URL: https://www.gofundshop.com/
Submission: On January 12 via api from IE — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 51 HTTP transactions. The main IP is 192.124.249.13, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.gofundshop.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 7th 2022. Valid for: a year.
This is the only time www.gofundshop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
22 gofundshop.com
www.gofundshop.com
1 MB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
5 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 16026
275 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 amazonaws.com
s3-us-west-2.amazonaws.com
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
1 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 10163
8 KB
1 trustedsite.com
www.trustedsite.com — Cisco Umbrella Rank: 16512
946 B
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 14581
485 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
44 KB
51 11
Domain Requested by
22 www.gofundshop.com www.gofundshop.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.gstatic.com www.gofundshop.com
www.google.com
www.gstatic.com
5 widget-v4.tidiochat.com www.gofundshop.com
code.tidio.co
3 www.google.com www.gstatic.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s3-us-west-2.amazonaws.com www.gofundshop.com
2 fonts.googleapis.com www.gofundshop.com
widget-v4.tidiochat.com
1 cdn.ywxi.net www.gofundshop.com
1 www.trustedsite.com www.gofundshop.com
1 code.tidio.co 1 redirects
1 www.googletagmanager.com www.gofundshop.com
51 12
Subject Issuer Validity Valid
gofundshop.com
Go Daddy Secure Certificate Authority - G2
2022-03-07 -
2023-03-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon
2022-09-21 -
2023-08-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-17 -
2023-05-17
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.trustedsite.com
Amazon
2023-01-11 -
2024-02-09
a year crt.sh
*.ywxi.net
Amazon
2022-07-05 -
2023-08-03
a year crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.gofundshop.com/
Frame ID: 6C1DC0EB6A87BCCD59B5C92DFE7AF081
Requests: 42 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_134_1/static/js/chunk-WidgetIframe-20f4f25175a05958861e.js
Frame ID: 4C1184139BBA71D027F8A1D56D250ADC
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Frame ID: 7ADF4D4A296F68C775AFA67FA2414B3F
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: 4E7FFFF19DB81E6F7FE60D473453D9BB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8
Frame ID: 996AC555CEB25574FC12E90006CCA886
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Small Business Loans Hassle Free | Fundshop

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

98 %
HTTPS

67 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

3194 kB
Transfer

5860 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://code.tidio.co/79x3orqej56xj0dg3u3wr1vie19wq0mi.js HTTP 302
  • https://widget-v4.tidiochat.com/1_134_1/static/js/render.20f4f25175a05958861e.js

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.gofundshop.com/
90 KB
20 KB
Document
General
Full URL
https://www.gofundshop.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
8edf93e4400c185b4a639cd04d18c97ce9b1e6af6f75259af71333a51a410b65
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
19283
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 12 Jan 2023 22:15:43 GMT
feature-policy
geolocation 'self'
link
<https://www.gofundshop.com/wp-json/>; rel="https://api.w.org/", <https://www.gofundshop.com/>; rel=shortlink, </wp-content/litespeed/cssjs/14f51.css?a276c>; rel=preload; as=style,</wp-content/litespeed/cssjs/33cff.js?69930>; rel=preload; as=script,</wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js>; rel=preload; as=script
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN DENY
x-pingback
https://www.gofundshop.com/xmlrpc.php
x-sucuri-cache
HIT
x-sucuri-id
15013
x-xss-protection
1; mode=block 1; mode=block
14f51.css
www.gofundshop.com/wp-content/litespeed/cssjs/
739 KB
133 KB
Stylesheet
General
Full URL
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
818d58d7910f2de401b71669ab35ffc0d40fe81800ad71dd264c3806e256c1d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 12 Jan 2023 20:08:50 GMT
server
nginx
etag
"502b82-b8b64-5f216af7749dd-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
expires
Thu, 31 Dec 2037 23:55:55 GMT
33cff.js
www.gofundshop.com/wp-content/litespeed/cssjs/
2 MB
432 KB
Script
General
Full URL
