urlscan.io logo urlscan.io
SecurityTrails logo

order.preparedhero.com Open in urlscan Pro
151.101.194.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ctrk.klclick.com/l/01JCWJ01P66WP5K2459TXN95C6_2
Effective URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopi...
Submission: On November 17 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 2 countries across 20 domains to perform 56 HTTP transactions. The main IP is 151.101.194.132, located in San Francisco, United States and belongs to FASTLY, US. The main domain is order.preparedhero.com. The Cisco Umbrella rank of the primary domain is 429369.
TLS certificate: Issued by R10 on October 25th 2024. Valid for: 3 months.
This is the only time order.preparedhero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
7 151.101.194.132 54113 (FASTLY)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
2 142.251.40.163 15169 (GOOGLE)
3 2620:127:f00f... 13335 (CLOUDFLAR...)
1 23.227.38.65 13335 (CLOUDFLAR...)
6 151.101.66.132 54113 (FASTLY)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 23.227.60.200 13335 (CLOUDFLAR...)
3 20.114.190.119 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 13.225.63.13 16509 (AMAZON-02)
3 2600:9000:26f... 16509 (AMAZON-02)
1 23.200.0.25 20940 (AKAMAI-AS...)
3 20.119.0.18 8075 (MICROSOFT...)
1 18.238.49.57 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
1 18.238.80.119 16509 (AMAZON-02)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 18.235.175.73 14618 (AMAZON-AES)
2 68.67.160.75 29990 (ASN-APPNEX)
2 34.111.146.89 396982 (GOOGLE-CL...)
2 157.240.241.1 ()
1 2001:4860:480... ()
1 2607:f8b0:400... ()
1 2607:f8b0:400... ()
4 31.13.80.36 ()
56 27
1    2606:4700::6811:5d01 (United States)

ASN13335 (CLOUDFLARENET, US)
ctrk.klclick.com
7    151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
order.preparedhero.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    142.251.40.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
fonts.gstatic.com
3    2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
preparedhero.com
6    151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
img.funnelish.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
3    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
3    2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.225.63.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-13.ewr53.r.cloudfront.net
static.mobilemonkey.com
3    2600:9000:26fa:5e00:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)
d2hrivdxn8ekm8.cloudfront.net
1    23.200.0.25 (Edison, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-200-0-25.deploy.static.akamaitechnologies.com
acdn.adnxs.com
3    20.119.0.18 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.aisiteanalytics.com
1    18.238.49.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-57.jfk52.r.cloudfront.net
ttip-ipv4-prod.telemetry.vaultdcr.com
1    2600:9000:21dd:ee00:0:f171:6100:93a1 (United States)

ASN16509 (AMAZON-02, US)
ttip-ipv6-prod.telemetry.vaultdcr.com
1    18.238.80.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-119.jfk52.r.cloudfront.net
tte-prod.telemetry.vaultdcr.com
2    2606:4700:4400::ac40:92d9 (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
2    18.235.175.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-175-73.compute-1.amazonaws.com
segment.prod.bidr.io
2    68.67.160.75 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    34.111.146.89 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.146.111.34.bc.googleusercontent.com
analytics.app.funnelish.com
2    157.240.241.1 (None, )

ASN- ()
connect.facebook.net
1    2001:4860:4802:38::181 (None, )

ASN- ()
analytics.google.com
1    2607:f8b0:4004:c1b::9a (None, )

ASN- ()
stats.g.doubleclick.net
1    2607:f8b0:4006:80b::2002 (None, )

ASN- ()
td.doubleclick.net
4    31.13.80.36 (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 funnelish.com
img.funnelish.com — Cisco Umbrella Rank: 80612
analytics.app.funnelish.com — Cisco Umbrella Rank: 164717
112 KB
8 preparedhero.com
order.preparedhero.com — Cisco Umbrella Rank: 429369
preparedhero.com — Cisco Umbrella Rank: 62888
95 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
c.clarity.ms — Cisco Umbrella Rank: 1269
x.clarity.ms — Cisco Umbrella Rank: 8880
30 KB
5 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2241
1 MB
4 facebook.com
www.facebook.com
421 B
3 vaultdcr.com
ttip-ipv4-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13298
ttip-ipv6-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13262
tte-prod.telemetry.vaultdcr.com — Cisco Umbrella Rank: 13074
2 KB
3 aisiteanalytics.com
a.aisiteanalytics.com — Cisco Umbrella Rank: 54709
3 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 643
ib.adnxs.com — Cisco Umbrella Rank: 281
9 KB
3 cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
29 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
342 KB
2 doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
559 B
2 facebook.net
connect.facebook.net
75 KB
2 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 7471
1 KB
2 gstatic.com
fonts.gstatic.com
15 KB
1 google.com
analytics.google.com
1 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 10609
608 B
1 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 9257
606 B
1 mobilemonkey.com
static.mobilemonkey.com — Cisco Umbrella Rank: 69971
17 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
771 B
1 klclick.com
ctrk.klclick.com — Cisco Umbrella Rank: 11563
855 B
56 20
Domain Requested by
7 order.preparedhero.com order.preparedhero.com
6 img.funnelish.com order.preparedhero.com
5 cdn.shopify.com order.preparedhero.com
4 www.facebook.com
3 a.aisiteanalytics.com static.mobilemonkey.com
3 d2hrivdxn8ekm8.cloudfront.net order.preparedhero.com
d2hrivdxn8ekm8.cloudfront.net
3 www.googletagmanager.com order.preparedhero.com
www.googletagmanager.com
3 x.clarity.ms www.clarity.ms
2 connect.facebook.net order.preparedhero.com
connect.facebook.net
2 analytics.app.funnelish.com order.preparedhero.com
2 ib.adnxs.com acdn.adnxs.com
2 segment.prod.bidr.io 1 redirects
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com order.preparedhero.com
2 www.clarity.ms order.preparedhero.com
www.clarity.ms
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 action.media6degrees.com
1 action.dstillery.com 1 redirects
1 tte-prod.telemetry.vaultdcr.com d2hrivdxn8ekm8.cloudfront.net
1 ttip-ipv6-prod.telemetry.vaultdcr.com d2hrivdxn8ekm8.cloudfront.net
1 ttip-ipv4-prod.telemetry.vaultdcr.com d2hrivdxn8ekm8.cloudfront.net
1 acdn.adnxs.com d2hrivdxn8ekm8.cloudfront.net
1 static.mobilemonkey.com www.googletagmanager.com
1 c.bing.com 1 redirects
1 preparedhero.com order.preparedhero.com
1 ctrk.klclick.com 1 redirects
56 28

This site contains links to these domains. Also see Links.

