order.preparedhero.com Open in urlscan Pro
151.101.2.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://order.preparedhero.com/efb-yt-checkout
Submission: On January 12 via manual (January 12th 2025, 4:27:02 am UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 18 domains to perform 91 HTTP transactions. The main IP is 151.101.2.132, located in San Francisco, United States and belongs to FASTLY, US. The main domain is order.preparedhero.com. The Cisco Umbrella rank of the primary domain is 429369.
TLS certificate: Issued by R11 on December 24th 2024. Valid for: 3 months.

This is the only time order.preparedhero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
5	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
3	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	3.160.150.77 3.160.150.77	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:26e... 2600:9000:26e8:9400:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	18.173.205.52 18.173.205.52	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:ca00:0:f171:6100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.44 13.32.99.44	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::ac40:92d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.170.183.180 54.170.183.180	16509 (AMAZON-02) (AMAZON-02)
2	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	20.119.0.18 20.119.0.18	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
91	25

9 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

order.preparedhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

img.funnelish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

preparedhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-77.fra60.r.cloudfront.net

static.mobilemonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26e8:9400:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-52.fra56.r.cloudfront.net

ttip-ipv4-prod.telemetry.vaultdcr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:ca00:0:f171:6100:93a1 (United States)

ASN16509 (AMAZON-02, US)

ttip-ipv6-prod.telemetry.vaultdcr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-44.fra60.r.cloudfront.net

tte-prod.telemetry.vaultdcr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:92d9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.183.180 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.0.18 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.aisiteanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	funnelish.com img.funnelish.com — Cisco Umbrella Rank: 80612 analytics.app.funnelish.com Failed	636 KB
11	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	204 KB
10	preparedhero.com order.preparedhero.com — Cisco Umbrella Rank: 429369 preparedhero.com — Cisco Umbrella Rank: 62888	97 KB
8	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 466	260 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	74 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 e.clarity.ms — Cisco Umbrella Rank: 8266	30 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 psb.taboola.com — Cisco Umbrella Rank: 6026 trc.taboola.com — Cisco Umbrella Rank: 763 trc-events.taboola.com — Cisco Umbrella Rank: 2914	24 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	21 KB
3	aisiteanalytics.com a.aisiteanalytics.com — Cisco Umbrella Rank: 54709
3	vaultdcr.com ttip-ipv4-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13298 ttip-ipv6-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13262 tte-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13074	2 KB
3	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 643 ib.adnxs.com — Cisco Umbrella Rank: 281	10 KB
3	cloudfront.net d2hrivdxn8ekm8.cloudfront.net	29 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 7471	1 KB
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 10609	230 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 9257	606 B
1	mobilemonkey.com static.mobilemonkey.com — Cisco Umbrella Rank: 69971	18 KB
0	facebook.net Failed connect.facebook.net Failed
0	amazonaws.com Failed s3-us-west-2.amazonaws.com Failed
91	18

	Domain	Requested by
20	img.funnelish.com	order.preparedhero.com
11	js.stripe.com	order.preparedhero.com js.stripe.com
9	order.preparedhero.com	order.preparedhero.com
8	maps.googleapis.com	order.preparedhero.com maps.googleapis.com
6	www.googletagmanager.com	order.preparedhero.com www.googletagmanager.com
3	a.aisiteanalytics.com	static.mobilemonkey.com
3	d2hrivdxn8ekm8.cloudfront.net	order.preparedhero.com d2hrivdxn8ekm8.cloudfront.net
3	e.clarity.ms	www.clarity.ms
2	trc-events.taboola.com	cdn.taboola.com
2	ib.adnxs.com	acdn.adnxs.com
2	segment.prod.bidr.io	1 redirects
2	maps.gstatic.com	order.preparedhero.com
2	fonts.gstatic.com	order.preparedhero.com
2	www.clarity.ms	order.preparedhero.com www.clarity.ms
1	action.media6degrees.com
1	action.dstillery.com	1 redirects
1	tte-prod.telemetry.vaultdcr.com	d2hrivdxn8ekm8.cloudfront.net
1	ttip-ipv6-prod.telemetry.vaultdcr.com	d2hrivdxn8ekm8.cloudfront.net
1	ttip-ipv4-prod.telemetry.vaultdcr.com	d2hrivdxn8ekm8.cloudfront.net
1	acdn.adnxs.com	d2hrivdxn8ekm8.cloudfront.net
1	static.mobilemonkey.com	www.googletagmanager.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	preparedhero.com	order.preparedhero.com
1	cdn.taboola.com	order.preparedhero.com
0	connect.facebook.net Failed	order.preparedhero.com
0	analytics.app.funnelish.com Failed	order.preparedhero.com
0	s3-us-west-2.amazonaws.com Failed	order.preparedhero.com
91	28

This site contains links to these domains. Also see Links.

Domain
preparedhero.com

Subject Issuer	Validity	Valid
order.preparedhero.com R11	`2024-12-24` - `2025-03-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
img.funnelish.com R10	`2024-12-23` - `2025-03-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
preparedhero.com WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-12-16` - `2025-04-03`	4 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
static.mobilemonkey.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
*.telemetry.vaultdcr.com Amazon RSA 2048 M03	`2024-05-08` - `2025-06-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
a.aisiteanalytics.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-10-07` - `2025-04-07`	6 months	crt.sh

This page contains 10 frames:

Primary Page: https://order.preparedhero.com/efb-yt-checkout
Frame ID: 9AFAD3EB53B0A4A9D10FCDC143B01E65
Requests: 80 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-fd0540fdbafb12173e5f385d4e01d247.html
Frame ID: 9BAFB586DB4DF717DAC92200F87BD42A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
Frame ID: 3698CE6288277FD47120CDF033527827
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
Frame ID: 99BEE4FA56AA808653EFFBE3926EAF89
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
Frame ID: 71F3F8E0E222B690499FE4F63DB5CA85
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/link-modal-inner-a563b697ed97cbd8768d816b8f6fca3e.html
Frame ID: 89C27176CA07FAF1A7BAD2F57CE9A50D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-8837680f9c137ed94aa55fad7f104ce7.html
Frame ID: 207E6DD32122BAD7C93A8FE4F994B6B0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
Frame ID: 5D332955E307D5F356D773273A726F38
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
Frame ID: 8E918EF4D5233FEE5DA604A762F5C667
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
Frame ID: E5F3C56072AAB9CC7D9A29A3C98E8AB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout | Prepared Hero

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

91
Requests

90 %
HTTPS

29 %
IPv6

18
Domains

28
Subdomains

25
IPs

5
Countries

1404 kB
Transfer

3298 kB
Size

29
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://preparedhero.com/policies/shipping-policy
Title: Shipping

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/refund-policy
Title: Refund

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/terms-of-service
Title: Terms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://action.dstillery.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 71

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072&_bee_ppp=1

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request efb-yt-checkout Show response
order.preparedhero.com/ 119 KB
22 KB 65ms
7ms Document
text/html 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9cb6d55cd9265d36bda2ddc7d1e7fea8f3fd094843f01067ddb221eab2cb9363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 47578
content-encoding: gzip
content-length: 21892
content-type: text/html; charset=UTF-8
date: Sun, 12 Jan 2025 04:26:57 GMT
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin <https://images.funnelish.com>; rel=preconnect; crossorigin <https://img.youtube.com>; rel=preconnect; crossorigin
vary: X-Country, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 0
x-country: us
x-index: 4
x-page: F_6074_98205_367068_2162471
x-served-by: cache-fra-eddf8230071-FRA, cache-fra-eddf8230117-FRA
x-step-type: 1
x-timer: S1736656017.455363,VS0,VE1