https://www.gofundshop.com/wp-content/litespeed/cssjs/33cff.js?69930
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
f8fcc3c562d328af32d33d3d72e024cdce7621f3d47cf8eb3b037b1170b37dea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 12 Jan 2023 20:08:51 GMT
server
nginx
etag
"502b83-18722a-5f216af888fd9-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
expires
Thu, 31 Dec 2037 23:55:55 GMT
webfontloader.min.js
www.gofundshop.com/wp-content/plugins/litespeed-cache/assets/js/
12 KB
5 KB
Script
General
Full URL
https://www.gofundshop.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
4651
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Tue, 05 Jan 2021 21:51:01 GMT
server
nginx
etag
"4007be-2f42-5b82e33d29b40-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
110 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-118823632-1
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1d1e685ee871518be6251c2e225d8c32e15da1d2de9984bafbdf550641f2c31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44250
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 21:10:50 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 22:15:43 GMT
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
140 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d1f0bdebfade7a68d3897a5743da99011687831c7f672b13b21b8b8fea4976f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
render.20f4f25175a05958861e.js
widget-v4.tidiochat.com/1_134_1/static/js/
Redirect Chain
  • https://code.tidio.co/79x3orqej56xj0dg3u3wr1vie19wq0mi.js
  • https://widget-v4.tidiochat.com/1_134_1/static/js/render.20f4f25175a05958861e.js
22 KB
8 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_134_1/static/js/render.20f4f25175a05958861e.js
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/
Protocol
H2
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac931d18d3874c8db3bcc43b5924a309ae7561f482b12ac3087c1628b4b1c45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Jan 2023 09:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3937
etag
W/"63bd2b20-570f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdGrOBkPvQb80cSVtHtNHY1yqCaIqUnp9GtEKmqC29BWVhbvegpdwD3lc6aREIu1kNv0XgHLvaglRav0W4iNRAAoyWYBJQP%2F3UMny9hCmGrB6etg9mu8jrimPF8E3hXkUSVdVBa9nqSzhZau%2BBJfAuclzOVg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
788940a32bc22ba9-FRA

Redirect headers

date
Thu, 12 Jan 2023 22:15:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3Ci%2BaAL0J%2BuQAF8B11XUUeBu1qYam8YkQuTdp26yrK%2FGy92CiQdISkJtla92gKSqRuEHt3tImndcF3Exnj%2F3tKlN86effZS%2B8PU75Cpqt3v3nUgoeOd1MtZbKddOzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_134_1/static/js/render.20f4f25175a05958861e.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
788940a29859927a-FRA
truncated
/
684 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50da9b0aa616fb29b4cd33b07034569c9ae59a64335cbca4d0a307afcfd276ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d770dd0aaa57890d5f71a50ac17aedfd5fbdc09b57a7cdec2c9e376c0fe0c26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
sp-ico.png
www.gofundshop.com/wp-content/themes/betheme/img/
34 KB
35 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/sp-ico.png
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
a4b326f336191d3c4613e4d78457755d86e556e6e03b7b3e76f1a34d1ae87993
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
35013
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:21:15 GMT
server
nginx
etag
"f0144f-88c5-5991223f0d4c0"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
bd_figma-min.png
www.gofundshop.com/wp-content/themes/betheme/img/
2 KB
2 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/bd_figma-min.png
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
1ccd45730919cbcca9058a9c98a0dd91b11371b02054e21b0aa1b57db9c89600
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
1697
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 06 Dec 2019 23:58:12 GMT
server
nginx
etag
"f0142e-6a1-59911d181ed00"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
trs.png
www.gofundshop.com/wp-content/themes/betheme/img/
13 KB
14 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/trs.png
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
6e5c7c82bec8cc73a2d1475daa52808a8e63e52c5de2533110f9846ed397bad8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
13419
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 09 Jan 2020 16:37:28 GMT
server
nginx
etag
"f01452-346b-59bb79fed4200"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