Domain
preparedhero.com
Subject Issuer Validity Valid
order.preparedhero.com
R10		 2024-10-25 -
2025-01-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cdn.shopify.com
E5		 2024-10-27 -
2025-01-25		 3 months crt.sh
preparedhero.com
WE1		 2024-10-04 -
2025-01-02		 3 months crt.sh
img.funnelish.com
R10		 2024-10-24 -
2025-01-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.mobilemonkey.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
cdn.adnxs.com
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh
a.aisiteanalytics.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-07 -
2025-04-07		 6 months crt.sh
*.telemetry.vaultdcr.com
Amazon RSA 2048 M03		 2024-05-08 -
2025-06-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
analytics.app.funnelish.com
WR3		 2024-10-02 -
2025-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Frame ID: 3C7C1079E08D9F90C0B0DFB587EE6EB7
Requests: 54 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-80J7H2TEY9&gacid=860130920.1731857419&gtm=45je4bc0v899757421za200zb9168606975&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=107511114
Frame ID: 460B1D86907D79E28AEEDF44D2B5ED76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Emergency Fire Blanket

Page URL History Show full URLs

  1. https://ctrk.klclick.com/l/01JCWJ01P66WP5K2459TXN95C6_2 HTTP 302
    https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

56
Requests

95 %
HTTPS

39 %
IPv6

20
Domains

28
Subdomains

27
IPs

2
Countries

2040 kB
Transfer

3308 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ctrk.klclick.com/l/01JCWJ01P66WP5K2459TXN95C6_2 HTTP 302
    https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&RedC=c.clarity.ms&MXFR=2AB7723070706118245A670A74706F20 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&MUID=1FAF391624EE6A911F042C2C25506B75
Request Chain 34
  • https://action.dstillery.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 35
  • https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550 HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550&_bee_ppp=1

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request efb
order.preparedhero.com/
Redirect Chain
  • https://ctrk.klclick.com/l/01JCWJ01P66WP5K2459TXN95C6_2
  • https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjok...
104 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ee0cea2cc6772e3006c995462ce5cfbe91dc0e38b16c259ff6292b1661b9a94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
242035
content-encoding
gzip
content-length
18021
content-type
text/html; charset=UTF-8
date
Sun, 17 Nov 2024 15:30:14 GMT
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin <https://images.funnelish.com>; rel=preconnect; crossorigin <https://img.youtube.com>; rel=preconnect; crossorigin
vary
X-Index, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
x-cache-hits
0, 0
x-country
us
x-index
1
x-page
F_6074_30059_105363_2236042
x-served-by
cache-mia-kmia1760049-MIA, cache-mia-kmia1760087-MIA
x-timer
S1731857414.363839,VS0,VE1

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8e40c2c4a8847466-MIA
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 15:30:13 GMT
location
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
core.min.js
order.preparedhero.com/ 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/core.min.js
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6b56c5b5a94c34b53b5a8334701acf419dd227f80ec03a0f955d10bc925456d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857414.431930,VS0,VE3
age
74
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
25997
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 03 Jul 2024 03:31:14 GMT
x-served-by
cache-mia-kmia1760087-MIA
x-cache-hits
1
vary
Accept-Encoding
core.min.css
order.preparedhero.com/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/core.min.css
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a0a05c21853e95f250a516ecdd8b2e15cf8168e39a292ca4b402701c099a708b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857414.431930,VS0,VE1
age
66
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT
content-length
9837
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 30 Oct 2024 22:03:16 GMT
x-served-by
cache-mia-kmia1760038-MIA, cache-mia-kmia1760087-MIA
x-cache-hits
0, 1
vary
Accept-Encoding
h0v0s3lkif
www.clarity.ms/tag/ 		707 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/h0v0s3lkif
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d77fc7aeddab01e5343c80d17c1402fa43b56ab75bff071fa7f101726c99e554

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
707
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
application/x-javascript
x-azure-ref
20241117T153014Z-17958fbc6d4mwpflhC1MIA38880000000dw0000000006dyv
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer

Response headers

Content-Type
image/gif
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

age
126179
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 04:27:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 04:27:15 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