GET
H2 200 core.min.js Show response
order.preparedhero.com/ 77 KB
22 KB 228ms
227ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/core.min.js
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a3a940f138366798b5e1970737016be82cefadea5136747d3db619a548536d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
content-encoding: gzip
x-timer: S1736656017.466094,VS0,VE221
age: 0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 22765
date: Sun, 12 Jan 2025 04:26:57 GMT
last-modified: Sat, 04 Jan 2025 06:08:01 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-etou8220106-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 core.min.css
order.preparedhero.com/ 50 KB
10 KB 229ms
228ms Stylesheet
text/css 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/core.min.css
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c89c058ad70b8c60c39360c12e4b033fee413d53b4b90acafab51d9b8e5ab4e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
content-encoding: gzip
x-timer: S1736656017.466049,VS0,VE222
age: 0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 9962
date: Sun, 12 Jan 2025 04:26:57 GMT
last-modified: Sat, 04 Jan 2025 11:48:51 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220089-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 12 KB
3 KB 138ms
53ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6ff08ab3ddf745420765cd2241d0a4a57c073fcf96171af8e2d7201187b52297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: a295dbee
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2438
date: Sun, 12 Jan 2025 04:26:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1406018/ 71 KB
22 KB 207ms
186ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1406018/tfa.js
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcb14970aa0c73904a85de4a0497814fb114e86cf5a89d6d7992881c25c3ace2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: gzip
etag: "f00d35fac1c7ed023becbf897fd55406"
x-amz-version-id: EvnDtgUhNXVFkP5LowQBRbjLtgjpKIUC
age: 0
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
last-modified: Sun, 05 Jan 2025 11:02:17 GMT
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: r9zZL8T5WSFSD6H2Q6Pxl1aA1f0484Av6rW4FQ2mrOhcmmIoJCsm+lq9WtrZc7aNDsfmQYwEwUo=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1736656018.721330,VS0,VE180
via: 1.1 varnish
x-amz-request-id: Q094A6RK7WC6HEAA
accept-ranges: bytes
access-control-allow-origin: *
abp: 38
content-length: 22107
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 h0v0s3lkif Show response
www.clarity.ms/tag/ 571 B
826 B 155ms
102ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/h0v0s3lkif
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bdb9a0d6e01c706aa6e5b9d6370349143bab02fe94505a1b2364c5514b3516a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 571
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: application/x-javascript
x-azure-ref: 20250112T042657Z-15464c697c59jp5lhC1FRAd9a00000000b9g00000000fhmb

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer

Response headers

Content-Type: image/gif

GET
H2 200 1643364132-arrow-flash-small.gif
img.funnelish.com/4224/20304/ 494 B
1 KB 38ms
7ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/4224/20304/1643364132-arrow-flash-small.gif
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=494 idim=28x17 ifmt=gif ofsz=494 odim=28x17 ofmt=gif ofrm=3
x-goog-hash: crc32c=ppkZvg==, md5=ZKfdcde9xqcgDFLOmzZwGg==
etag: "K/BLoOQIkc4m9ZRGLwpp1QD1mz6Hk+Y5f659iwHI/+U"
age: 2347
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 494
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 1
x-guploader-uploadid: AHxI1nNy4Gux5DdeXXTUgOkkKHxIhJl7UjyVbi54GYaXFOnniMSWfiX9chRCsTV-kdrguWB9ksc
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
fastly-io-warning: Failed to shrink image
x-goog-storage-class: ARCHIVE
x-timer: S1736656018.735799,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1643364132725553
content-length: 494
fastly-io-served-by: vpop-etou8240194
server: UploadServer

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 82ms
36ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

age: 415570
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 07 Jan 2026 09:00:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Jan 2025 09:00:47 GMT
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 85ms
39ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

age: 415335
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 07 Jan 2026 09:04:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Jan 2025 09:04:42 GMT
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 1709302857-efb-1pack.png
img.funnelish.com/6074/203638/ 44 KB
45 KB 33ms
20ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/203638/1709302857-efb-1pack.png?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fbe0b11246ca47ed75124e1b703596e4cb748db29104ae4630165336b2c0ee46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=33009 idim=250x250 ifmt=png ofsz=45288 odim=220x220 ofmt=webp
x-goog-hash: crc32c=jMGHTQ==, md5=ATmL3zRUDUYm8nHzxhEwYw==
etag: "Wf57zvwTavqfeVAnkUojYKKV+YfmsFoaqj5ieObqCPc"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 33009
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC49smyaMYeZAgCSyJXbvIKq-3IRMLOYncLKtDcZeLDdS8wE4j_6EFjxwm_6qMDy_JiXf-Y
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736601,VS0,VE3
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709302857540708
content-length: 45288
fastly-io-served-by: vpop-etou8240192
server: UploadServer

GET
H2 200 1709302860-efb-2pack.png
img.funnelish.com/6074/203638/ 47 KB
47 KB 32ms
20ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/203638/1709302860-efb-2pack.png?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f6ec14bc7336e3c113134c3cd1d341d9af361bf5d513e326a03a89bda73cc2de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=30722 idim=250x250 ifmt=png ofsz=47788 odim=220x220 ofmt=webp
x-goog-hash: crc32c=5qha7g==, md5=kDrlId8quJ3gCMmQf8Kk0A==
etag: "KQOG5h91pnDQFM2Lph20il9umNWtwTdSmiWY276Ycbo"
age: 3526
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 30722
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: ACJd0Npnsw0IlbZ1nfBLmhSuQeFnlsLefFmCDzkAVyeKwomTdh3UfofdSYtG3GPOIwm4YCKc5HU
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736702,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709302860652324
content-length: 47788
fastly-io-served-by: vpop-etou8240193
server: UploadServer

GET
H2 200 1709302863-efb-4pack.png
img.funnelish.com/6074/203638/ 49 KB
50 KB 26ms
14ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/203638/1709302863-efb-4pack.png?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5748ad0f7092ff9749f34c1a19607002fe6862fc59a134be60dd6e3fef2f7e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=32183 idim=250x250 ifmt=png ofsz=50506 odim=220x220 ofmt=webp
x-goog-hash: crc32c=f6KN6g==, md5=u2LD+O5/hnTEq9zr4k0qYQ==
etag: "F7+Cwh+7mDz7JJDT9TjVwD3LOSgytlKTnkgEEREG6e8"
age: 154573
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32183
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AFIdbgTrjl5TDBlzsZzDnKzI-YQICDsXp0UWNAa6WG4I6Rf4_s7AztlpuxPsX7RGBG6SwHhYGQMJB9o
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736473,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709302864062906
content-length: 50506
fastly-io-served-by: vpop-etou8240197
server: UploadServer

GET
H2 200 1709302867-efb-8pack.png
img.funnelish.com/6074/203638/ 54 KB
54 KB 76ms
64ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/203638/1709302867-efb-8pack.png?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0aba5e105b767e8624891263284cc741bee252901d5932015ee2d3b009c62824

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=33518 idim=250x250 ifmt=png ofsz=54896 odim=220x220 ofmt=webp
x-goog-hash: crc32c=UVmdPA==, md5=L83jLRD34FfGwhX+tj9XGA==
etag: "nPassCFxAT3WvuomzKLm7qrBL4j4bBgV++62+dEMdMA"
age: 3526
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 33518
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AD-8ljuqa1-nDoDcU_iO8fMTsAZRXEV0bkmGOraZTIeU__jFgcQDaSoQXVqkwyEpqHGDFmQMZLI
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736543,VS0,VE57
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709302867202387
content-length: 54896
fastly-io-served-by: vpop-etou8240196
server: UploadServer

GET
H2 200 1709302869-efb-12pack.png
img.funnelish.com/6074/203638/ 57 KB
57 KB 20ms
8ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/203638/1709302869-efb-12pack.png?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5b51abaf91180748d71ae0a5d0135f0feea896a3f59e47040cb6bdab48cfa8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=36425 idim=250x250 ifmt=png ofsz=58136 odim=220x220 ofmt=webp
x-goog-hash: crc32c=Fnrmcg==, md5=XzzJOvYAVBda1NS/A4nd8A==
cf-cache-status: REVALIDATED
etag: "6JQMOWi5vFXpPMfAFpT9rvtJvXKXaaW55xo7wNFJjnE"
age: 3526
x-goog-stored-content-encoding: identity
expires: Wed, 24 Apr 2024 17:07:58 GMT
x-goog-stored-content-length: 36425
x-cache: HIT, HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-lhr7387-LHR, cache-fra-eddf8230137-FRA
x-cache-hits: 254, 0
x-guploader-uploadid: ABPtcPqlrrlPDfyuw4kzO1A0_jATHWEFBTYGZ_iGPcZOnBknn1tyXa2yvD8Tjxo2ykTf-UX8I9mAqZ8wbQ
fastly-stats: io=1
vary: Accept
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1736656018.736148,VS0,VE1
via: 1.1 varnish, 1.1 varnish
cf-ray: 8797596fec1263ca-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709302869713666
content-length: 58136
fastly-io-served-by: img11-europe-west2
server: cloudflare