proxima_nova_semibold-webfont.woff2
www.gofundshop.com/wp-content/themes/betheme/fonts/
20 KB
21 KB
Font
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/fonts/proxima_nova_semibold-webfont.woff2
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
fa376fd40f3333375a09aa98942925ed2657e07ea055f8f5936faf8ffc008432
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
20513
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:05:17 GMT
server
nginx
etag
"ee1691-5024-59911ead6e940-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
proxima_nova_regular-webfont.woff2
www.gofundshop.com/wp-content/themes/betheme/fonts/
20 KB
21 KB
Font
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/fonts/proxima_nova_regular-webfont.woff2
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
57854b631d7dcf03502f805e96ef0f1021da8938aa67c7cfd123fccb67010d53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
20574
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:49:22 GMT
server
nginx
etag
"ee168e-5060-59912887e6880-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
futurabookc-webfont.woff2
www.gofundshop.com/wp-content/themes/betheme/fonts/
11 KB
12 KB
Font
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/fonts/futurabookc-webfont.woff2
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
36aff96f462b4fe896145717e6489ed03f3fe6836041dafe2b5e907b10b9dd89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
11428
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:02:38 GMT
server
nginx
etag
"ee1686-2ca0-59911e15cc380-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
7114-webfont.woff2
www.gofundshop.com/wp-content/themes/betheme/fonts/
26 KB
26 KB
Font
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/fonts/7114-webfont.woff2
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
7df0d6c5a3fae6596cb25a0b0e7efa6bcf41c8ab98b0748590bbe8de6ef91cdf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
26309
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 06 Dec 2019 23:46:17 GMT
server
nginx
etag
"ee1683-66c8-59911a6e3e440-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
mfn-icons.woff
www.gofundshop.com/wp-content/themes/betheme/fonts/
79 KB
80 KB
Font
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/fonts/mfn-icons.woff?93978679
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
9445d82e5b6ab98db5eae6540edeb636c6507ff3858a27ffee67e37214a5e6ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
80937
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:38:43 GMT
server
nginx
etag
"ee168b-13c24-5991262680ac0-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
font/woff
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
3 KB
1003 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:1,300,400,400italic,500,700,700italic&display=swap
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98477ffac6231eeb6a619024aceed6772195474766a017d736b1572d49ccb9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 22:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 22:01:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 22:15:44 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/
403 KB
404 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/33cff.js?69930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gofundshop.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 09:22:42 GMT
x-content-type-options
nosniff
age
478382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412950
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 09:22:42 GMT
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/gofundshop.com/
205 B
1020 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/gofundshop.com/client.json?source=jsmain
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/33cff.js?69930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
00a6e13dabdbf3a2cc366bf553367cb408aa5e2079ea7f27abf23e5631b9875e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 22:15:45 GMT
Content-Encoding
gzip
x-amz-version-id
BBlQzBvR.6JXy3rmABbMDBXUj7hGZH_Y
x-amz-request-id
SDYQ7CGFSTC0Q0WP
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Length
168
x-amz-id-2
7It6IK49jy5lGzMoRJjNUVHKczUhlqxOgNH7BmagkYAVMujVzFmUZl6nXlsJs/atMdUrub2e038=
Last-Modified
Sun, 01 Jan 2023 08:03:35 GMT
Server
AmazonS3
ETag
"727f07e77308c101589468d371e4aa45"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gofundshop.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials
true
Cache-Control