age
128558
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:47:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:47:36 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
3d26e9ce147945d68ec79a5fde9f4c0d.SD-480p-0.9Mbps-13889866.mp4
cdn.shopify.com/videos/c/vp/3d26e9ce147945d68ec79a5fde9f4c0d/ 		413 KB
414 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/videos/c/vp/3d26e9ce147945d68ec79a5fde9f4c0d/3d26e9ce147945d68ec79a5fde9f4c0d.SD-480p-0.9Mbps-13889866.mp4
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74e0aa43718bed0695c84280b8b59ff2a7cab82d4e11f4e9802c1d8182d71c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.preparedhero.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-request-id
4331f723-82c7-4cc8-8707-3a40b423f3f7-1729550283
access-control-expose-headers
Content-Type, Range, Access-Control-Allow-Origin
cf-cache-status
HIT
age
907285
x-dc
gcp-us-central1,gcp-us-east1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJwe2xlIZ8k9i25YwG%2F8qfwScBXYce2uqp8lMlntfnMR2ABe6Apq%2Bmy1J%2FfjPB0NrH7RzmOjHCQez%2Bz6eVo%2FU7AN2%2FpEibnPPXfT32rBmF23z6%2Bs15FHvIdQXemTkP201e6nrcHjeE7cxLxpww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
imagery;dur=178.891, imageryFetch;dur=178.558, cfRequestDuration;dur=17.999887, ipv6
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
video/mp4
last-modified
Mon, 21 Oct 2024 22:38:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
link
<https://cdn.shopify.com/videos/c/vp/3d26e9ce147945d68ec79a5fde9f4c0d/3d26e9ce147945d68ec79a5fde9f4c0d.SD-480p-0.9Mbps-13889866.mp4>; rel="canonical"
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-422482/422483
cf-ray
8e40c2c96df9746e-MIA
access-control-allow-origin
*
Content-Length
422483
x-xss-protection
1; mode=block
server
cloudflare
b1f5356f9a9d438bbdff413707f763d0.SD-480p-0.9Mbps-13889867.mp4
cdn.shopify.com/videos/c/vp/b1f5356f9a9d438bbdff413707f763d0/ 		480 KB
481 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/videos/c/vp/b1f5356f9a9d438bbdff413707f763d0/b1f5356f9a9d438bbdff413707f763d0.SD-480p-0.9Mbps-13889867.mp4
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e04a9f7837e0a2fab2469ab5c6346ee4f8decab17cc6503d5f40253eeadc7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.preparedhero.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-request-id
2dd00def-6ca8-471b-b861-0612911be057-1731134904
access-control-expose-headers
Content-Type, Range, Access-Control-Allow-Origin
cf-cache-status
HIT
age
191098
x-dc
gcp-us-central1,gcp-us-central1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MjmQQ6YWe%2BwEd93IFnMUN8brit5TWFtHeqcp3qjVOUn5c0m9%2FrTX3W0rf5f78RxE1nNi%2BM3z62NkupDznfdCjWOkmgUUBr5ox07DpA0w9O6Nwue7d3fHzVToGT5YhprvapYgq1yRIJ0JrgmKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
imagery;dur=101.934, imageryFetch;dur=101.495, cfRequestDuration;dur=23.999929, ipv6
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
video/mp4
last-modified
Sat, 09 Nov 2024 06:48:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
link
<https://cdn.shopify.com/videos/c/vp/b1f5356f9a9d438bbdff413707f763d0/b1f5356f9a9d438bbdff413707f763d0.SD-480p-0.9Mbps-13889867.mp4>; rel="canonical"
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-491537/491538
cf-ray
8e40c2c96dfd746e-MIA
access-control-allow-origin
*
Content-Length
491538
x-xss-protection
1; mode=block
server
cloudflare
4c9fefad5fa247f6aa52d44b42282f20.SD-480p-0.9Mbps-13889868.mp4
cdn.shopify.com/videos/c/vp/4c9fefad5fa247f6aa52d44b42282f20/ 		412 KB
413 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/videos/c/vp/4c9fefad5fa247f6aa52d44b42282f20/4c9fefad5fa247f6aa52d44b42282f20.SD-480p-0.9Mbps-13889868.mp4
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ea762b6749390bf96f15b6427596f39b2971ba4cec498ad309e1e2b648b4d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://order.preparedhero.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-request-id
054be270-eeff-4a6d-ba48-32c912577a3c-1715624372
access-control-expose-headers
Content-Type, Range, Access-Control-Allow-Origin
cf-cache-status
HIT
age
134929
x-dc
gcp-us-central1,gcp-us-east1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yo6TqVBWR4%2FW2xZIZNOpabjgaLKi3K2L4bo05Zo%2FpajW0fEV1UUEA93Yfg717z%2FBg047TLQW5lGkhJhT5kY1ij4T%2Fjy7RnLyg1NAKCy7z%2FX65GGVShzP5bzmCsKBWeShMsOLudiVw0OFWIXhwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
imagery;dur=110.542, imageryFetch;dur=110.114, cfRequestDuration;dur=19.999981, ipv6
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
video/mp4
last-modified
Mon, 13 May 2024 18:19:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
link
<https://cdn.shopify.com/videos/c/vp/4c9fefad5fa247f6aa52d44b42282f20/4c9fefad5fa247f6aa52d44b42282f20.SD-480p-0.9Mbps-13889868.mp4>; rel="canonical"
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-422339/422340
cf-ray
8e40c2c96dff746e-MIA
access-control-allow-origin
*
Content-Length
422340
x-xss-protection
1; mode=block
server
cloudflare
ta_logo.png
preparedhero.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preparedhero.com/cdn/shop/files/ta_logo.png?v=5236809856010428613
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8f773972ac92888ab6872a1c9462ece46f08b66bfb6d1ea4daeb012ecd072328
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-request-id
fbab5112-2269-4a6c-b852-1fc3ecde75f4-1730781732
access-control-expose-headers
*
cf-cache-status
HIT
age
540800
x-dc
gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pic736DxeGmVs%2FfoKcwrm4QIeXHcrGj7IuiEBjErKzLAF76lvUOZ76y4ZKBD5QggQCHvZtIdMszjinVhpvVU5u8j8upiQIoxAwxNMMupUkyff4SdlC7tznvsQVIzibw6ULc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-sorting-hat-shopid
27528626224
server-timing
imagery;dur=254.336, imageryFetch;dur=77.037, imageryProcess;dur=176.234;desc="image", cfRequestDuration;dur=35.000086
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
source-type
image/png
content-type
image/avif
vary
Accept, Accept-Encoding
last-modified
Tue, 05 Nov 2024 04:42:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
source-length
15544
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8e40c2c9a8917459-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5597
x-xss-protection
1; mode=block
x-sorting-hat-podid
47
x-shopid
27528626224
server
cloudflare
1730403342-bf_banner_56_lg.png
img.funnelish.com/6074/30059/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.funnelish.com/6074/30059/1730403342-bf_banner_56_lg.png
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0ced30d4573615a6bb004877c0ffaebeb43df3ab99333bb73e6b222519659714

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
fastly-io-info
ifsz=18997 idim=1150x100 ifmt=png ofsz=8210 odim=1150x100 ofmt=webp
x-goog-hash
crc32c=6L0Vdg==, md5=Tz+2nXHY5swVQW/6lOmKYQ==
etag
"bdgviNTRApTYS2zqNGliuqA3abyeCNX0pYIqXabTyjA"
age
442090
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
18997
x-cache
HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/webp
x-served-by
cache-mia-kmia1760031-MIA
x-cache-hits
0
x-guploader-uploadid
AHmUCY2g9LqiDYwd2XRbVvmJFyBzdRBeFrRcjWUB74eEnioVW80oYI0BGg1oZ1C2DlV4g3mugXE
fastly-stats
io=1
vary
Accept
cache-control
max-age=31536000
x-goog-storage-class
STANDARD
x-timer
S1731857415.648756,VS0,VE1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730403342201177
content-length
8210
fastly-io-served-by
vpop-kiad7010214
server
UploadServer
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/h0v0s3lkif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