GET
H2 200 8 Show response
order.preparedhero.com/apps/98205/ 92 KB
23 KB 7ms
7ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/apps/98205/8
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40029b55d923abde53f09c41e371a7874a70ab124032b3c548cfa3896e216345

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
content-encoding: gzip
x-timer: S1736656018.724256,VS0,VE1
age: 393564
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 23156
date: Sun, 12 Jan 2025 04:26:57 GMT
last-modified: Mon, 06 Jan 2025 20:59:58 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230077-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 1684337318-shipping_protection.png
img.funnelish.com/6074/60903/ 1 KB
2 KB 21ms
16ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/60903/1684337318-shipping_protection.png?height=60&width=60&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b1b30332c3fc9968e41da36330f8059522726f6555015e1efd1dea63c8c8f625

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=2735 idim=180x180 ifmt=png ofsz=1236 odim=60x60 ofmt=webp
x-goog-hash: crc32c=TBlafw==, md5=Sj+f5TKKfcslK/uzmLeS3w==
etag: "0A8JulS/4sQl50kniOE7ZiaBtAtzAL/hI2udGYExs9Q"
age: 3526
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2735
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AHxI1nObS0tFsLj7_U0PIPdDNFeQt5UIhdOgtdz07BLbmyKwNWOZg4FLTXPVcMiYXjrYV_oWsdc
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736343,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1684337318838378
content-length: 1236
fastly-io-served-by: vpop-etou8240196
server: UploadServer

GET
H2 200 1680799941-main-logo.png
img.funnelish.com/6074/60903/ 2 KB
3 KB 27ms
11ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/60903/1680799941-main-logo.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3aea686f92bc8f488e8c1f45ec00b7602cef094a65297ae0502fb35b724962e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=3122 idim=250x34 ifmt=png ofsz=2440 odim=250x34 ofmt=webp
x-goog-hash: crc32c=sGIDOQ==, md5=wE06aVyVf3mGdgskkwHuzw==
etag: "25yi/XGTbHvX28OO+vWF6WxrXitVfyV9IRIfpYu7txc"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3122
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AD-8ljuTiElCK9VeoNmQYAWFA4cISeBYOIfCNaDbKnflSn9ReV_AX1OOmBiySaFPOUUlQz096A
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.752731,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1680799941590470
content-length: 2440
fastly-io-served-by: vpop-etou8240193
server: UploadServer

GET
H2 200 1709552706-efb-ch-slider1.jpg
img.funnelish.com/6074/30059/ 19 KB
20 KB 25ms
8ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1709552706-efb-ch-slider1.jpg?auto=compress,format&optimize=medium&fit=clip&w=400&h=400
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b353ee54eb3a963978139d6bef07f44a25c4d9a6b26db219c534309bb1f607d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=35850 idim=600x600 ifmt=jpeg ofsz=19826 odim=600x600 ofmt=webp
x-goog-hash: crc32c=Xnnivg==, md5=SmYTngSkkEznVSav+9w+AQ==
cf-cache-status: MISS
etag: "foqqsg1Od8mR0nCphYs9saFlmuRTcx+grdFFWObluoA"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35850
x-cache: HIT, HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-lhr-egll1980054-LHR, cache-fra-eddf8230118-FRA
x-cache-hits: 53, 0
x-guploader-uploadid: ABPtcPo_LhbVVCi3kRV8VUNhAjbqHTln-wVHrrM1dPleLqMmhhycXcLbI1uxVXw7GCOS-bkS4Q
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.752895,VS0,VE1
via: 1.1 varnish, 1.1 varnish
cf-ray: 891d72e70bcf76fc-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709552706754498
content-length: 19826
fastly-io-served-by: vpop-etou8240192
server: cloudflare

GET
H2 200 1709552706-efb-ch-slider1.jpg
img.funnelish.com/6074/30059/ 31 KB
32 KB 18ms
18ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1709552706-efb-ch-slider1.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e063be0eb3e077dc74d904f18dbb53875cde4318af9c05a6944ab2079cf674

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=35850 idim=600x600 ifmt=jpeg ofsz=31788 odim=600x600 ofmt=webp
x-goog-hash: crc32c=Xnnivg==, md5=SmYTngSkkEznVSav+9w+AQ==
cf-cache-status: MISS
etag: "3OvGJqPyoz27bHYX7fNrDKs//IWrhCBGmURwL49CyFw"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35850
x-cache: HIT, HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-lhr-egll1980054-LHR, cache-fra-eddf8230137-FRA
x-cache-hits: 46, 0
x-guploader-uploadid: ABPtcPo_LhbVVCi3kRV8VUNhAjbqHTln-wVHrrM1dPleLqMmhhycXcLbI1uxVXw7GCOS-bkS4Q
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.736793,VS0,VE1
via: 1.1 varnish, 1.1 varnish
cf-ray: 891d72e70bcf76fc-LHR
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709552706754498
content-length: 31788
fastly-io-served-by: vpop-etou8240194
server: cloudflare

GET
H2 200 1709552710-efb-ch-slider2.jpg
img.funnelish.com/6074/30059/ 43 KB
43 KB 21ms
20ms Image
image/jpeg 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1709552710-efb-ch-slider2.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a6d7254a075ffb6c9e3877d123a7ff61a588968cb98b0de5df2b3cf2f73a0db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=43748 idim=600x600 ifmt=jpeg ofsz=43748 odim=600x600 ofmt=jpeg
x-goog-hash: crc32c=uY/Qug==, md5=qcO7jQoOYIwG5T5X6yD6kA==
etag: "UuQJiyBSxELVB4WNXiC4M2WY0ju81CQAHBC843diUSc"
age: 2157942
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43748
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AHmUCY2Vi0eTTx4QOWWLlOG-98eY3I-0nCXV5dIjEZWIyBZDS6mya_vlNC1xfBMR7FFFHaIfLxU
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
fastly-io-warning: Failed to shrink image
x-goog-storage-class: STANDARD
x-timer: S1736656018.740953,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709552710739817
content-length: 43748
fastly-io-served-by: vpop-etou8240195
server: UploadServer

GET
H2 200 1709552716-efb-ch-slider4.jpg
img.funnelish.com/6074/30059/ 38 KB
38 KB 21ms
21ms Image
image/jpeg 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1709552716-efb-ch-slider4.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ac42412ced63357e5afb8de3d7e0d6a87fd1be1f9ab4a6df461d09d9ad6d9b03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=38672 idim=600x600 ifmt=jpeg ofsz=38672 odim=600x600 ofmt=jpeg
x-goog-hash: crc32c=+al2Lw==, md5=11g/aw6dr6aYaI/i/EQ8MA==
etag: "BoJMsq+HpnfV+odttS5PuZ8c3c2ulOop/3D/pIfBPUg"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38672
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC6F96-LpOmQM4yivE1ozVWOwjsKAfW7tM7pqiKaKEQqQR3eGBKv4iopkJ02vk48tFgf
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
fastly-io-warning: Failed to shrink image
x-goog-storage-class: STANDARD
x-timer: S1736656018.740912,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709552716567714
content-length: 38672
fastly-io-served-by: img01-europe-west3
server: UploadServer

GET
H2 200 1709552713-efb-ch-slider3.jpg
img.funnelish.com/6074/30059/ 35 KB
35 KB 21ms
21ms Image
image/jpeg 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1709552713-efb-ch-slider3.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2d3e4a317036f2845a97da03f7bbecbfdd9b8bf4ea665e24192e980a267f08a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=35673 idim=600x600 ifmt=jpeg ofsz=35673 odim=600x600 ofmt=jpeg
x-goog-hash: crc32c=z7ss7w==, md5=RjAc6csfrInLpKWTEQ3tig==
etag: "kjjZewTIYWeqyUbbNMLgodpaUr8jGfrKIL9wFT0x2DU"
age: 3527
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35673
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/jpeg
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AHxI1nN3N8bx5nQbVong07hqYARxqtFzaMdURpl1ExOhS6E6Nl9r4tn7ND1_xCoE4CISo0CCRoI
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
fastly-io-warning: Failed to shrink image
x-goog-storage-class: STANDARD
x-timer: S1736656018.740903,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1709552713461402
content-length: 35673
fastly-io-served-by: vpop-etou8240195
server: UploadServer

GET
H2 200 ta_bnr_rgt_star.png
preparedhero.com/cdn/shop/files/ 5 KB
6 KB 117ms
27ms Image
image/webp 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://preparedhero.com/cdn/shop/files/ta_bnr_rgt_star.png?v=7235083625721579241