public, max-age=60
Accept-Ranges
bytes
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/gofundshop.com/
205 B
1020 B
XHR
General
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/gofundshop.com/client.json?source=jsinline
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/33cff.js?69930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.180.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
00a6e13dabdbf3a2cc366bf553367cb408aa5e2079ea7f27abf23e5631b9875e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 22:15:45 GMT
Content-Encoding
gzip
x-amz-version-id
BBlQzBvR.6JXy3rmABbMDBXUj7hGZH_Y
x-amz-request-id
SDYV1VDTY349K3DK
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Content-Length
168
x-amz-id-2
qrz0GoK4GryX6Zm0Td+VrmaP4Y1GDZefhnWjj5EYbbNP1iNMcKfPZ9+6SCqJDXpQYYyjTa/Qvns=
Last-Modified
Sun, 01 Jan 2023 08:03:35 GMT
Server
AmazonS3
ETag
"727f07e77308c101589468d371e4aa45"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gofundshop.com
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials
true
Cache-Control
public, max-age=60
Accept-Ranges
bytes
box_shadow.png
www.gofundshop.com/wp-content/themes/betheme/images/
108 B
568 B
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/images/box_shadow.png
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/wp-content/litespeed/cssjs/14f51.css?a276c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:43 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
108
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:37:32 GMT
server
nginx
etag
"f01229-6c-599125e2cab00"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-WidgetIframe-20f4f25175a05958861e.js
widget-v4.tidiochat.com/1_134_1/static/js/ Frame 4C11
345 KB
89 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_134_1/static/js/chunk-WidgetIframe-20f4f25175a05958861e.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/79x3orqej56xj0dg3u3wr1vie19wq0mi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cd651049af24b9c39e857ab3c529146278ab533f3ade5e5d88f3dd9ba37df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Jan 2023 09:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3930
etag
W/"63bd2b20-5638b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UPumlvJ1nC02Itc41DBC62t0gtSZu7Kr01NrPZ9i%2FYnc6sCHZMnKdw%2FlDz7r6jgfinnJ5m%2FSo%2BiMjIcQJ6AY%2BfV72fEWYFtniCUUgWRwyst5Wz3CGYUhB1E6QvCwfHhKdCX%2FtA3WrjW0pxmqKxVFeHNlA1m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
788940a44d992ba9-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame 4C11
7 KB
7 KB
Media
General
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10786
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 10 Jan 2023 09:08:45 GMT
server
cloudflare
etag
"63bd2b1d-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4heCWQ1O%2Bck89qJ%2F9Xb3DmGz%2BtFC2NgEJ%2FV53VJyqJMujidPvdEOIkvClwuYr5YRp47W3N9gjbbzgQCHJGEoBOg8Oz4YUvejmwTiPz6oL%2BrodR0c6WwqLpI3UWviEgXRfOzX9wlZBv9z7IJNl2Lkh4hMGMk"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
788940a45dcf2ba9-FRA
expires
Thu, 26 Jan 2023 19:15:58 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:1,300,400,400italic,500,700,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 15:21:12 GMT
x-content-type-options
nosniff
age
197672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 15:21:12 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:1,300,400,400italic,500,700,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 06:57:19 GMT
x-content-type-options
nosniff
age
227905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24408
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 06:57:19 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:1,300,400,400italic,500,700,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 09:00:35 GMT
x-content-type-options
nosniff
age
220509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 09:00:35 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118823632-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 20:21:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6830
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 12 Jan 2023 22:21:54 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:1,300,400,400italic,500,700,700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 15:58:58 GMT
x-content-type-options
nosniff
age
281806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 15:58:58 GMT
widget.20f4f25175a05958861e.js
widget-v4.tidiochat.com/1_134_1/static/js/ Frame 4C11
526 KB
163 KB