x-azure-ref
20241117T153014Z-17958fbc6d4mwpflhC1MIA38880000000dw0000000006dz3
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
6d9c5319-001e-0079-5d71-36d2ff000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 19:41:29 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&RedC=c.clarity.ms&MXFR=2AB7723070706118245A670A74706F20
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&MUID=1FAF391624EE6A911F042C2C25506B75
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&MUID=1FAF391624EE6A911F042C2C25506B75
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B29988C195A4CD3BE251096174B8EB1&MUID=1FAF391624EE6A911F042C2C25506B75
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 23E6A3F66AEF4F7A8A287BFF5DA18610 Ref B: MIAEDGE2021 Ref C: 2024-11-17T15:30:15Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Sun, 17 Nov 2024 15:30:14 GMT
x-powered-by
ASP.NET
1660668305-favicon.png
img.funnelish.com/6074/30059/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.funnelish.com/6074/30059/1660668305-favicon.png?auto=webp&fit=bounds&width=40&height=40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
fastly-io-info
ifsz=11877 idim=192x210 ifmt=png ofsz=1840 odim=37x40 ofmt=webp
x-goog-hash
crc32c=ll4OBA==, md5=HXsHPcwuP0BRU3jVzk/KOA==
cf-cache-status
REVALIDATED
etag
"9JCQX/wigJqzWPPkV7WLrIdnWgR2EFjhaOT6qI8xDh0"
age
2794114
x-goog-stored-content-encoding
identity
expires
Thu, 25 Apr 2024 03:31:07 GMT
x-goog-stored-content-length
11877
x-cache
HIT, HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/webp
x-served-by
cache-lhr7380-LHR, cache-mia-kmia1760023-MIA
x-cache-hits
54, 9
x-guploader-uploadid
ABPtcPpmJhi92euXmtGVqtr0eaFfDr3JO-dipj9D3wPteb58iJg3uAl7KcoCj5UprJlyrvAVKS862iZhyg
fastly-stats
io=1
vary
Accept
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
x-timer
S1731857415.918757,VS0,VE0
via
1.1 varnish, 1.1 varnish
cf-ray
879aea3ccd2d4197-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1660668305685401
content-length
1840
fastly-io-served-by
img01-europe-west2
server
cloudflare
1709554763-efb-sp-1.webp
img.funnelish.com/6074/30059/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.funnelish.com/6074/30059/1709554763-efb-sp-1.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d75bafecc4cbb89ee6d50a758c83cceea1f6d449a43a0cffe6462b0782b0a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
fastly-io-info
ifsz=53504 idim=650x650 ifmt=webp ofsz=53504 odim=650x650 ofmt=webp
x-goog-hash
crc32c=GCirpQ==, md5=1+9Y+uSxh3jhfqWjEM2lRg==
cf-cache-status
MISS
etag
"b/SoCgNetYbfxCC4E64LkkgreZ1n75c58+KvZ8LpcjU"
age
1757714
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
53504
x-cache
HIT, HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/webp
x-served-by
cache-lhr7340-LHR, cache-mia-kmia1760031-MIA
x-cache-hits
21, 78
x-guploader-uploadid
ABPtcPotEt_Eh29ZH_G94N456k54NahsAUG6L6KEvYOaqg2Maz-YyfNFE4OZLiSivyeC7eTFdIc
fastly-stats
io=1
vary
Accept
cache-control
max-age=31536000
fastly-io-warning
Failed to shrink image
x-goog-storage-class
STANDARD
x-timer
S1731857415.866952,VS0,VE0
via
1.1 varnish, 1.1 varnish
cf-ray
881ad6835c456559-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1709554763951819
content-length
53504
fastly-io-served-by
img07-europe-west2
server
cloudflare
check_circle_outline_24px_2.svg
cdn.shopify.com/s/files/1/0275/2862/6224/files/ 		578 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0275/2862/6224/files/check_circle_outline_24px_2.svg?v=1663768580
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
78eab1ad75a4849f1dc21585d4f47e6768ccd35d5f69f41d17c7d2a619fffade
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-request-id
353ab73d-33a1-43d7-a3be-b48bff311cc1-1730849981
access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
age
193579
x-dc
gcp-us-central1,gcp-us-east1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42op1IQug9axuyNxfAToUUMtg2QbjDm2h47g4WtZ880cWif6elhBxd8bpa78xtalU4B5zW1a36HRBr3SflTEIu8LtHQhbTsWNNtsDcOotGkvHrdNbFu4jkuplFoW3rnKpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
imagery;dur=77.509, imageryFetch;dur=73.682, imageryProcess;dur=0.131;desc="image", cfRequestDuration;dur=19.000053, cfExtPri
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
source-type
image/svg+xml
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 23:39:42 GMT
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
link
<https://cdn.shopify.com/s/files/1/0275/2862/6224/files/check_circle_outline_24px_2.svg>; rel="canonical"
source-length
578
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40c2cb292bda43-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
271
x-xss-protection
1; mode=block
x-shopid
27528626224
server
cloudflare
1685977165-Jonna%20summers.png
img.funnelish.com/6074/82576/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.funnelish.com/6074/82576/1685977165-Jonna%20summers.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4fd276caaefd1402162439a6a881e33b49ecc911eca0480fd9028a53229ef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
fastly-io-info
ifsz=5766 idim=40x40 ifmt=png ofsz=2652 odim=40x40 ofmt=webp
x-goog-hash
crc32c=q0HwTg==, md5=xJ3GYn0Zuqw2rZ0pjFqtlg==
cf-cache-status
MISS
etag
"s7DNBzO5maW/oPMg7rsp7V+S1Gppem6P/3bJeENfL7I"
age
4007466
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
5766
x-cache
MISS, HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/webp
x-served-by
cache-lhr7346-LHR, cache-mia-kmia1760031-MIA
x-cache-hits
0, 30
x-guploader-uploadid
ABPtcPrCrc-gMb11r16J_M_JETIj--fn8hAZbWukNsI1719l2VouFRXf15aR9gBA6Dh_TTVZSHo
fastly-stats
io=1
vary
Accept
cache-control
max-age=31536000
x-goog-storage-class
STANDARD
x-timer
S1731857415.867164,VS0,VE0
via
1.1 varnish, 1.1 varnish
cf-ray
87df4f6058556377-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1685977165794088
content-length
2652
fastly-io-served-by
img04-europe-west2
server
cloudflare
facebook-like-1.svg
cdn.shopify.com/s/files/1/0275/2862/6224/files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0275/2862/6224/files/facebook-like-1.svg?v=1663755703
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
c20509fb5ceacf62f39a5bbc8a6a755f9acc97f993bbe7a34ed7bc06c84259be
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-request-id
018464e1-89a7-4332-a365-a9200a0bd630-1730859178
access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
age
962724
x-dc
gcp-us-central1,gcp-us-central1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxxkVAq0xH1JZZ5WTjWdUyJdWZ5zqn062y5XmB1P84Cib6uiBoMWe8uUHYyWqDTXqcBvaMZCBcgoXDRWd7K9JFSmHyiT7IcEht%2B9hgfI9nzIZqS3WnD2LXKvZUDTdxdRAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
imagery;dur=98.091, imageryFetch;dur=94.992, imageryProcess;dur=0.069;desc="image", cfRequestDuration;dur=19.000053, cfExtPri
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:14 GMT
source-type
image/svg+xml
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 02:12:59 GMT
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
link
<https://cdn.shopify.com/s/files/1/0275/2862/6224/files/facebook-like-1.svg>; rel="canonical"
source-length
1887
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control
public, max-age=31557600
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8e40c2cb292cda43-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
804
x-xss-protection
1; mode=block
x-shopid
27528626224
server
cloudflare
1684837238-love.svg
img.funnelish.com/6074/82576/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.funnelish.com/6074/82576/1684837238-love.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
452c1e9f751d7d8d78a9b3e91ed0332e489d71846f70b60e6e6c3a5fb47d152e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=oX52gw==, md5=E0D2y+Z9nGRwey7sYByR8w==
etag
"1340f6cbe67d9c64707b2eec601c91f3"
age
464459
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1113
x-cache
HIT
date
Sun, 17 Nov 2024 15:30:14 GMT
content-type
image/svg+xml
last-modified
Tue, 23 May 2023 10:20:38 GMT
x-served-by
cache-mia-kmia1760031-MIA
x-cache-hits
30
x-guploader-uploadid
AHmUCY1m2imuoQt2ykuf48NtoEwQAX775YuUQXmzVL6sZUIfXd4Hg3_N4SjwwrzXxqOB7dB36nE5IQNAtA
fastly-stats
io=1
vary
Accept
cache-control
max-age=31536000
x-goog-storage-class
STANDARD
x-timer
S1731857415.867146,VS0,VE0
via
1.1 varnish
fastly-io-error
not a supported image format
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1684837238119938
content-length
1113
fastly-io-served-by
vpop-kiad7010230
server
UploadServer
collect
x.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://order.preparedhero.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://order.preparedhero.com
Date
Sun, 17 Nov 2024 15:30:15 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
gtm.js
www.googletagmanager.com/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSMSHB6Q
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
438a89efaba46e82c223631d629ff92750ce789b2fd5fcdcdca3d88287a2d57a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 17 Nov 2024 15:30:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 15:30:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 17 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73446
x-xss-protection
0
server
Google Tag Manager
1709552710-efb-ch-slider2.jpg
img.funnelish.com/6074/30059/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.funnelish.com/6074/30059/1709552710-efb-ch-slider2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6d7254a075ffb6c9e3877d123a7ff61a588968cb98b0de5df2b3cf2f73a0db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://order.preparedhero.com
Referer
https://order.preparedhero.com/

