go.ch.g4u.fivedwnld.com Open in urlscan Pro
172.67.222.51  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response go.ch.g4u.fivedwnld.com/	15 KB 3 KB	897ms 295ms	Document text/html	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77e77cafd2365001e6f79578248e9648f11acb876245d38dafc6e0f8020e6135 Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, must-revalidate, private cf-cache-status DYNAMIC cf-ray 88a72474fd6a2a4c-CDG content-encoding br content-type text/html; charset=UTF-8 date Mon, 27 May 2024 15:47:15 GMT expires Mon, 27 May 2024 15:47:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6ZUcEXEn3ZmD9b1nH%2FIJuTcSQXoi49SWOZUPcCSj8NBSbI063n42ut3EruyzlOV%2FQuPXCIjiQ0N%2BVjn4Gcq573p%2BrT8%2Buch25KSxcufM5AYb4K3SVMJAUGrYLZ83TABlQOAyyt500VZNg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-backend portal03
GET H2	200	foundation-icons.min.css cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/	17 KB 3 KB	635ms 104ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.min.css Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43d73e4556b2a78638804284de36800431309cc9437fa7051161104b315a381f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 242648 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2726 last-modified Mon, 04 May 2020 16:10:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e66-43a4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LixD9cwgEiLJ30%2BLjlFb%2FXD0xOfejxejrp2NVWaqUnERDmdqN8%2BH429SOfUaG19c17ykdcl7h2g8yo%2BxlmKFMVy5xmJeZBe0AWJir3%2BkZdtPt5HM%2BpkezpMMtbRskiI8YbexuMrx"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88a7247a0f1d5278-MXP expires Sat, 17 May 2025 15:47:16 GMT
GET H2	200	foundation.min.css cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/css/	70 KB 11 KB	631ms 101ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/css/foundation.min.css Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ad58461d156cd93c11bbf1b24e3a24089f4e900a037f174c0c0dc0b89ce8716 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 238964 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10446 last-modified Mon, 04 May 2020 16:10:12 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e64-1190c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozr4mCll5KalvCwp6rgAkgK0wm%2FaPzSAeFUW%2Bp5Owtzt41PZ8dLh1S12ui3h0eqLAGpAxs311me0fm0A6yLcyzHA9EhznbLHRq8DwSFUQGLfZdFovGbhNxX411BWC1hBG3%2BN2mD%2F"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88a7247a0f215278-MXP expires Sat, 17 May 2025 15:47:16 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 859 B	628ms 98ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700 Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash a5656202537685ab7640f50469322bd118b8db9e46215d7916cb981c5ce26731 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 27 May 2024 15:47:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 May 2024 15:46:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 May 2024 15:47:16 GMT
GET H2	200	86272.css go.ch.g4u.fivedwnld.com/cache/css/	4 KB 2 KB	146ms 144ms	Stylesheet text/css	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/cache/css/86272.css Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ebddd19e59dbe981136dad37b91fa684e8961b37d665c172177b349ac69a491 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT content-encoding gzip cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal01 alt-svc h3=":443"; ma=86400 pragma public last-modified Tue, 30 Jan 2024 14:47:59 GMT server cloudflare etag W/"65b90c1f-1159" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6UfhdMfR5bCb9pbbi%2BRDDCoVgE3Bf%2BucjkbdTarE%2BySL0x2a3rwhhjsNts27tTqG%2FHE%2BQNPhcCUq8fkWsU4eDWwFBoS9SDP5ylGO7TlVxtCRT1bAB2FE9Nzw88tE26PGSFgLE%2FXZ0PVOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 88a72476cf6c2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	86276.css go.ch.g4u.fivedwnld.com/cache/css/	257 B 558 B	131ms 130ms	Stylesheet text/css	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/cache/css/86276.css Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e23883d4d8d6f8dbf4ba291559b2c48ed8ad23b7113bcf6d8238cdfc19c7497d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT content-encoding gzip cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal02 alt-svc h3=":443"; ma=86400 pragma public last-modified Tue, 13 Jun 2023 09:27:50 GMT server cloudflare etag W/"64883696-101" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWL255%2BU%2BbYiizEbvaFyCiMghS5Kc4JNZjSY2oLBUnCA%2FUcFpCvuYYdeZdmzOGi4aAGtCbEfPUj%2B7EAIkgNgPwGXP3SUNveFnKrkErqtk5%2F13QabrwjAnxTWUVPvg3h9uOrfoSridsOowg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 