Script
General
Full URL
https://widget-v4.tidiochat.com/1_134_1/static/js/widget.20f4f25175a05958861e.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/79x3orqej56xj0dg3u3wr1vie19wq0mi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c9f6f355b46c98932c2cf0f7c6751fee18c789efdde37dfe2d31f07a8bf9c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Jan 2023 09:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3940
etag
W/"63bd2b20-83639"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3pI3piElHQPemgLebhkpf8I42Oi%2BOM%2BJNaDEyRqB%2F%2Ff8%2FP9D0VUPrIOauSHCfcwQQcvFJbkR%2Fz08pcKKpRNvnAOlD0OBhea4l8Pt1vj8MoM2b7qnB2p1cI5qBsmuKyAk2RBw26cy%2Bph7udqJe0%2FD8nlXgto"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
788940a4ae732ba9-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame 4C11
7 KB
7 KB
Media
General
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10786
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 10 Jan 2023 09:08:45 GMT
server
cloudflare
etag
"63bd2b1d-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzpLYCk%2BcxxTQteR85QKs7jCDpDT8kV4VnmNwoooQ7Gzv4vqkatL2jh7gA6ctKsS8AlpV2rsREzTXAP0m5W6bVkFFajxDr%2FuUOtzqAMisoJ12cLbiW38yBPEFgEG2V18HrqwoHLqVZN1Y3LCkk9LCtc3zaRN"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
788940a52f492ba9-FRA
expires
Thu, 26 Jan 2023 19:15:58 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7ADF
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d4408003ff27e8a0359a83868d586f4e2a04e2c63a7d006847ea3a34293086c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q11noFE1fA0OmtaH5fb9CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gofundshop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23324
content-security-policy
script-src 'report-sample' 'nonce-q11noFE1fA0OmtaH5fb9CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 22:15:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/
1 B
208 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2120879126&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gofundshop.com%2F&ul=en-us&de=UTF-8&dt=Small%20Business%20Loans%20Hassle%20Free%20%7C%20Fundshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1183934674&gjid=2016298625&cid=720627756.1673561744&tid=UA-118823632-1&_gid=1608661940.1673561744&_r=1&gtm=2ou1a1&z=1683243308
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gofundshop.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 22:15:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gofundshop.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 7ADF
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 09:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 09:22:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 7ADF
403 KB
403 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 09:22:42 GMT
x-content-type-options
nosniff
age
478382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412950
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 09:22:42 GMT
css2
fonts.googleapis.com/ Frame 4E7F
3 KB
627 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com/1_134_1/static/js/widget.20f4f25175a05958861e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 22:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 22:15:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 22:15:44 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 4E7F
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gofundshop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 15:21:36 GMT
x-content-type-options
nosniff
age
197648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jan 2024 15:21:36 GMT
ajax
www.trustedsite.com/rpc/
6 B
946 B
Script
General
Full URL
https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=gofundshop.com&rand=1673561744496
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/wp-content/litespeed/cssjs/33cff.js?69930
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.161.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-161-93.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
Apache
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type
text/javascript; charset=utf-8
content-length
26
205.svg
cdn.ywxi.net/meter/gofundshop.com/
20 KB
8 KB
Image
General
Full URL
https://cdn.ywxi.net/meter/gofundshop.com/205.svg?ts=1672560214124&l=en-US
Requested by
Host: www.gofundshop.com
URL: https://www.gofundshop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c600:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
Apache