Response headers

x-goog-metageneration
1
fastly-io-info
ifsz=43748 idim=600x600 ifmt=jpeg ofsz=43748 odim=600x600 ofmt=jpeg
x-goog-hash
crc32c=uY/Qug==, md5=qcO7jQoOYIwG5T5X6yD6kA==
cf-bgj
h2pri
cf-cache-status
REVALIDATED
etag
"UuQJiyBSxELVB4WNXiC4M2WY0ju81CQAHBC843diUSc"
age
1673342
x-goog-stored-content-encoding
identity
expires
Wed, 24 Apr 2024 03:10:08 GMT
x-goog-stored-content-length
43748
x-cache
HIT, HIT
date
Sun, 17 Nov 2024 15:30:15 GMT
content-type
image/jpeg
x-served-by
cache-lhr7386-LHR, cache-mia-kmia1760031-MIA
x-cache-hits
63, 88
x-guploader-uploadid
ABPtcPowPJrV-hPDtbkQEGPpWXXSaJ2a9YrIhnB9GtqrB58r3PR2AEiUqRXJUwJZvGUZZb02gEY
fastly-stats
io=1
vary
Accept
cache-control
public, max-age=3600
fastly-io-warning
Failed to shrink image
x-goog-storage-class
STANDARD
x-timer
S1731857416.863588,VS0,VE1
via
1.1 varnish, 1.1 varnish
cf-ray
87928e257cf0769e-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1709552710739817
content-length
43748
fastly-io-served-by
img09-europe-west2
server
cloudflare
mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
static.mobilemonkey.com/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSMSHB6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-13.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e34091aa1cc8f834da84bb318c2ac004d24fcee154afa18361a25fcef309b43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
max-age=60
etag
"acc697a4f447b6967e51e06cc96085c4"
age
47
via
1.1 1654fbe9176188c45d0b894b1eaf5aa0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
17247
x-amz-cf-id
36hFYtRdWIwZ75wjMtkwiuiwf9yvJpihZ91SJqG_GmCVlf8iLy11Ig==
date
Sun, 17 Nov 2024 15:29:30 GMT
content-type
text/javascript
last-modified
Wed, 06 Nov 2024 21:31:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:5e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a786e6a7dd7ac9021b5047bc99492bc0f699e215edd2e8d68a7346f12e783879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

vary
Origin
x-amz-version-id
qVW7Dbw84_uwfDIkFDiAJt3Y2cINLSKf
etag
"74679bad40f25f2fbb57f46c55812c0c"
age
28052
via
1.1 9072caf3ec2d91f3dd159b88ae86e822.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
6952
x-amz-cf-id
YOz1qLvgbuSt7LyZOIpy9qMG6d0pOpEqnTDOJSUa0tGB4vdIU3EB5w==
date
Sun, 17 Nov 2024 07:42:45 GMT
content-type
application/javascript
last-modified
Mon, 08 Jul 2024 18:51:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
collect
x.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://order.preparedhero.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://order.preparedhero.com
Date
Sun, 17 Nov 2024 15:30:15 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
pixie.js
acdn.adnxs.com/dmp/up/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.25 Edison, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-200-0-25.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