88a72476cf6e2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	gaming4u_logo_2017.png go.ch.g4u.fivedwnld.com/resources/files/misc/2021-12-06/	23 KB 23 KB	146ms 145ms	Image image/png	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/resources/files/misc/2021-12-06/gaming4u_logo_2017.png Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81b95694459876221308272475540e3b600593b8e05baab111898c04eef5227e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal01 alt-svc h3=":443"; ma=86400 content-length 23494 pragma public last-modified Mon, 06 Dec 2021 14:46:42 GMT server cloudflare etag "61ae2252-5bc6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xNnfEVwijxJXC6xwo%2BQ16SEg8EGuhddYiuXtXfUI6erQWVHYbh6Eks%2BaV73WrgXtDbzVYMEhjZg6hkq7GRLZrb%2B0ZYBrszeT%2FvE0p1t9CSFp5JEkojQbMrs%2BMeq703%2FHl1EjWD7G0mWQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476cf712a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	194 KB 71 KB	704ms 131ms	Script application/javascript	172.217.16.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WMGVZ7S Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f8.1e100.net Software Google Tag Manager / Resource Hash 17c181c9ad54b653eca6502b8bcafc547ebdc78ee3dd7316afa70368b57bc52a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:16 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72123 x-xss-protection 0 last-modified Mon, 27 May 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 27 May 2024 15:47:16 GMT
GET H2	200	295528.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2956/	24 KB 24 KB	213ms 210ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2956/295528.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa6cfe773ed7519503901828717c6659535ff6c81e1aafca52ab3e8bdcab8224 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal01 alt-svc h3=":443"; ma=86400 content-length 24612 pragma public last-modified Thu, 23 May 2024 08:49:29 GMT server cloudflare etag "664f0319-6024" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHd2KZJx6jVZ8NoPuVYzJO8puMvuxB62FzZgyklq05oJnIxh2mtbX966HpMXlSJL5V8ZZl82zmWaq1RCfIZkxrJXvi3qNptCLGaj5TXnhQITV%2BIQw7B3FDfWipHzuSHN16Xb6SEoUyFybA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476ef9f2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	295552.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2956/	6 KB 6 KB	149ms 146ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2956/295552.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5674cad79e5de91c8af37f1dfdcb2baa85b6e7fe14fd597d244b9d83e57b47e2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal02 alt-svc h3=":443"; ma=86400 content-length 6046 pragma public last-modified Thu, 23 May 2024 13:22:20 GMT server cloudflare etag "664f430c-179e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf6ho%2BzoPY7yitUX7dK%2BVOahFwW2GxnOYXq%2F%2FtwdtiICIHxqVMhwRHRiVU%2BCD54iYHF7Ff9YJeJc6wlIn5mFSqliRVNAZs9l%2B6JmgjGCD7pGv49u4%2F5Ushvh8u4jfJXzgdA5p8j3aIeGcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efa22a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	294972.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2950/	8 KB 8 KB	154ms 151ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2950/294972.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46a973b59b1ff376649db6602938a74859087aeea1e39af0fe30458ad377894e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal03 alt-svc h3=":443"; ma=86400 content-length 8087 pragma public last-modified Thu, 23 May 2024 10:27:38 GMT server cloudflare etag "664f1a1a-1f97" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksjyJBZIlP8EOlGR1PIwDZPUxPn7VPqxDnH6UF4r4iDKgjBa2ZoEs%2BWrVkDej7RRw%2BEPxsjUYCq6CQtKtfBPsWz5NZhcAK8FYA6ANgk6yGSnejur9lJGh0xeOAYvZysHBQIRUV%2B40ipTTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efa32a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	295176.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2952/	8 KB 8 KB	153ms 150ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2952/295176.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0b381da33276c8c5aa173d2b7ce42ffb9b5dc7864e55a860d7e16133523cbdb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal03 alt-svc h3=":443"; ma=86400 content-length 7970 pragma public last-modified Thu, 23 May 2024 10:09:24 GMT server cloudflare etag "664f15d4-1f22" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csPqsNC0ie6bjERxWwwlBjg3GU%2Fg5cT3fP7QggN4Rxu8A9WoBtUzizHNwnvlgo%2BfvEsyECbuMEDLXYaFJ1mEiO0f7vgy0%2FVOn7n8nWpL9lCYflCFJJkjS7u5s9VrwtFvoy9N26Jw8htPxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efa52a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	304252.