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

0fa9e919b6aaf7056f57d6b45ac8ab75e17d3ae82bb0db26c7f0cf84e0ab5f45

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-request-id: 159712c4-56f2-4547-98e6-427d3dcd3fb9-1732467565
access-control-expose-headers: *
cf-cache-status: HIT
age: 119860
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFE3sMhzMp8RqmAnfP6L1PcZciZP2ovWOmoma3tiv8UocyQzFFtPz3WLOK3FAc6gZxNDzGiBO2OmyMtz9KOPis0OBZNT02dph%2FC7M16OggO3H%2Bvr%2BMr7Lx5jTrn3ATl%2BhDw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 27528626224
server-timing: imagery;dur=252.727, imageryFetch;dur=83.829, imageryProcess;dur=168.225;desc="image", cfRequestDuration;dur=13.000011
alt-svc: h3=":443"; ma=86400
date: Sun, 12 Jan 2025 04:26:57 GMT
source-type: image/png
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Sun, 24 Nov 2024 16:59:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 21414
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 900a642f6e32dc60-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5044
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 47
x-shopid: 27528626224
server: cloudflare

GET
H2 200 1675196826-arrow.png
img.funnelish.com/6074/30059/ 186 B
779 B 23ms
7ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196826-arrow.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ae29f305d19931388ce8482fdd27934cad55af9bbebe34a0e4699f820d18bb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=1231 idim=31x28 ifmt=png ofsz=186 odim=31x28 ofmt=webp
x-goog-hash: crc32c=D5pnlA==, md5=EZ+WaM3p/Rr4cM/iMmCGPQ==
etag: "tS7hal826cw/5LhhzhzqaOxUzW2Cp+g9vT+goHriZ4w"
age: 3526
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1231
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC7mRUM8hOU0yCdSEMyu9BtkQq49QXWu3hlzPr9lAdufu64tt74FQrdWJW7LX2SGh491rPe_UXpHJg
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.752922,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1675196826581075
content-length: 186
fastly-io-served-by: vpop-etou8240198
server: UploadServer

GET
H2 200 paypal.svg
order.preparedhero.com/img/billing/ 8 KB
4 KB 8ms
7ms Image
image/svg+xml 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.preparedhero.com/img/billing/paypal.svg
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85b7f5164dd7e3d3e85388a47d5dcae1664d6e10f5407d181cefa99b397cf4c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: public, max-age=10000
content-encoding: gzip
x-timer: S1736656018.741254,VS0,VE1
age: 3527
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 3927
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/svg+xml
last-modified: Tue, 19 Jan 2021 06:25:44 GMT
x-served-by: cache-fra-eddf8230039-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 offsite-img.png
order.preparedhero.com/img/ 727 B
900 B 7ms
6ms Image
image/png 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.preparedhero.com/img/offsite-img.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a4f1bfb4a59322c9d9f4b06b03d6c7857fb6a47f20543b77a44502e1fd1b6a4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: public, max-age=10000
x-timer: S1736656018.741333,VS0,VE1
age: 3527
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 727
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/png
last-modified: Fri, 26 Mar 2021 10:29:04 GMT
x-served-by: cache-fra-eddf8230155-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0

POST
H2 200 settings Show response
order.preparedhero.com/gateways/98205/1/ 91 B
272 B 127ms
126ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/gateways/98205/1/settings
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1c80c59fc8488a952dfa15b20fa1dc925d310db7f59d5b6587fe63187e77abb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
x-timer: S1736656018.742829,VS0,VE119
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS
content-length: 91
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: application/json; charset=UTF-8
x-served-by: cache-fra-eddf8230072-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 places.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 154 KB
35 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/places.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a19aa6a13500dbf37fc151072dcd190b2dbda5e70a04d82f8560564b82721de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285951
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:06 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 36093
x-xss-protection: 0
server: sffe

GET
H2 200 main.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 236 KB
69 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6d0ced9a55d90ce1382969359ae278a5e2bd6e8bd8b1800bcdc526a11372ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285951
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:06 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 70341
x-xss-protection: 0
server: sffe

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.59/ 67 KB
28 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/h0v0s3lkif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-azure-ref: 20250112T042657Z-15464c697c59jp5lhC1FRAd9a00000000b9g00000000fhms
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD2FD8C5BBA94B"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 860b5573-901e-007b-2cd1-616c47000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 08 Jan 2025 11:37:03 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 706 KB
169 KB 39ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2a279b5d3b77fffde4d4a9d10f21b1efd8f3253eeeae325b8ea05a597b71d89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-request-id: 6040f4f5-b63e-448d-a179-6007ca3048a8
content-encoding: br
etag: "e69bf29adb9007bb28f8455c605c7892"
age: 17
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
last-modified: Sat, 11 Jan 2025 03:33:50 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230141-FRA
x-cache-hits: 2
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 172554
server: Fastly

GET
H2 200 1657636070-warning.png
img.funnelish.com/6074/30059/ 4 KB
4 KB 8ms
7ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657636070-warning.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5c246a64acc1412e5e60639a46a2bbeff2b6f134c69f4f775f7eb1cefcb58ab7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=10731 idim=512x512 ifmt=png ofsz=3848 odim=512x512 ofmt=webp
x-goog-hash: crc32c=64aDEA==, md5=TaXA8CG3Oj3Ak7TTS0tuTw==
etag: "ZBzjU4R8iejSlFXTVtyBHcSKth37X19P3GA8SKdC7Bk"
age: 1411702
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10731
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC69ze091QJo6p4rRTnAXuheoe_iePHrTkLrGoTsKBzyRHVZOwXBAZOlJY2swIMs3ug
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.913937,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1657636070312454
content-length: 3848
fastly-io-served-by: vpop-etou8240196
server: UploadServer

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
284 B 36ms
7ms Fetch
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1406018/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1736656018.017990,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-fra-eddf8230121-FRA
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1406018/trc/3/ 3 KB
2 KB 41ms
35ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1406018/trc/3/json?tim=1736656017919&data=%7B%22id%22%3A900%2C%22ii%22%3A%22%2Fefb-yt-checkout%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1736656017916%2C%22cv%22%3A%2220250102-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Forder.preparedhero.com%2Fefb-yt-checkout%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgtmbrands-preparedhero-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1736656017919%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Forder.preparedhero.com%2Fefb-yt-checkout%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1406018/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 709262cefd82c8ab87011a0d29356e3186773bea02d1b808288feea9ca915387

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Sun, 12 Jan 2025 04:26:57 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230043-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 7512
x-timer: S1736656018.928745,VS0,VE28
x-vcl-time-ms: 28
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.09275
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H2 200 controller-with-preconnect-fd0540fdbafb12173e5f385d4e01d247.html
js.stripe.com/v3/ Frame 9BAF 0
0 20ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-fd0540fdbafb12173e5f385d4e01d247.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 46
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "fd0540fdbafb12173e5f385d4e01d247"
last-modified: Sat, 11 Jan 2025 02:51:59 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 8
x-content-type-options: nosniff
x-request-id: d53b14d4-9d58-4034-9f8e-7841f662893a
x-served-by: cache-fra-eddf8230052-FRA

GET
H2 200 elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
js.stripe.com/v3/ Frame 3698 0
0 18ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91553
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 514
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "2d21295375268d3877f2bbfccf1ffe27"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1181
x-content-type-options: nosniff
x-request-id: 7457f270-179d-4b0d-b0f8-0cb675ea8bb3
x-served-by: cache-fra-eddf8230052-FRA

GET
H2 200 elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
js.stripe.com/v3/ Frame 99BE 0
0 19ms
19ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91553
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 514
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "2d21295375268d3877f2bbfccf1ffe27"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1181
x-content-type-options: nosniff
x-request-id: 7457f270-179d-4b0d-b0f8-0cb675ea8bb3
x-served-by: cache-fra-eddf8230052-FRA

GET
H2 200 elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html
js.stripe.com/v3/ Frame 71F3 0
0 19ms
19ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-2d21295375268d3877f2bbfccf1ffe27.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91553
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 514
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "2d21295375268d3877f2bbfccf1ffe27"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1181
x-content-type-options: nosniff
x-request-id: 7457f270-179d-4b0d-b0f8-0cb675ea8bb3
x-served-by: cache-fra-eddf8230052-FRA