Cache-Control
max-age=86402
Content-Encoding
gzip
ETag
W/"670fef03-6401"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 15:30:18 GMT
Access-Control-Allow-Origin
*
Content-Length
8745
Date
Sun, 17 Nov 2024 15:30:16 GMT
Content-Type
application/javascript
Last-Modified
Wed, 16 Oct 2024 16:51:15 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-additional-latest.js
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-additional-latest.js
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:5e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8f76376313b39772035e7c37d4d5c6fa98ed7b297a450e246faa5d11a750dfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

vary
Origin
x-amz-version-id
qqyJAQ6PTIv7V1Rx2596etG8G2XDsl0u
etag
"2e1b2b7d512fa7b0dd3b0bbf82052560"
age
15377
via
1.1 9072caf3ec2d91f3dd159b88ae86e822.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
11231
x-amz-cf-id
t8MX7mxKuHL_FF5xlLHnekzcJAgl7khCrxys6sXE2JiicPrdC9Kijw==
date
Sun, 17 Nov 2024 11:14:00 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 21:26:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
tracker-latest.min.js
d2hrivdxn8ekm8.cloudfront.net/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/a6b0f3cb-ee1f-4e67-aa91-33eedc2de05c-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:5e00:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

vary
Origin
x-amz-version-id
SWCsuWptg0Q6QtRxILAYrOPGDJcNgeJR
etag
"4b728eb7a2b33631d4f7c20a31fddfde"
age
28228
via
1.1 9072caf3ec2d91f3dd159b88ae86e822.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9800
x-amz-cf-id
wPLHlX-AfHnBBXp0ChPcPX1n6z4OJQbf0dB6ywZyikAvkxUYlY0K9g==
date
Sun, 17 Nov 2024 07:39:49 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 17 Jun 2024 21:35:55 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
sax
a.aisiteanalytics.com/x/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.aisiteanalytics.com/x/sax
Requested by
Host: static.mobilemonkey.com
URL: https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2024 15:30:16 GMT
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By
Express
Access-Control-Allow-Methods
POST
590432@eb8cdac4cd2645517446$9eee983f3b15b1a0
a.aisiteanalytics.com/x/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.aisiteanalytics.com/x/590432@eb8cdac4cd2645517446$9eee983f3b15b1a0
Requested by
Host: static.mobilemonkey.com
URL: https://static.mobilemonkey.com/js/mm_c006d3d2-4d89-4128-8d1f-1cfc78cc5a4e-42193472.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

Date
Sun, 17 Nov 2024 15:30:16 GMT
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By
Express
sax
a.aisiteanalytics.com/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.aisiteanalytics.com/x/sax
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.18 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://order.preparedhero.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Date
Sun, 17 Nov 2024 15:30:16 GMT
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
X-Powered-By
Express
5a28e627
ttip-ipv4-prod.telemetry.vaultdcr.com/ 		43 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttip-ipv4-prod.telemetry.vaultdcr.com/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YTZiMGYzY2ItZWUxZi00ZTY3LWFhOTEtMzNlZWRjMmRlMDVjJnNlc3Npb25JZD0xMjA3Nzc4Ni0zYmI4LTI2ZmMtOGMzNC05ZDAwNWU2N2I5ZGU%3D&date=1731857416204
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-57.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

access-control-max-age
3000
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
wFCHuj05HIcfK5T0gdP_Or3BE4vZA6lnG1S1mDv6hIM2T6De510LOw==
date
Sun, 17 Nov 2024 15:30:17 GMT
content-type
image/gif
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 d2b8f634cf8ac5ec77dee366297223bc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P3
server
AmazonS3
5a28e627
ttip-ipv6-prod.telemetry.vaultdcr.com/ 		43 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttip-ipv6-prod.telemetry.vaultdcr.com/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE3JnRva2VuPWE2YjBmM2NiLWVlMWYtNGU2Ny1hYTkxLTMzZWVkYzJkZTA1YyZzZXNzaW9uSWQ9MTIwNzc3ODYtM2JiOC0yNmZjLThjMzQtOWQwMDVlNjdiOWRl&date=1731857416204
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ee00:0:f171:6100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

access-control-max-age
3000
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
4GeiJ9Tn5USbA6TBmJeuc0Vqc9XU39rp6Dk6bjPgn0siA0dY9HkZOQ==
date
Sun, 17 Nov 2024 15:30:17 GMT
content-type
image/gif
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
x-amz-cf-pop
EWR53-C2
server
AmazonS3
5a28e627
tte-prod.telemetry.vaultdcr.com/ 		43 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tte-prod.telemetry.vaultdcr.com/5a28e627?data=dmVyc2lvbj0xLjIuMTcmdG9rZW49YTZiMGYzY2ItZWUxZi00ZTY3LWFhOTEtMzNlZWRjMmRlMDVjJnNlc3Npb25JZD0xMjA3Nzc4Ni0zYmI4LTI2ZmMtOGMzNC05ZDAwNWU2N2I5ZGUmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPUxpbnV4JiUyNGN1cnJlbnRVcmw9aHR0cHMlM0ElMkYlMkZvcmRlci5wcmVwYXJlZGhlcm8uY29tJTJGZWZiJTNGdXRtX3NvdXJjZSUzREtsYXZpeW8lMjZ1dG1fbWVkaXVtJTNEZW1haWwlMjZ1dG1fY2FtcGFpZ24lM0RNUCUyNTIwJTI1N0MlMjUyMEFiYW5kb25lZCUyNTIwQ2hlY2tvdXQlMjUyMC0lMjUyMFNob3BpZnklMjUyMEVtYWlsJTI1MjAzJTI1MjAlMjUzRSUyNTIwMjAlMjUyNSUyNl9reCUzRElrQVoxbXI2bjJYNXhTNTlpb0hCQWdIdzhfU0ZtT0Ywellqb2tlRnVpZEplZVZaRF9QZUNhWV91SkZCb0xZU24uTmNpcG44&date=1731857416209
Requested by
Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-119.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

access-control-max-age
3000
etag
"fb02f374b8f73825415db1bccd4bd76d"
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
YE3lNpU8FiiSS_sP2KFKIWK8CevzMlniXSUVyF8b_oETlRZFITq_dg==
date
Sun, 17 Nov 2024 15:30:17 GMT
content-type
image/gif
last-modified
Wed, 08 Mar 2017 06:19:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 d9a3a15f3ae58ded645b708c4a5253c0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P5
server
AmazonS3
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
5 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Protocol
H2
Server
2606:4700:4400::ac40:92d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
no-cache
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
cf-ray
8e40c2d51dbcdad5-MIA
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
date
Sun, 17 Nov 2024 15:30:16 GMT
content-type
text/html;charset=ISO-8859-1
content-language
en-US
server
cloudflare

