL
https://cskatowice.com/public/style_extra/signin/login-steam-icon.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.57 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s179.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
last-modified
Mon, 21 Nov 2016 19:03:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1975
x-xss-protection
1; mode=block
expires
max-age=29030400, public
default_large.png
gocheats.eu/public/style_images/lameria/profile/
3 KB
3 KB
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/profile/default_large.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Mon, 14 Aug 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
last-modified
Tue, 03 May 2016 16:42:18 GMT
server
nginx
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
content-length
2589
x-nginx-upstream-cache-status
HIT
2QCNnUm.png
i.imgur.com/
927 B
1 KB
Image
General
Full URL
https://i.imgur.com/2QCNnUm.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
543508
x-cache
Miss from cloudfront, MISS, HIT
content-length
927
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-etou8220052-FRA
last-modified
Tue, 09 Aug 2016 12:00:58 GMT
server
cat factory 1.0
x-timer
S1686787820.639215,VS0,VE2
etag
"f915bca0362cf332c74b70a475c3ea51"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XjuiyGrMFEHqwFSpJskYBUzGvPOlXeRlydOL-xneKF4P7wp-szI86g==
x-cache-hits
0, 1
ips.quickpm.js
gocheats.eu/public/js/
7 KB
2 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.quickpm.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:57 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.hovercard.js
gocheats.eu/public/js/
12 KB
4 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.hovercard.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:56 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
ips.board.js
gocheats.eu/public/js/
9 KB
3 KB
Script
General
Full URL
https://gocheats.eu/public/js/ips.board.js
Requested by
Host: gocheats.eu
URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
nginx /
Resource Hash
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517

Request headers

Referer
https://csgocheats.neverban.xaa.pl/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
Sat, 15 Jul 2023 00:10:19 GMT
date
Thu, 15 Jun 2023 00:10:19 GMT
x-server-powered-by
Nginx
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:09:54 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
x-nginx-upstream-cache-status
MISS
pM9xQTq.png
i.imgur.com/
378 KB
379 KB
Image
General
Full URL
https://i.imgur.com/pM9xQTq.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1748882
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
387559
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-etou8220052-FRA
last-modified
Mon, 04 Dec 2017 14:25:11 GMT
server
cat factory 1.0
x-timer
S1686787820.639153,VS0,VE3
etag
"5ec167b4c65453a9da25bb8f03248abc"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tG-P-86tWEJqAon0A5U3velDIEdeVp-xSKy6D50_yOCe6LqsLulg0g==
x-cache-hits
12, 1
highlight_faint.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

highlight.png
gocheats.eu/public/style_images/lameria/
0
0
Image
General
Full URL
https://gocheats.eu/public/style_images/lameria/highlight.png
Requested by
Host: csgocheats.neverban.xaa.pl
URL: https://csgocheats.neverban.xaa.pl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.90.35 , Poland, ASN16276 (OVH, FR),
Reverse DNS
s33.proserwer.pl
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://csgocheats.neverban.xaa.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 00:21:44 GMT
x-content-type-options
nosniff
age
431315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 00:21:44 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 00:10:19 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
80713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkiL4dfOcUjt60K9WZtFMoxSl9fjH597OjzCXs1jYHxASVZxRGezrF2tTNH2BfF5slRfHfMWKhhQ6FvdT7hYYd2OJp%2FrWqIh4D2Tidkxy0P5kW%2FHyjy5CR8%2Bb0y7KUP3oiPGM8we"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d7696e06e45bfe4-WAW
expires
Tue, 04 Jun 2024 00:10:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800italic,800,700italic,700,600italic,600,400italic,300italic,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://csgocheats.neverban.xaa.pl
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 13:09:47 GMT
x-content-type-options
nosniff
age
385232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35184
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:11:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 13:09:47 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP function| $ function| jQuery object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| _quickpm function| _idx string| markerURL string| unreadIcon object| skip object| cookies string| title string| cookie

1 Cookies

Domain/Path Name / Value
csgocheats.neverban.xaa.pl/ Name: session_id
Value: 7d6fcfc8769f4603d8bd5e711e7d8b63

16 Console Messages

Source Level URL
Text
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/js/cookie.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/js/ipbforumskins.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.quickpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.hovercard.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gocheats.eu/public/js/ipb.js?ipbv=40da81d309748ca6f9827f9202f6ce1e&load=quickpm,hovercard,board(Line 1144)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://gocheats.eu/public/js/ips.board.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://gocheats.eu/img/GCi999.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://www.gadu-gadu.pl/users/status.asp?id=52142260&styl=1'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://cskatowice.com/public/style_extra/signin/login-steam-icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://csgocheats.neverban.xaa.pl/(Line 1934)
Message:
Mixed Content: The page at 'https://csgocheats.neverban.xaa.pl/' was loaded over HTTPS, but requested an insecure element 'http://i.imgur.com/2QCNnUm.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://gocheats.eu/public/style_images/lameria/highlight.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gocheats.eu/public/style_images/lameria/highlight_faint.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
csgocheats.neverban.xaa.pl
cskatowice.com
fonts.googleapis.com
fonts.gstatic.com
gadu-gadu.pl
gocheats.eu
i.imgur.com
www.gadu-gadu.pl
104.17.25.14
142.250.186.138
146.75.120.193
172.217.16.195
172.217.18.10
195.78.67.57
212.91.26.248
212.91.26.249
94.23.90.35
165260ffa430b04c539d3e33dfb55c9dccca450835d29e75ee79489a27279cee
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
4e177a1bde76bb6f5e522ac01d3e9cb30567ea8c970ed5a65a363d7364ea3b5b
7015695218956690f8e04f1a9818e50fe03a91d51365996db2bcc9e798d41e6a
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9541d3c2ce5e8f73309028c6f3444c1ce5b6a6216d46d7a03a91182d7ec8f8cf
9b971b54daff3c01b6e36ac9729dc3fe3cc739c416ff9b19c2bc98339d43c542
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
b3a545d23d50d2bf6f775bf3826036164719da1c5460be7284c2bbdac671b5ce
b63edb6408498d3734442e22d4d4c8dd5b38743b33407904d8b68f4495e012f8
b866fe0b27186aa304cf02f6c1434d1360c494633c7d294c8ca24719ae017517
b9c185667b09207af9ffad76d10305c6d09c9ee46cae27126999010c83d01efd
cabbdec03a8ca8d2d3d4b164c0441ab8b7ab97b1bcab04e92e0009331369a4e2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e0938ac198b564b7f226ad9bd6ecbc7d35036dd93018f4234f7f20bc046c850e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3c511c542343b5cb0d2bedfdf92b8d53ff26fcf3c91f2804a277503b2c4d45d
ff8f93e84041e83aa4ff1145c124bd42e356e6463e4aa0c4ecffd83f18a2eb46