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 72ms
71ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://order.preparedhero.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 268 KB
55 KB 37ms
37ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

sffe /

Resource Hash

fea22a8084201b5e5ef9488cf8106a17fdaa02d3d7fea5d4babbb60ee1655526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285952
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:05 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56708
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 189 KB
58 KB 51ms
51ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

sffe /

Resource Hash

fa6c4a7d3d38fe96c9d98f35010f73b88758b2f1cc89919bf6883b2b8b586913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285952
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:05 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 58918
x-xss-protection: 0
server: sffe

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 99 KB
26 KB 69ms
69ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

sffe /

Resource Hash

0704be90456ca290bae6631ede2e0dcf4433a3a8504b14a82e50157c4f9cebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285950
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:07 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 26604
x-xss-protection: 0
server: sffe

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/ 45 KB
14 KB 41ms
41ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/59/4a/intl/de_ALL/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f202.1e100.net

Software

sffe /

Resource Hash

369988c6663f8a3136cea8a0d33d37aef66dc70d4bd269917fdd4bddf78bbdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
age: 285939
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 08 Jan 2026 21:01:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Jan 2025 21:01:18 GMT
last-modified: Wed, 08 Jan 2025 18:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 14101
x-xss-protection: 0
server: sffe

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
286 B 422ms
195ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://order.preparedhero.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://order.preparedhero.com
Date: Sun, 12 Jan 2025 04:26:58 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 1669664459-hook.jpg
img.funnelish.com/6074/30059/ 17 KB
17 KB 8ms
7ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1669664459-hook.jpg
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b655c92f0393c27b4b4f92ffa6b87e10fbeeedec8ee6eae37e7b60a5ce1e822d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=15767 idim=600x600 ifmt=jpeg ofsz=17394 odim=600x600 ofmt=webp
x-goog-hash: crc32c=GXxSeA==, md5=VsM83wRU/Ksq6nbizMZD2Q==
etag: "Oisw1DtbmOGADU2J0OBjadjcdr22I0G26o4X2hN0Jmg"
age: 1996
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15767
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC4arhYpd1l63C3PqWWbiucQmrzv6DwiH56_QpPnqobi8EkTU23eVYSO0V4XOStnBP43tJ4
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.019162,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1669664460085202
content-length: 17394
fastly-io-served-by: vpop-etou8240197
server: UploadServer

GET
H2 200 1653027341-checkout-secured.png
img.funnelish.com/5682/26088/ 89 KB
89 KB 9ms
8ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/5682/26088/1653027341-checkout-secured.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4d4d0c00c4767c09557646606c23b7e152b982a59b7ac5513dd278432ae8aa95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=146309 idim=1368x182 ifmt=png ofsz=90978 odim=1368x182 ofmt=webp
x-goog-hash: crc32c=zKX+cw==, md5=3HDl3n8pcDoi4WArWq5DYA==
etag: "TU4XmqIoJhCmkIquIQhaddb7kbzsLmZzWP9E5XoaC3c"
age: 1993
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 146309
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AHxI1nP4llu1YcLyQE70sPLNfMx6v0n_qMxvMiJDS8GYSpbNDUH1AN-bInIHqaXjJbvLG76kIgQB4nX6pA
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.019303,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1653027342107048
content-length: 90978
fastly-io-served-by: vpop-etou8240194
server: UploadServer

GET
H2 200 1653376152-6143e22a819db63e038347ba_30mbg.svg
img.funnelish.com/3986/26453/ 91 KB
91 KB 9ms
9ms Image
image/svg+xml 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/3986/26453/1653376152-6143e22a819db63e038347ba_30mbg.svg
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 207ac888ee9ae038f56e2470dcd2f358854ea5dd2e862ae31b453d16c332513d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=mM3axA==, md5=8PyFO5f4GdIkjAaFZwLgfA==
etag: "f0fc853b97f819d2248c06856702e07c"
age: 3461
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 92719
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/svg+xml
last-modified: Tue, 24 May 2022 07:09:12 GMT
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC4BLwKMXfeyXm4SXG7O8pkIzFujJ-CRrZ4jnzgMZsCotoBdXGXDiGhiIbJDyphXW_EELo3hES4
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.019256,VS0,VE1
via: 1.1 varnish
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1653376152873477
content-length: 92719
fastly-io-served-by: vpop-etou8240198
server: UploadServer

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 134ms
49ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 12 Jan 2025 04:26:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 1616
x-xss-protection: 0
server: sffe

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 132ms
48ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 12 Jan 2025 04:26:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 3351
x-xss-protection: 0
server: sffe

GET
H3 200 link-modal-inner-a563b697ed97cbd8768d816b8f6fca3e.html
js.stripe.com/v3/ Frame 89C2 0
0 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/link-modal-inner-a563b697ed97cbd8768d816b8f6fca3e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 455
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "a563b697ed97cbd8768d816b8f6fca3e"
last-modified: Sat, 11 Jan 2025 02:52:12 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 24999a64-4940-461b-bc2a-a8400ff8aadd
x-served-by: cache-fra-eddf8230142-FRA

GET
H2 200 1660668305-favicon.png
img.funnelish.com/6074/30059/ 2 KB
2 KB 130ms
130ms Other
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.funnelish.com/6074/30059/1660668305-favicon.png?auto=webp&fit=bounds&width=40&height=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=11877 idim=192x210 ifmt=png ofsz=1840 odim=37x40 ofmt=webp
x-goog-hash: crc32c=ll4OBA==, md5=HXsHPcwuP0BRU3jVzk/KOA==
etag: "9JCQX/wigJqzWPPkV7WLrIdnWgR2EFjhaOT6qI8xDh0"
age: 0
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11877
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230137-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC5FPKukExFnBs2ZSZecFmCV0GxgggdeBjRe0rWAgI1x-sjIR7sFhNoPluSIZoEmtuGrpeAzQg60lw
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656018.251523,VS0,VE123
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1660668305685401
content-length: 1840
fastly-io-served-by: vpop-etou8240199
server: UploadServer

GET
H3 200 hcaptcha-invisible-8837680f9c137ed94aa55fad7f104ce7.html
js.stripe.com/v3/ Frame 207E 0
0 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-8837680f9c137ed94aa55fad7f104ce7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-RwFo0YgFhoMViuFvcfYgaNs4kJOFmAoAsOqWLJSh20M='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91618
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 24124
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-RwFo0YgFhoMViuFvcfYgaNs4kJOFmAoAsOqWLJSh20M='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "9a4be11355cc5f333c70ecc77b88b3d1"
last-modified: Sat, 11 Jan 2025 02:52:12 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2257
x-content-type-options: nosniff
x-request-id: 084c4965-9839-4aca-9314-2cb185daa598
x-served-by: cache-fra-eddf8230142-FRA

GET
H2 200 phone-numbers-lib-2e4b163cc1a1989623e99b9224e9eda8.js Show response
js.stripe.com/v3/fingerprinted/js/ 150 KB
35 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-2e4b163cc1a1989623e99b9224e9eda8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

03149356c945f58150e4205b34572b5160be326d8e595d1d165143a48c01092d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

x-request-id: 527f056f-e0b3-43ab-ae77-15c98c08d099
content-encoding: br
etag: "923076fd2b6fefb66fa5480a11ac28d2"
age: 2109040
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:58 GMT
last-modified: Wed, 18 Dec 2024 18:29:53 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230141-FRA
x-cache-hits: 11325
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35407
server: Fastly

GET
H3 200 elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
js.stripe.com/v3/ Frame 5D33 0
0 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91549
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 17534
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "58ac325a094e8a2f5fb6e803c1ea66df"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 554
x-content-type-options: nosniff
x-request-id: 65d9ad67-61fe-4331-86f0-64680f499864
x-served-by: cache-fra-eddf8230142-FRA

GET
H3 200 elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
js.stripe.com/v3/ Frame 8E91 0
0 5ms
5ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91549
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 17534
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "58ac325a094e8a2f5fb6e803c1ea66df"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 554
x-content-type-options: nosniff
x-request-id: 65d9ad67-61fe-4331-86f0-64680f499864
x-served-by: cache-fra-eddf8230142-FRA

GET
H3 200 elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html
js.stripe.com/v3/ Frame E5F3 0
0 2ms
2ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-58ac325a094e8a2f5fb6e803c1ea66df.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://order.preparedhero.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 91549
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 17534
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 12 Jan 2025 04:26:58 GMT
etag: "58ac325a094e8a2f5fb6e803c1ea66df"
last-modified: Sat, 11 Jan 2025 02:52:00 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 554
x-content-type-options: nosniff
x-request-id: 65d9ad67-61fe-4331-86f0-64680f499864
x-served-by: cache-fra-eddf8230142-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 136ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSMSHB6Q