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public
content-length
7400
x-amz-cf-id
nUNzpfETIjzz2smUbpNTstmjKkt53Y3BNcq_1A5EunaUerWviPyssw==
expires
Thu, 12 Jan 2023 23:15:44 GMT
truncated
/ Frame 7ADF
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7ADF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7ADF
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 15:21:21 GMT
x-content-type-options
nosniff
age
197663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 17 Jan 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7ADF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 09:20:58 GMT
x-content-type-options
nosniff
age
564886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 09:20:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7ADF
102 B
284 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8&co=aHR0cHM6Ly93d3cuZ29mdW5kc2hvcC5jb206NDQz&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=yfhyadz73dl5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 12 Jan 2023 22:15:44 GMT
bframe
www.google.com/recaptcha/api2/ Frame 996A
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f4c8b99e866f6f1072423f1cbfa0fcf3992512195e5c5729b790294314d0e3b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YMbMD9oXkApsmyqmead6rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gofundshop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-YMbMD9oXkApsmyqmead6rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 22:15:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 996A
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 09:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 09:22:41 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 996A
403 KB
403 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcrnEobAAAAAPWkB7usyupTBSETsdqMIRx24-X8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 09:22:42 GMT
x-content-type-options
nosniff
age
478382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
412950
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 09:22:42 GMT
truncated
/
183 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92bbf0483836efe25f7062e7962679ba796a4ba0f722052ce8f2f48744c7a883

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
161 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24f2270ff13b3a6bf9e1d2ee378906c960f6fc9e412a0d216654460597e293ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-a.jpg
www.gofundshop.com/wp-content/uploads/2019/09/
7 KB
7 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/uploads/2019/09/logo-a.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
abc1f62c4aee47b728a2e98f49c4628e40597176ea56a38ebab88e5a9316b392
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
6843
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 06 Dec 2019 23:42:30 GMT
server
nginx
etag
"12605aa-1abb-59911995c2580"
x-frame-options
SAMEORIGIN, DENY
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sl-itm-sl-min.jpg
www.gofundshop.com/wp-content/themes/betheme/img/
69 KB
70 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/sl-itm-sl-min.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
89799ed12b4f4a1e89d1af5ed1a4088b0942caa3063caa550d204d4eebc95395
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
70673
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 06 Dec 2019 23:57:34 GMT
server
nginx
etag
"f0144e-11411-59911cf3e1780"
x-frame-options
SAMEORIGIN, DENY
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
trutpilot-n.svg
www.gofundshop.com/wp-content/themes/betheme/img/
11 KB
4 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/trutpilot-n.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
334ba386f1d086d8f8705c3d07eac3a0e672bfe1732705a2212b1ab1c60187c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
3553
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 21 May 2020 21:47:11 GMT
server
nginx
etag
"f01459-2d81-5a62f747435c0-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
google-rev.svg
www.gofundshop.com/wp-content/themes/betheme/img/
6 KB
3 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/google-rev.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
92c571c613483aaa124ef7380f7089ea6ecca076ed9e030959d95a2215f2414a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
2143
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 21 May 2020 22:00:10 GMT
server
nginx
etag
"f0143e-16e3-5a62fa2e2ce80-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
BBB_svg.svg
www.gofundshop.com/wp-content/themes/betheme/img/
9 KB