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/3043/	6 KB 7 KB	211ms 208ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/3043/304252.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b80872c98047fb336bf333f20d863cd662a697235c1d34837ffded0e12d041ef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal03 alt-svc h3=":443"; ma=86400 content-length 6471 pragma public last-modified Thu, 23 May 2024 10:27:33 GMT server cloudflare etag "664f1a15-1947" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oc47qSfr0C1VJlt4%2BHcAjOvcwLXjx6TRCWuG6tiint4BXHTUjK1GtZW381BBlmy4IIgE7Zjn4yUfVfMzq%2BUVbtHA8ieWw3tvUoZ%2B1qTZ6SRH%2BRG29MGzWrfjJJ22unPCGu79y5wb03tM9A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efaa2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	294856.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2949/	6 KB 6 KB	150ms 147ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2949/294856.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bcea7280c7c84603e0244f3620f1e78b8ca37e33fea3df68affd2d0e9d28565 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal02 alt-svc h3=":443"; ma=86400 content-length 5787 pragma public last-modified Thu, 23 May 2024 10:11:32 GMT server cloudflare etag "664f1654-169b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBMOOfAS0w6LTU6hRVu3c4%2FTZtqgRlXqKaWzLt6RmEpOxDqFl6662t96nTBUTKHf%2FfC6KuTE06PpCKjFcjO4I6KdVm90lvitCGAhHz8WMKMhu4Ydy%2F7dktzPuIfnPBWhvYz0nod4u%2FTzBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efab2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	295496.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2955/	7 KB 8 KB	213ms 211ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2955/295496.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec24463ab044bc1bc0a76910e5aa87c3c44c47d3c362b8818bffbf65cda795a8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal01 alt-svc h3=":443"; ma=86400 content-length 7367 pragma public last-modified Thu, 23 May 2024 08:34:54 GMT server cloudflare etag "664effae-1cc7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nkPbkELcYrupjHmJRtMIbMkSQgr1KYZRkkQOGenMWLmINe68eg0L%2BYULmcF1KFknDNWXIQ2MbR%2BfDxnAbX%2BZztrzES1yOCx2JvOjBhmMbM8nDIsutlhkSPLEL8B06zqg4UbihP06fSenAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efae2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	295172.jpg go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2952/	6 KB 6 KB	211ms 209ms	Image image/jpeg	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.ch.g4u.fivedwnld.com/media/cache/200x150/resources/content/img/2952/295172.jpg Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21fd8cc36c236160e8b804854b7fba145b56664640aa00af120cd7d50c0c4d06 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal01 alt-svc h3=":443"; ma=86400 content-length 5987 pragma public last-modified Thu, 23 May 2024 10:35:37 GMT server cloudflare etag "664f1bf9-1763" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDolPjlj0yPXA9dQ%2Bjs9j4kdq%2FiRczFfaqRidCz3GF29paRGQxz%2BZaiXoh9LzJhiVEIxHekw%2BzZK9vthfFMqza9ZRyr2MgCwUkBFiXbXdz%2Beh0flDMrSCzFneEBdQmeQJEM8eIIf2jurgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88a72476efaf2a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	618ms 94ms	Script text/javascript	142.250.185.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f10.1e100.net Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 06:14:44 GMT content-encoding gzip x-content-type-options nosniff age 379952 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 06:14:44 GMT
GET H2	200	foundation.min.js Show response cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/js/	121 KB 24 KB	614ms 108ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundation/6.3.1/js/foundation.min.js Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 412706 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 24181 last-modified Mon, 04 May 2020 16:10:12 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e64-1e276" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWmPDXcwwrP2gErgCBEnHVyc5C51UXj%2Bhs04dPePVtuUq0L7jYNHws5PZiAPScad6Oiy2Yj1LpbSlriC3QgnSHn9lCLVZWRphC1SF6U9uj7JUzYpH1D%2Bb2mlIY%2F88xR3Pm08b3wk"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88a7247a0f225278-MXP expires Sat, 17 May 2025 15:47:16 GMT