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

033673ca76ad51c577e1ca4e3686679a28ffd73594cabad8a72c8a4a144cc0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 12 Jan 2025 04:26:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 12 Jan 2025 04:26:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 12 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 74744
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js Show response
static.mobilemonkey.com/js/ 17 KB
18 KB 159ms
118ms Script
text/javascript 3.160.150.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSMSHB6Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-77.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b2d9ed37bac5c1250d4626bd95e67f4ff4968e7acbfda603eec7723ab493795

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: max-age=60
etag: "a631c6f74e907ac130bad63b983dcf9f"
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
content-length: 17917
x-amz-cf-id: 7ip2XfxFteGJ8JfhuklmTexlW1J1gjjssksLCRUeZfm7Elsy2tK9Tw==
date: Sun, 12 Jan 2025 04:27:00 GMT
content-type: text/javascript
last-modified: Sun, 12 Jan 2025 03:32:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7

GET
H2 200 a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 39ms
7ms Script
application/javascript 2600:9000:26e8:9400:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-yt-checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:9400:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a786e6a7dd7ac9021b5047bc99492bc0f699e215edd2e8d68a7346f12e783879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

vary: Origin
x-amz-version-id: qVW7Dbw84_uwfDIkFDiAJt3Y2cINLSKf
etag: "74679bad40f25f2fbb57f46c55812c0c"
age: 73514
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 6952
x-amz-cf-id: TqX-lmaSSrqBXBsYDlN0YDL7xOL7kwXDeyIL5pH5_fiZUZbFPj5itQ==
date: Sat, 11 Jan 2025 08:01:45 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 18:51:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 44ms
43ms Image
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PSMSHB6Q&v=3&t=t&pid=513828799&cv=16&rv=5190&tc=9&tag_exp=101925629~102067555~102067808~102081485~102198178&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
270 B 43ms
42ms Image
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 45ms
44ms Image
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PSMSHB6Q&v=3&t=t&pid=513828799&cv=16&rv=5190&tc=9&tag_exp=101925629~102067555~102067808~102081485~102198178&es=1&e=gtm.js&eid=1&h=Ag&hf=0__html.0__html&ht=p__html.p__html&tr=1paused.1paused.1paused.1html.1html&ti=2paused.2paused.2paused.2html.2html&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 51ms
51ms Image
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PSMSHB6Q&v=3&t=t&pid=513828799&cv=16&rv=5190&tc=9&tag_exp=101925629~102067555~102067808~102081485~102198178&es=1&e=gtm.dom&eid=2&h=Ag&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 a
www.googletagmanager.com/ 0
52 B 51ms
51ms Image
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-PSMSHB6Q&v=3&t=t&pid=513828799&cv=16&rv=5190&tc=9&tag_exp=101925629~102067555~102067808~102081485~102198178&es=1&e=gtm.load&eid=3&h=Ag&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 12 Jan 2025 04:26:58 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 25 KB
9 KB 28ms
6ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

Content-Encoding: gzip
ETag: W/"675772a2-6412"
Age: 79543
Expires: Wed, 01 Jan 2025 08:57:22 GMT
X-Cache: HIT, HIT
Date: Sun, 12 Jan 2025 04:26:59 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 22:43:46 GMT
X-Served-By: cache-lga21930-LGA, cache-fra-eddf8230057-FRA
X-Cache-Hits: 92155, 13608
Vary: Accept-Encoding
Cache-Control: max-age=86402
X-Timer: S1736656019.007126,VS0,VE0
Connection: keep-alive
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8780
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 11 KB
11 KB 8ms
7ms Script
application/javascript 2600:9000:26e8:9400:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:9400:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8f76376313b39772035e7c37d4d5c6fa98ed7b297a450e246faa5d11a750dfc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

vary: Origin
x-amz-version-id: qqyJAQ6PTIv7V1Rx2596etG8G2XDsl0u
etag: "2e1b2b7d512fa7b0dd3b0bbf82052560"
age: 13046
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11231
x-amz-cf-id: fE6e9Q3yWqQWi7uCDeJJ0-4JaZ05O3aT4rTmlj0z-_IUFrHy-3ndaQ==
date: Sun, 12 Jan 2025 03:39:47 GMT
content-type: application/javascript
last-modified: Wed, 14 Aug 2024 21:26:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 8ms
7ms Script
application/javascript 2600:9000:26e8:9400:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:9400:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

vary: Origin
x-amz-version-id: SWCsuWptg0Q6QtRxILAYrOPGDJcNgeJR
etag: "4b728eb7a2b33631d4f7c20a31fddfde"
age: 10054
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 9800
x-amz-cf-id: qkqANmh1Tp_Y_Ku_nBCaPPwRAN74J71c7U40NhpNE0uPKKrKeBz7JQ==
date: Sun, 12 Jan 2025 01:39:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Jun 2024 21:35:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 5a28e627 Show response
ttip-ipv4-prod.telemetry.vaultdcr.com/ 43 B
595 B 566ms
452ms XHR
image/gif 18.173.205.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ttip-ipv4-prod.telemetry.vaultdcr.com/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YTZiMGYzY2ItZWUxZi00ZTY3LWFhOTEtMzNlZWRjMmRlMDVjJnNlc3Npb25JZD04ZjQ4YjBmNC05ODJkLThlNTctZWEwMy01Y2MwM2VkNWIwNGU%3D&date=1736656018997

Requested by

Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-52.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

access-control-max-age: 3000
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9_CYxdSRPlZ0VT8le3UWsuyM-vINuoh-sPi7swYP3enpE5Z9fNTl_Q==
date: Sun, 12 Jan 2025 04:27:00 GMT
content-type: image/gif
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12
server: AmazonS3

GET
H2 200 5a28e627 Show response
ttip-ipv6-prod.telemetry.vaultdcr.com/ 43 B
595 B 473ms
433ms XHR
image/gif 2600:9000:2491:ca00:0:f171:6100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ttip-ipv6-prod.telemetry.vaultdcr.com/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWE2YjBmM2NiLWVlMWYtNGU2Ny1hYTkxLTMzZWVkYzJkZTA1YyZzZXNzaW9uSWQ9OGY0OGIwZjQtOTgyZC04ZTU3LWVhMDMtNWNjMDNlZDViMDRl&date=1736656018997

Requested by

Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:ca00:0:f171:6100:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

access-control-max-age: 3000
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: CXAYtD1Mg03S-2k2-VLqrsP4WnT_RPtu06dNW_MvYpaqt6LCuqrMWQ==
date: Sun, 12 Jan 2025 04:27:00 GMT
content-type: image/gif
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P7
server: AmazonS3

GET
H2 200 5a28e627 Show response
tte-prod.telemetry.vaultdcr.com/ 43 B
596 B 496ms
439ms XHR
image/gif 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tte-prod.telemetry.vaultdcr.com/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YTZiMGYzY2ItZWUxZi00ZTY3LWFhOTEtMzNlZWRjMmRlMDVjJnNlc3Npb25JZD04ZjQ4YjBmNC05ODJkLThlNTctZWEwMy01Y2MwM2VkNWIwNGUmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPUxpbnV4JiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZvcmRlci5wcmVwYXJlZGhlcm8uY29tJTJGZWZiLXl0LWNoZWNrb3V0&date=1736656018998

Requested by

Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-44.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

access-control-max-age: 3000
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 0JYhzEEzhKQTFKTbKC6LF3nmUbveqJJJsM4kzfads_Sv98I_uJNsJQ==
date: Sun, 12 Jan 2025 04:27:00 GMT
content-type: image/gif
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P3
server: AmazonS3

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
230 B

126ms
125ms

Script
text/html

2606:4700:4400::ac40:92d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Protocol: H2
Server: 2606:4700:4400::ac40:92d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 900a643bdfe72bca-FRA
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
server: cloudflare

Redirect headers

cf-ray: 900a64398f5d2bca-FRA
access-control-allow-origin: *
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
cf-cache-status: DYNAMIC
date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072&_bee_ppp=1