Redirect headers

cf-ray
8e40c2d3ec59dad5-MIA
access-control-allow-origin
*
location
https://action.media6degrees.com/orbserv/nsjs?adv=cl170967130279620&ns=8482&nc=PreparedHero_SV&ncv=62&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
cf-cache-status
DYNAMIC
date
Sun, 17 Nov 2024 15:30:16 GMT
content-type
text/html; charset=iso-8859-1
server
cloudflare
associate-segment
segment.prod.bidr.io/
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550
  • https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550&_bee_ppp=1
Protocol
HTTP/1.1
Server
18.235.175.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-175-73.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Sun, 17 Nov 2024 15:30:16 GMT
content-type
image/gif
Server
gunicorn

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-4608&value=&uncacheplz=490705550&_bee_ppp=1
Content-Length
0
Date
Sun, 17 Nov 2024 15:30:16 GMT
Server
gunicorn
Connection
keep-alive
up
ib.adnxs.com/pixie/ 		9 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/pixie/up?pi=2bd3124e-0ed2-40b0-8dd4-c94aa1194ce4
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

access-control-max-age
0
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
x-proxy-origin
38.132.118.74; 38.132.118.74; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
access-control-allow-origin
https://order.preparedhero.com
content-length
9
date
Sun, 17 Nov 2024 15:30:16 GMT
content-type
application/xml
server
nginx/1.23.4
access-control-allow-headers
Content-Type
pixie
ib.adnxs.com/ 		42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=2bd3124e-0ed2-40b0-8dd4-c94aa1194ce4&it=1731857416358&v=0.0.43&u=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&st=1731857416358&et=1731857416590&if=0&uetmsmid=7ad6819c-aae3-4424-ad4f-7faf96f9bc9d&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
42
date
Sun, 17 Nov 2024 15:30:16 GMT
content-type
image/gif
server
nginx/1.23.4
x-proxy-origin
38.132.118.74; 38.132.118.74; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
collect
x.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://order.preparedhero.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://order.preparedhero.com
Date
Sun, 17 Nov 2024 15:30:18 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
view
analytics.app.funnelish.com/ 		69 B
179 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.app.funnelish.com/view
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.146.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.146.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bcd4f573f8bbfd0871f7a4380c317d33e65f44e4fba72154f27decaf3338ec70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://order.preparedhero.com/

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69
date
Sun, 17 Nov 2024 15:30:18 GMT
content-type
application/json; charset=UTF-8
vary
Origin
server
Google Frontend
x-cloud-trace-context
a7d825510dbe4c3ebc48d0d7ce75c448
view
analytics.app.funnelish.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.app.funnelish.com/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.146.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.146.111.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://order.preparedhero.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Sun, 17 Nov 2024 15:30:18 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
dcc4e3769aec35b9b72f27902e7e5109
11
order.preparedhero.com/apps/30059/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/apps/30059/11
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fca0a56f8ff494309a67f45e8c3504fb4eae73962e51b69723633e410516b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857419.856580,VS0,VE1
age
78
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT
content-length
4279
date
Sun, 17 Nov 2024 15:30:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sun, 19 May 2024 01:07:04 GMT
x-served-by
cache-mia-kmia1760062-MIA, cache-mia-kmia1760087-MIA
x-cache-hits
0, 1
vary
Accept-Encoding
14
order.preparedhero.com/apps/30059/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/apps/30059/14
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02807cf16028734d1f33a48fb99c843db09dc9c028c416c33dfbc6409c3b61c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857419.856774,VS0,VE0
age
2081888
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT
content-length
3853
date
Sun, 17 Nov 2024 15:30:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 24 Sep 2021 06:58:50 GMT
x-served-by
cache-mia-kmia1760086-MIA, cache-mia-kmia1760087-MIA
x-cache-hits
0, 26
vary
Accept-Encoding
15
order.preparedhero.com/apps/30059/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/apps/30059/15
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a44d099c0489eed1928185bf812108897e5c1c6ba7b85f85e9b758b6c4c92792

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857419.856758,VS0,VE0
age
2081888
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT
content-length
3417
date
Sun, 17 Nov 2024 15:30:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 29 Oct 2022 08:08:15 GMT
x-served-by
cache-mia-kmia1760044-MIA, cache-mia-kmia1760087-MIA
x-cache-hits
0, 26
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-br8pgRHn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-br8pgRHn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=23, mss=1232, tbw=4556, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
dVITulDFGET/imv68bx1onX22ctW0/EDpaEKzW9C7b5Ibx7IghiQOrU1BJuls19N94wNcqYiHG/v+c4yCuryqw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		424 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/apps/30059/14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04779fa426ff4c83b9c66c50eaabbb7e16a6c527978c7c4b81b8766a49e81b1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 15:30:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137603
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		424 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9&l=dataLayer&cx=c&gtm=45He4bc0v9168606975za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSMSHB6Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4853a48e75a373b21fcbdf40658b1db9d53a16083dd2ce3ad208b67cd2e3fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 15:30:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137660
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-80J7H2TEY9&gtm=45je4bc0v899757421za200zb9168606975&_p=1731857415539&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=860130920.1731857419&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1731857419&sct=1&seg=0&dl=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&dt=Emergency%20Fire%20Blanket&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5720
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://order.preparedhero.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-80J7H2TEY9&cid=860130920.1731857419&gtm=45je4bc0v899757421za200zb9168606975&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://order.preparedhero.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 460B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-80J7H2TEY9&gacid=860130920.1731857419&gtm=45je4bc0v899757421za200zb9168606975&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=107511114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-80J7H2TEY9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://order.preparedhero.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 15:30:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
628641504337024
connect.facebook.net/signals/config/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/628641504337024?v=2.9.177&r=stable&domain=order.preparedhero.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ef477fb02471c8e65947b2ab057fba33e9902640dfec639134a20de9b4dc401
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-lfcDEFg1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-lfcDEFg1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=77, mss=1232, tbw=70412, tp=67, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Y5DE3Rd8vuadqiWtOID/OhgfMJFfNxlRbCGga5qa/QpOCTZz7+TxGefo3wMl6qHXB1BUmVdvjJnPWAP9fz8V8Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14317
x-xss-protection
0
origin-agent-cluster
?1
8
order.preparedhero.com/apps/30059/ 		98 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.preparedhero.com/apps/30059/8
Requested by
Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe109a5afecf3c10f0c69445daccd5da85bf0688c353be9645b04ba38dfc4c0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/efb?utm_source=Klaviyo&utm_medium=email&utm_campaign=MP%20%7C%20Abandoned%20Checkout%20-%20Shopify%20Email%203%20%3E%2020%25&_kx=IkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8