GET H2	200	86344.js Show response go.ch.g4u.fivedwnld.com/cache/js/	696 B 689 B	150ms 149ms	Script application/javascript	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/cache/js/86344.js Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d143805e04acfa2948fb416b34d08b2c9397c087da141ba144b0a73a02e8428 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT content-encoding gzip cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal03 alt-svc h3=":443"; ma=86400 pragma public last-modified Tue, 30 Jan 2024 14:49:05 GMT server cloudflare etag W/"65b90c61-2b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBsqG2KwimS4M678gMdVqBwurv9Z4VHCf1nQapqnsAQwOENAs1QjKFvOa6jYRalWlqLMSdFumMcH6rv152zu4UPzbcQSEcb9wgowQRbnnozPY%2BIi1GTvvdmon5Ayo7F6bewbQ6N%2F%2F3hMHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88a72476efa62a4c-CDG expires Wed, 26 Jun 2024 15:47:15 GMT
GET H2	200	86348.js Show response go.ch.g4u.fivedwnld.com/cache/js/	1 KB 994 B	102ms 101ms	Script application/javascript	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/cache/js/86348.js Requested by Host: go.ch.g4u.fivedwnld.com URL: https://go.ch.g4u.fivedwnld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84cdd52fe87921e8535d0928dc8deddb9620bf1854ae212a52697358d5890c4e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:15 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend portal03 age 4555 alt-svc h3=":443"; ma=86400 pragma public last-modified Tue, 13 Jun 2023 11:42:17 GMT server cloudflare etag W/"64885619-518" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NojIM0q4zYXq5gPuxGRNxYwsIOsUZsA1IhPVcDp3lYSEy%2B1VVnEUGUqMpXWx1NViZyvF%2FWt3KeO0S3x5arpHSk6I8Gj2rTrZW8s0%2FOLX1XSG4BFwGJFM1un9ORRqd6IRFAcRBycd%2FyZnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88a72476efa72a4c-CDG expires Wed, 26 Jun 2024 14:31:20 GMT
GET H2	200	NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	797ms 313ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://go.ch.g4u.fivedwnld.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 20:54:42 GMT x-content-type-options nosniff age 586354 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12372 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:30:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 May 2025 20:54:42 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	786ms 305ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://go.ch.g4u.fivedwnld.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 02:51:10 GMT x-content-type-options nosniff age 392166 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12136 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:07:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 02:51:10 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	788ms 308ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://go.ch.g4u.fivedwnld.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 25 May 2024 01:12:18 GMT x-content-type-options nosniff age 225298 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11796 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:48:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 25 May 2025 01:12:18 GMT
GET H2	200	foundation-icons.woff cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/	31 KB 32 KB	784ms 309ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.min.css Origin https://go.ch.g4u.fivedwnld.com Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 246495 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 31590 last-modified Mon, 04 May 2020 16:10:14 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e66-7d14" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfS6Bfl3uskFD8%2BcIgrcVbEspe%2BiIXM0d7okgGgCkBK36RAxXeZQrinQfZpOBR8WvAW%2B6wgz8ivS0OmUoH%2FnfSNeD3OorCBDtb%2Bo3BwR0wOVOVkHgQXtrzL%2BHNpLNeIHSSgoOiU3"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 88a7247e8e220f52-MXP expires Sat, 17 May 2025 15:47:16 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	782ms 66ms	Script text/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGVZ7S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 27 May 2024 14:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4689 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 27 May 2024 16:29:08 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 227 B	102ms 90ms	XHR text/plain	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=212693438&t=pageview&_s=1&dl=https%3A%2F%2Fgo.ch.g4u.fivedwnld.com%2F&ul=de-ch&de=UTF-8&dt=Gaming%204%20U&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1112291527&gjid=1462753075&cid=1909853247.1716824837&tid=UA-24165715-15&_gid=599059476.1716824837&_r=1&_slc=1&gtm=45He45m0n81WMGVZ7Sza200&gcd=13l3l3l3l1&dma=0&z=1609773199 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash ce805eafcaaabfbe58706381bed672fe26bd83dea86729d8e3f31ab54007a1f6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 May 2024 15:47:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.ch.g4u.fivedwnld.