43 B
796 B

29ms
29ms

Image
image/gif

54.170.183.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072&_bee_ppp=1

Protocol

HTTP/1.1

Server

54.170.183.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length: 43
Date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: image/gif
Server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=5168381072&_bee_ppp=1
Content-Length: 0
Date: Sun, 12 Jan 2025 04:26:59 GMT
Server: gunicorn
Connection: keep-alive

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
318 B 54ms
14ms Fetch
application/xml 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=2bd3124e-0ed2-40b0-8dd4-c94aa1194ce4
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
x-proxy-origin: 185.213.155.161; 185.213.155.161; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
access-control-allow-origin: https://order.preparedhero.com
content-length: 9
date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: application/xml
server: nginx/1.23.4
access-control-allow-headers: Content-Type

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
286 B 102ms
100ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://order.preparedhero.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://order.preparedhero.com
Date: Sun, 12 Jan 2025 04:26:59 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 pixie
ib.adnxs.com/ 42 B
227 B 14ms
14ms Image
image/gif 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=2bd3124e-0ed2-40b0-8dd4-c94aa1194ce4&it=1736656019015&v=0.0.45&u=https%3A%2F%2Forder.preparedhero.com%2Fefb-yt-checkout&st=1736656019015&et=1736656019071&if=0&uetmsmid=0e134250-20ef-4b32-af1f-2c61fae20bcd&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 42
date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: image/gif
server: nginx/1.23.4
x-proxy-origin: 185.213.155.161; 185.213.155.161; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

OPTIONS
H/1.1 204
No Content sax
a.aisiteanalytics.com/x/ Frame 0
0 449ms
95ms Preflight 20.119.0.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.aisiteanalytics.com/x/sax
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://order.preparedhero.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Date: Sun, 12 Jan 2025 04:26:59 GMT
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By: Express

POST
H/1.1 204
No Content sax
a.aisiteanalytics.com/x/ 0
0 109ms
108ms Fetch 20.119.0.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.aisiteanalytics.com/x/sax
Requested by: Host: static.mobilemonkey.com
URL: https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Date: Sun, 12 Jan 2025 04:26:59 GMT
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By: Express
Access-Control-Allow-Methods: POST

GET
H/1.1 204
No Content 590432@eb8cdac4cd2645517446$7d3358f5017ce864
a.aisiteanalytics.com/x/ 0
0 446ms
97ms Fetch 20.119.0.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.aisiteanalytics.com/x/590432@eb8cdac4cd2645517446$7d3358f5017ce864
Requested by: Host: static.mobilemonkey.com
URL: https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/

Response headers

Date: Sun, 12 Jan 2025 04:26:59 GMT
ETag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By: Express

GET ge.js
s3-us-west-2.amazonaws.com/jsstore/a/150HEX1/ 0
0

GET
H2 200 1733920416-file.png
img.funnelish.com/6074/633771/ 4 KB
5 KB 8ms
8ms Image
image/webp 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/633771/1733920416-file.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 89980e50bc018aa58fd9f4d4f460bbe0d4f918bb47ac6ed9ec3f3a994a80541a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.preparedhero.com
Referer: https://order.preparedhero.com/

Response headers

x-goog-metageneration: 1
fastly-io-info: ifsz=6902 idim=50x50 ifmt=png ofsz=4388 odim=50x50 ofmt=webp
x-goog-hash: crc32c=+K/pkw==, md5=5IM0jtwAXcNNdUFR9nMv7Q==
etag: "/8DAVAfciKLpuF4KuGtZK4QuSM7tC4blwtjrQaxorRU"
age: 2538071
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6902
x-cache: HIT
date: Sun, 12 Jan 2025 04:26:59 GMT
content-type: image/webp
x-served-by: cache-fra-eddf8230118-FRA
x-cache-hits: 0
x-guploader-uploadid: AFiumC4mOE7ZxtSOcq8kyojJgtXJTxKn1wY_Kvm8cgZSjqBpCjEja7r9ov64oEsUPfI158jqHMwaK_0
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-goog-storage-class: STANDARD
x-timer: S1736656019.350842,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
x-goog-generation: 1733920416698524
content-length: 4388
fastly-io-served-by: vpop-etou8240196
server: UploadServer

GET
H2 204 unip Show response
trc-events.taboola.com/1406018/log/3/ 0
252 B 42ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1406018/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1736656017918&ver=36&isls=true&src=i&invt=1500&msa=2279&rv=1&tim=1736656019470&vi=1736656017916&ri=e5598cad867467d829e9fef52904bd45&ref=null&cv=20250102-8-RELEASE&item-url=https%3A%2F%2Forder.preparedhero.com%2Fefb-yt-checkout&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1406018/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://order.preparedhero.com/

Response headers

access-control-allow-origin: https://order.preparedhero.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Sun, 12 Jan 2025 04:26:59 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1406018/log/3/ Frame 0
0 70ms
14ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1406018/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1736656017918&ver=36&isls=true&src=i&invt=1500&msa=2279&rv=1&tim=1736656019470&vi=1736656017916&ri=e5598cad867467d829e9fef52904bd45&ref=null&cv=20250102-8-RELEASE&item-url=https%3A%2F%2Forder.preparedhero.com%2Fefb-yt-checkout&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://order.preparedhero.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://order.preparedhero.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Sun, 12 Jan 2025 04:26:59 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
286 B 101ms
99ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://order.preparedhero.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://order.preparedhero.com
Date: Sun, 12 Jan 2025 04:27:01 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST view
analytics.app.funnelish.com/ 0
0

OPTIONS view
analytics.app.funnelish.com/ Frame 0
0

GET
H2 200 11 Show response
order.preparedhero.com/apps/98205/ 13 KB
4 KB 125ms
125ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/apps/98205/11
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 79fca0a56f8ff494309a67f45e8c3504fb4eae73962e51b69723633e410516b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
content-encoding: gzip
x-timer: S1736656022.025205,VS0,VE118
age: 0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 4279
date: Sun, 12 Jan 2025 04:27:02 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 19 May 2024 01:07:04 GMT
x-served-by: cache-fra-etou8220092-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET
H2 200 14 Show response
order.preparedhero.com/apps/98205/ 11 KB
4 KB 124ms
124ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/apps/98205/14
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 02807cf16028734d1f33a48fb99c843db09dc9c028c416c33dfbc6409c3b61c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.preparedhero.com/efb-yt-checkout

Response headers

cache-control: no-store
content-encoding: gzip
x-timer: S1736656022.025287,VS0,VE117
age: 0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, HIT
content-length: 3853
date: Sun, 12 Jan 2025 04:27:02 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 24 Sep 2021 06:58:50 GMT
x-served-by: cache-fra-eddf8230127-FRA, cache-fra-eddf8230117-FRA
x-cache-hits: 0, 0
vary: Accept-Encoding

GET 15
order.preparedhero.com/apps/98205/ 0
0

GET fbevents.js
connect.facebook.net/en_US/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/150HEX1/ge.js

Domain: analytics.app.funnelish.com
URL: https://analytics.app.funnelish.com/view

Domain: analytics.app.funnelish.com
URL: https://analytics.app.funnelish.com/view

Domain: order.preparedhero.com
URL: https://order.preparedhero.com/apps/98205/15

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9&l=dataLayer&cx=c&gtm=45He5190v9168606975za200