4 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/BBB_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
0ea3eee31e73294c550023cca38ce021a4215cfe4173bb212082bb5735da9dfb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
3407
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 21 May 2020 22:07:16 GMT
server
nginx
etag
"f013aa-23c3-5a62fbc470d00-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
save_sec.svg
www.gofundshop.com/wp-content/themes/betheme/img/
6 KB
3 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/save_sec.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
2f73e0ba150be28002ff6190cf2c1b85318a2e7e0c4b2f34df3cbcfed1996296
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
content-encoding
br
x-sucuri-cache
HIT
content-length
2224
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Thu, 21 May 2020 22:08:17 GMT
server
nginx
etag
"f01449-1647-5a62fbfe9d640-br"
x-frame-options
SAMEORIGIN, DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ffn-1.png
www.gofundshop.com/wp-content/themes/betheme/img/
178 KB
178 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/ffn-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
428a05aabaf2a568d62a2fcc60c5b959c57b65d213e128d78d3cb5004d8c9b54
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
181768
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:24:26 GMT
server
nginx
etag
"f0143b-2c608-599122f534280"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fff-1.png
www.gofundshop.com/wp-content/themes/betheme/img/
177 KB
178 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/fff-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
0fb2fd6dd259f50497bc18ad64642f31ce8af1c0e0c9d3baffe73ee9c9f54720
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
181539
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 07 Dec 2019 00:03:50 GMT
server
nginx
etag
"f0143a-2c523-59911e5a76580"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ffa-1.png
www.gofundshop.com/wp-content/themes/betheme/img/
177 KB
178 KB
Image
General
Full URL
https://www.gofundshop.com/wp-content/themes/betheme/img/ffa-1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.13 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10013.sucuri.net
Software
nginx /
Resource Hash
cd6bc1bedb08a90bd9f85a767298634816693f379e5475fcdd618a1c4d0c0563
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gofundshop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 22:15:44 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000
x-sucuri-cache
HIT
content-length
181396
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Fri, 06 Dec 2019 23:51:01 GMT
server
nginx
etag
"f01438-2c494-59911b7d16340"
x-frame-options
SAMEORIGIN, DENY
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'self'
x-sucuri-id
15013
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| WebFontConfig object| SENTRY_RELEASE object| tidioChatApi function| _extends function| _typeof function| LazyLoad object| WebFont object| LS_Meta undefined| LS_oldGS undefined| LS_oldGSQueue undefined| LS_oldGSDefine undefined| LS_GSAP object| _gsScope object| oldgs object| punchgs object| scriptParams function| setREVStartSize number| business_loan_int_rate number| slideIndexHomSl undefined| timerIdHomSl function| currentDivTop function| showSlidesTop string| urlSite boolean| ststs boolean| chsts boolean| checkcap object| form function| checkDomainDeny function| validInp function| chAllInpL function| validEmFil function| validPhFil function| OnBlurF function| OnFocusF function| recaptcha_callback function| recaptcha_expired object| wpcf7 function| animateElement function| randomClass function| animateOnce function| animateInfinite function| animateEnd string| triggerClasses object| classesArray number| classAmount object| mfnSetup string| hashPrem string| hashStart string| hashDeff string| ufdto string| senterr string| sentusbc string| sentuer string| sentuere string| sentuera function| closePopapSlfress function| closePopapUfdto function| closePopapSenterr function| closePopapUer function| closePopapUereUere function| closePopapUeraUera function| closePopapSentusbc string| strtp string| prem boolean| efnm boolean| elnm boolean| company boolean| state boolean| email boolean| phone boolean| mgss boolean| ars boolean| pcs boolean| mgs function| getFieldall function| getMgsPcs function| getchpx function| startFbPixel object| BLC function| FastClick object| $event object| $special undefined| resizeTimeout