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	favicon.ico go.ch.g4u.fivedwnld.com/	564 B 483 B	188ms 187ms	Other text/html	172.67.222.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ch.g4u.fivedwnld.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:17 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BJIQkN5fTSWOXWzLqPIgG0Ph3J7DLMWxai5AvIk3KR93BoC33TEQCw4YL8y%2BLcXEJtjwjJNB0FZ5GgRmiwYD%2BFcZAVV1iNL8r76ifjfcXq6YLCkG1la%2BSvK9RyqY4%2BceuKuT8%2FMacuMnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=31536000 cf-ray 88a724818b462a4c-CDG alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 89 KB	97ms 96ms	Script application/javascript	172.217.16.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-295EN8J8QY&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f8.1e100.net Software Google Tag Manager / Resource Hash e239dfb18fba4029b7243eb0413c9fd61b20f7423b9549345a90b60846afeaf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 15:47:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90641 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 27 May 2024 15:47:17 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	646ms 124ms	Ping text/plain	216.239.34.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-295EN8J8QY&gtm=45je45m0v9110869197za200&_p=1716824835622&gcd=13l3l3l3l2&npa=0&dma=0&ul=de-ch&sr=1600x1200&cid=1909853247.1716824837&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fgo.ch.g4u.fivedwnld.com%2F&dt=Gaming%204%20U&sid=1716824837&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2899 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-295EN8J8QY&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://go.ch.g4u.fivedwnld.com/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 27 May 2024 15:47:18 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.ch.g4u.fivedwnld.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| $ function| jQuery function| _classCallCheck function| _createClass object| Foundation object| jQuery111105644174376304187 object| google_tag_manager object| google_tag_data function| loadNextPage function| enableScroll number| activeScroll number| disableScroll string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			go.ch.g4u.fivedwnld.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: s75asj5ousp3toe2nn0vikkrgn
			go.ch.g4u.fivedwnld.com/	1970-01-20 21:38:23	Name: device_view Value: full
			.go.ch.g4u.fivedwnld.com/	1970-01-21 06:29:44	Name: _ga Value: GA1.5.1909853247.1716824837
			.go.ch.g4u.fivedwnld.com/	1970-01-20 20:55:11	Name: _gid Value: GA1.5.599059476.1716824837
			.go.ch.g4u.fivedwnld.com/	1970-01-20 20:53:44	Name: _gat_UA-24165715-15 Value: 1
			.go.ch.g4u.fivedwnld.com/	1970-01-21 06:29:44	Name: _ga_295EN8J8QY Value: GS1.5.1716824837.1.0.1716824837.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go.ch.g4u.fivedwnld.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
go.ch.g4u.fivedwnld.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
142.250.184.202
142.250.185.74
142.250.186.46
142.250.186.99
172.217.16.136
172.67.222.51
216.239.34.36
0ebddd19e59dbe981136dad37b91fa684e8961b37d665c172177b349ac69a491
17c181c9ad54b653eca6502b8bcafc547ebdc78ee3dd7316afa70368b57bc52a
21fd8cc36c236160e8b804854b7fba145b56664640aa00af120cd7d50c0c4d06
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
43d73e4556b2a78638804284de36800431309cc9437fa7051161104b315a381f
46a973b59b1ff376649db6602938a74859087aeea1e39af0fe30458ad377894e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
5674cad79e5de91c8af37f1dfdcb2baa85b6e7fe14fd597d244b9d83e57b47e2
5d143805e04acfa2948fb416b34d08b2c9397c087da141ba144b0a73a02e8428
6bcea7280c7c84603e0244f3620f1e78b8ca37e33fea3df68affd2d0e9d28565
77e77cafd2365001e6f79578248e9648f11acb876245d38dafc6e0f8020e6135
81b95694459876221308272475540e3b600593b8e05baab111898c04eef5227e
84cdd52fe87921e8535d0928dc8deddb9620bf1854ae212a52697358d5890c4e
8ad58461d156cd93c11bbf1b24e3a24089f4e900a037f174c0c0dc0b89ce8716
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
a5656202537685ab7640f50469322bd118b8db9e46215d7916cb981c5ce26731
aa6cfe773ed7519503901828717c6659535ff6c81e1aafca52ab3e8bdcab8224
b80872c98047fb336bf333f20d863cd662a697235c1d34837ffded0e12d041ef
ce805eafcaaabfbe58706381bed672fe26bd83dea86729d8e3f31ab54007a1f6
d0b381da33276c8c5aa173d2b7ce42ffb9b5dc7864e55a860d7e16133523cbdb
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23883d4d8d6f8dbf4ba291559b2c48ed8ad23b7113bcf6d8238cdfc19c7497d
e239dfb18fba4029b7243eb0413c9fd61b20f7423b9549345a90b60846afeaf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24463ab044bc1bc0a76910e5aa87c3c44c47d3c362b8818bffbf65cda795a8