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
order.preparedhero.com/gateways/98205/1	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/gateways/98205/1	1969-12-31 23:59:59	Name: x-geo-city Value: weil der stadt
order.preparedhero.com/gateways/98205/1	1969-12-31 23:59:59	Name: x-geo-latitude Value: 48.770
order.preparedhero.com/gateways/98205/1	1969-12-31 23:59:59	Name: x-geo-longitude Value: 8.840
order.preparedhero.com/img/billing	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/img/billing	1969-12-31 23:59:59	Name: x-geo-city Value: weil der stadt
order.preparedhero.com/img/billing	1969-12-31 23:59:59	Name: x-geo-latitude Value: 48.770
order.preparedhero.com/img/billing	1969-12-31 23:59:59	Name: x-geo-longitude Value: 8.840
order.preparedhero.com/apps/98205	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/apps/98205	1969-12-31 23:59:59	Name: x-geo-city Value: weil der stadt
order.preparedhero.com/apps/98205	1969-12-31 23:59:59	Name: x-geo-latitude Value: 48.770
order.preparedhero.com/apps/98205	1969-12-31 23:59:59	Name: x-geo-longitude Value: 8.840
order.preparedhero.com/img	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/img	1969-12-31 23:59:59	Name: x-geo-city Value: weil der stadt
order.preparedhero.com/img	1969-12-31 23:59:59	Name: x-geo-latitude Value: 48.770
order.preparedhero.com/img	1969-12-31 23:59:59	Name: x-geo-longitude Value: 8.840
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-city Value: weil der stadt
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-latitude Value: 48.770
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-longitude Value: 8.840
order.preparedhero.com/	1969-12-31 23:59:59	Name: X-ResourcesToken Value: 1736663217_0xad11403f8d8df16b1f1c5e4ca3558fceceb764c4
order.preparedhero.com/	1969-12-31 23:59:59	Name: X-Page Value: F_6074_98205_367068_2162471
api2.hcaptcha.com/	1970-01-21 02:24:17	Name: __cflb Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRConM3zBqzTP3
order.preparedhero.com/	1970-01-21 12:00:16	Name: tatari-cookie-test Value: 99804122
.preparedhero.com/	1970-01-21 02:24:16	Name: t-ip Value: 1
.preparedhero.com/	1970-01-21 12:00:16	Name: tatari-session-cookie Value: 8f48b0f4-982d-8e57-ea03-5cc03ed5b04e
order.preparedhero.com/	1970-01-21 11:09:52	Name: mmuid Value: 7d3358f5017ce864
.bidr.io/	1970-01-21 11:52:46	Name: bito Value: AADUTU7PBokAABVpKdmZyA
.bidr.io/	1970-01-21 11:52:46	Name: bitoIsSecure Value: ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.aisiteanalytics.com
acdn.adnxs.com
action.dstillery.com
action.media6degrees.com
analytics.app.funnelish.com
cdn.taboola.com
connect.facebook.net
d2hrivdxn8ekm8.cloudfront.net
e.clarity.ms
fonts.gstatic.com
ib.adnxs.com
img.funnelish.com
js.stripe.com
maps.googleapis.com
maps.gstatic.com
order.preparedhero.com
preparedhero.com
psb.taboola.com
s3-us-west-2.amazonaws.com
segment.prod.bidr.io
static.mobilemonkey.com
trc-events.taboola.com
trc.taboola.com
tte-prod.telemetry.vaultdcr.com
ttip-ipv4-prod.telemetry.vaultdcr.com
ttip-ipv6-prod.telemetry.vaultdcr.com
www.clarity.ms
www.googletagmanager.com
analytics.app.funnelish.com
connect.facebook.net
order.preparedhero.com
s3-us-west-2.amazonaws.com
www.googletagmanager.com
13.32.99.44
141.226.228.48
151.101.1.44
151.101.129.108
151.101.129.44
151.101.192.176
151.101.194.132
151.101.2.132
172.217.16.195
172.217.16.202
18.173.205.52
185.89.210.244
20.119.0.18
20.57.85.160
23.227.38.65
2600:9000:2491:ca00:0:f171:6100:93a1
2600:9000:26e8:9400:17:3f5c:f800:21
2606:4700:4400::ac40:92d9
2620:1ec:bdf::45
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
3.160.150.77
54.170.183.180
02807cf16028734d1f33a48fb99c843db09dc9c028c416c33dfbc6409c3b61c6
03149356c945f58150e4205b34572b5160be326d8e595d1d165143a48c01092d
033673ca76ad51c577e1ca4e3686679a28ffd73594cabad8a72c8a4a144cc0d0
0704be90456ca290bae6631ede2e0dcf4433a3a8504b14a82e50157c4f9cebf6
0aba5e105b767e8624891263284cc741bee252901d5932015ee2d3b009c62824
0fa9e919b6aaf7056f57d6b45ac8ab75e17d3ae82bb0db26c7f0cf84e0ab5f45
1a6d7254a075ffb6c9e3877d123a7ff61a588968cb98b0de5df2b3cf2f73a0db
207ac888ee9ae038f56e2470dcd2f358854ea5dd2e862ae31b453d16c332513d
2a279b5d3b77fffde4d4a9d10f21b1efd8f3253eeeae325b8ea05a597b71d89f
2d3e4a317036f2845a97da03f7bbecbfdd9b8bf4ea665e24192e980a267f08a0
369988c6663f8a3136cea8a0d33d37aef66dc70d4bd269917fdd4bddf78bbdce
3aea686f92bc8f488e8c1f45ec00b7602cef094a65297ae0502fb35b724962e4
40029b55d923abde53f09c41e371a7874a70ab124032b3c548cfa3896e216345
4d4d0c00c4767c09557646606c23b7e152b982a59b7ac5513dd278432ae8aa95
5c246a64acc1412e5e60639a46a2bbeff2b6f134c69f4f775f7eb1cefcb58ab7
5f5b51abaf91180748d71ae0a5d0135f0feea896a3f59e47040cb6bdab48cfa8
642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284
6a3a940f138366798b5e1970737016be82cefadea5136747d3db619a548536d1
6b2d9ed37bac5c1250d4626bd95e67f4ff4968e7acbfda603eec7723ab493795
6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf
6ff08ab3ddf745420765cd2241d0a4a57c073fcf96171af8e2d7201187b52297
709262cefd82c8ab87011a0d29356e3186773bea02d1b808288feea9ca915387
72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141
77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176
79fca0a56f8ff494309a67f45e8c3504fb4eae73962e51b69723633e410516b8
7a19aa6a13500dbf37fc151072dcd190b2dbda5e70a04d82f8560564b82721de
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81e063be0eb3e077dc74d904f18dbb53875cde4318af9c05a6944ab2079cf674
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
85b7f5164dd7e3d3e85388a47d5dcae1664d6e10f5407d181cefa99b397cf4c3
89980e50bc018aa58fd9f4d4f460bbe0d4f918bb47ac6ed9ec3f3a994a80541a
8ae29f305d19931388ce8482fdd27934cad55af9bbebe34a0e4699f820d18bb2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9cb6d55cd9265d36bda2ddc7d1e7fea8f3fd094843f01067ddb221eab2cb9363
9d6d0ced9a55d90ce1382969359ae278a5e2bd6e8bd8b1800bcdc526a11372ea
a4f1bfb4a59322c9d9f4b06b03d6c7857fb6a47f20543b77a44502e1fd1b6a4b
a786e6a7dd7ac9021b5047bc99492bc0f699e215edd2e8d68a7346f12e783879
a8f76376313b39772035e7c37d4d5c6fa98ed7b297a450e246faa5d11a750dfc
ac42412ced63357e5afb8de3d7e0d6a87fd1be1f9ab4a6df461d09d9ad6d9b03
b1b30332c3fc9968e41da36330f8059522726f6555015e1efd1dea63c8c8f625
b353ee54eb3a963978139d6bef07f44a25c4d9a6b26db219c534309bb1f607d8
b655c92f0393c27b4b4f92ffa6b87e10fbeeedec8ee6eae37e7b60a5ce1e822d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb9a0d6e01c706aa6e5b9d6370349143bab02fe94505a1b2364c5514b3516a5
c89c058ad70b8c60c39360c12e4b033fee413d53b4b90acafab51d9b8e5ab4e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d1c80c59fc8488a952dfa15b20fa1dc925d310db7f59d5b6587fe63187e77abb
d5748ad0f7092ff9749f34c1a19607002fe6862fc59a134be60dd6e3fef2f7e4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dcb14970aa0c73904a85de4a0497814fb114e86cf5a89d6d7992881c25c3ace2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ec14bc7336e3c113134c3cd1d341d9af361bf5d513e326a03a89bda73cc2de
fa6c4a7d3d38fe96c9d98f35010f73b88758b2f1cc89919bf6883b2b8b586913
fbe0b11246ca47ed75124e1b703596e4cb748db29104ae4630165336b2c0ee46
fea22a8084201b5e5ef9488cf8106a17fdaa02d3d7fea5d4babbb60ee1655526

order.preparedhero.com Open in urlscan Pro 151.101.2.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

90 %HTTPS

29 %IPv6

18 Domains

28 Subdomains

25 IPs

5 Countries

1404 kBTransfer

3298 kBSize

29 Cookies

4 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

order.preparedhero.com Open in urlscan Pro
151.101.2.132 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

90 %
HTTPS

29 %
IPv6

18
Domains

28
Subdomains

25
IPs

5
Countries

1404 kB
Transfer

3298 kB
Size

29
Cookies

91 HTTP transactions
1 data transactions