string| mfn_ajax object| mfn object| mfn_lightbox object| mfn_sliders object| com function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| SplitType function| $ function| jQuery object| _layerSlider object| _layerSliders object| layerSliderTransitions object| oldgs_queue object| GreenSockGlobals object| _gsQueue object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| TrustedSite number| TrustedSite_done object| TrustedSiteInline function| EvEmitter function| imagesLoaded object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry object| NiceScroll function| Waypoint object| jQuery112407293936688499885 object| wp object| html5 object| Modernizr object| fluidvids object| noUiSlider object| accounting object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| closure_lm_179397 object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.gofundshop.com/ Name: _ga
Value: GA1.2.720627756.1673561744
.gofundshop.com/ Name: _gid
Value: GA1.2.1608661940.1673561744
.gofundshop.com/ Name: _gat_gtag_UA_118823632_1
Value: 1
www.gofundshop.com/ Name: trustedsite_visit
Value: 1
www.gofundshop.com/ Name: trustedsite_tm_float_seen
Value: 1
www.trustedsite.com/ Name: AWSALBCORS
Value: AhJeTI2msm4Lfmb5fo042mUCfcHZ870c+AizUhjqbZ/IuNEGMHab8XZ8lf1PwrrvuOjCMkBrVkL2QIJ34LtZsBDJVJo4xsKrvinfUPvFpikI3fOqakMzEU/qTdL/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ywxi.net
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
s3-us-west-2.amazonaws.com
widget-v4.tidiochat.com
www.gofundshop.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.trustedsite.com
172.67.72.223
192.124.249.13
2600:9000:206f:c600:14:6bfc:5740:93a1
2606:4700:20::ac43:4703
2a00:1450:4001:813::2004
2a00:1450:400d:802::2008
2a00:1450:400d:806::2003
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2003
44.225.161.93
52.92.180.216
00a6e13dabdbf3a2cc366bf553367cb408aa5e2079ea7f27abf23e5631b9875e
03cd651049af24b9c39e857ab3c529146278ab533f3ade5e5d88f3dd9ba37df7
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ea3eee31e73294c550023cca38ce021a4215cfe4173bb212082bb5735da9dfb
0fb2fd6dd259f50497bc18ad64642f31ce8af1c0e0c9d3baffe73ee9c9f54720
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ccd45730919cbcca9058a9c98a0dd91b11371b02054e21b0aa1b57db9c89600
24f2270ff13b3a6bf9e1d2ee378906c960f6fc9e412a0d216654460597e293ea
2d770dd0aaa57890d5f71a50ac17aedfd5fbdc09b57a7cdec2c9e376c0fe0c26
2f73e0ba150be28002ff6190cf2c1b85318a2e7e0c4b2f34df3cbcfed1996296
334ba386f1d086d8f8705c3d07eac3a0e672bfe1732705a2212b1ab1c60187c5
36aff96f462b4fe896145717e6489ed03f3fe6836041dafe2b5e907b10b9dd89
3c9f6f355b46c98932c2cf0f7c6751fee18c789efdde37dfe2d31f07a8bf9c4a
3d4408003ff27e8a0359a83868d586f4e2a04e2c63a7d006847ea3a34293086c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
428a05aabaf2a568d62a2fcc60c5b959c57b65d213e128d78d3cb5004d8c9b54
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
50da9b0aa616fb29b4cd33b07034569c9ae59a64335cbca4d0a307afcfd276ac
57854b631d7dcf03502f805e96ef0f1021da8938aa67c7cfd123fccb67010d53
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5c7c82bec8cc73a2d1475daa52808a8e63e52c5de2533110f9846ed397bad8
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
7d1f0bdebfade7a68d3897a5743da99011687831c7f672b13b21b8b8fea4976f
7df0d6c5a3fae6596cb25a0b0e7efa6bcf41c8ab98b0748590bbe8de6ef91cdf
818d58d7910f2de401b71669ab35ffc0d40fe81800ad71dd264c3806e256c1d8
89799ed12b4f4a1e89d1af5ed1a4088b0942caa3063caa550d204d4eebc95395
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8edf93e4400c185b4a639cd04d18c97ce9b1e6af6f75259af71333a51a410b65
8f4c8b99e866f6f1072423f1cbfa0fcf3992512195e5c5729b790294314d0e3b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92bbf0483836efe25f7062e7962679ba796a4ba0f722052ce8f2f48744c7a883
92c571c613483aaa124ef7380f7089ea6ecca076ed9e030959d95a2215f2414a
9445d82e5b6ab98db5eae6540edeb636c6507ff3858a27ffee67e37214a5e6ce
98477ffac6231eeb6a619024aceed6772195474766a017d736b1572d49ccb9e5
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a4b326f336191d3c4613e4d78457755d86e556e6e03b7b3e76f1a34d1ae87993
abc1f62c4aee47b728a2e98f49c4628e40597176ea56a38ebab88e5a9316b392
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cd6bc1bedb08a90bd9f85a767298634816693f379e5475fcdd618a1c4d0c0563
eac931d18d3874c8db3bcc43b5924a309ae7561f482b12ac3087c1628b4b1c45
f1d1e685ee871518be6251c2e225d8c32e15da1d2de9984bafbdf550641f2c31
f8fcc3c562d328af32d33d3d72e024cdce7621f3d47cf8eb3b037b1170b37dea
fa376fd40f3333375a09aa98942925ed2657e07ea055f8f5936faf8ffc008432