Response headers

cache-control
no-store
content-encoding
gzip
x-timer
S1731857420.555152,VS0,VE1
age
78
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache
MISS, HIT
content-length
23779
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 22:15:41 GMT
x-served-by
cache-mia-kmia1760037-MIA, cache-mia-kmia1760087-MIA
x-cache-hits
0, 1
vary
Accept-Encoding
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=628641504337024&ev=PageView&dl=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&rl=&if=false&ts=1731857419585&cd[currency]=USD&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731857419582.704550255818146405&ler=empty&cdl=API_unavailable&it=1731857419492&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4846, tp=13, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=628641504337024&ev=PageView&dl=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&rl=&if=false&ts=1731857419585&cd[currency]=USD&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731857419582.704550255818146405&ler=empty&cdl=API_unavailable&it=1731857419492&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438270976262129513"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
pwelG9sjfHf8vpVff0Rc9bxhJrzuxb21FT4ivCEdb2GCWhCTC7uX2AsLIQWmLerzS4gupNNo7sBrD1GVj+RGhA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438270976262129513", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=65, rtx=0, c=24, mss=1232, tbw=8478, tp=18, tpl=0, uplat=76, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=628641504337024&ev=ViewContent&dl=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&rl=&if=false&ts=1731857419589&cd[currency]=USD&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731857419582.704550255818146405&ler=empty&cdl=API_unavailable&it=1731857419492&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4574, tp=12, tpl=0, uplat=2, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=628641504337024&ev=ViewContent&dl=https%3A%2F%2Forder.preparedhero.com%2Fefb%3Futm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DMP%2520%257C%2520Abandoned%2520Checkout%2520-%2520Shopify%2520Email%25203%2520%253E%252020%2525%26_kx%3DIkAZ1mr6n2X5xS59ioHBAgHw8_SFmOF0zYjokeFuidJeeVZD_PeCaY_uJFBoLYSn.Ncipn8&rl=&if=false&ts=1731857419589&cd[currency]=USD&sw=1600&sh=1200&v=2.9.177&r=stable&ec=1&o=4126&fbp=fb.1.1731857419582.704550255818146405&ler=empty&cdl=API_unavailable&it=1731857419492&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://order.preparedhero.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438270977027508802"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf9fe2198661e8781","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["2258676024243257"]},"debug_reporting":true,"debug_key":"3183416867228549227"}
date
Sun, 17 Nov 2024 15:30:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
kmZ1lSkXsvgg4wq/LQOSU7jtEQLAs2ManFWv5GFFblHr3t3vX0bix0vIq+L80VG5BrnNirCGRKFLcBCIxkGr0A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438270977027508802", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=65, rtx=0, c=24, mss=1232, tbw=5038, tp=15, tpl=0, uplat=75, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| lazySizes function| clarity function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator function| ownKeys function| _objectSpread function| _defineProperty function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| currencies function| countries function| beforeAfterSlider function| stepTypes function| imagesSlider function| modalTrigger function| smoothScroll function| editorCore object| funnelish object| dataLayer object| google_tag_manager object| google_tag_data object| tatari function| TatariXandrManager function| pixie object| TatariXandr object| ttm object| xrayShopify string| mmGlobalJSTimestamp function| xrayInitialized

27 Cookies

Domain/Path Name / Value
.ctrk.klclick.com/ Name: __cf_bm
Value: 76f25V0qSUybH4Khd4_lWsMMlj23lbCGkBtFpXM72Po-1731857413-1.0.1.1-ok.nCAhJ1OgaZBF50MnIhqXkOgRqBcTLekFwVGsckdQkKwok1QsmmKbm95GJLckzFiad0fRG.RoSU8ShtK9pvQ
order.preparedhero.com/ Name: x-country_code
Value: US
order.preparedhero.com/ Name: x-geo-city
Value: new york
order.preparedhero.com/ Name: x-geo-latitude
Value: 40.800
order.preparedhero.com/ Name: x-geo-longitude
Value: -73.970
order.preparedhero.com/ Name: X-ResourcesToken
Value: 1731864614_0x205ffe18e3864e01c7d54256165c4f3001e8de04
order.preparedhero.com/ Name: X-Page
Value: F_6074_30059_105363_2236042
www.clarity.ms/ Name: CLID
Value: 41937483891d49c2a73d69bb1ac903d1.20241117.20251117
.preparedhero.com/ Name: _clck
Value: qh1b5t%7C2%7Cfqy%7C0%7C1782
.preparedhero.com/ Name: _clsk
Value: 1pcyqup%7C1731857415166%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1FAF391624EE6A911F042C2C25506B75
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1FAF391624EE6A911F042C2C25506B75
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1FAF391624EE6A911F042C2C25506B75
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
order.preparedhero.com/ Name: mmuid
Value: 9eee983f3b15b1a0
order.preparedhero.com/ Name: tatari-cookie-test
Value: 48716655
.preparedhero.com/ Name: t-ip
Value: 1
.preparedhero.com/ Name: tatari-session-cookie
Value: 12077786-3bb8-26fc-8c34-9d005e67b9de
.bidr.io/ Name: bito
Value: AAMtMU7OdBgAABUGz5sJHw
.bidr.io/ Name: bitoIsSecure
Value: ok
.media6degrees.com/ Name: clid
Value: 2sn3pqg01170fpcf3zebe6u3000000018y011b01b01
.media6degrees.com/ Name: sglst
Value: 451e008m01nuevcze
.media6degrees.com/ Name: acs
Value: 014020i0j0k1sn3pqgxzt10xzt10xzt10
order.preparedhero.com/ Name: session_id
Value: bf5730e4-3b5a-473a-bc69-21230bc63065

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.aisiteanalytics.com
acdn.adnxs.com
action.dstillery.com
action.media6degrees.com
analytics.app.funnelish.com
analytics.google.com
c.bing.com
c.clarity.ms
cdn.shopify.com
connect.facebook.net
ctrk.klclick.com
d2hrivdxn8ekm8.cloudfront.net
fonts.gstatic.com
ib.adnxs.com
img.funnelish.com
order.preparedhero.com
preparedhero.com
segment.prod.bidr.io
static.mobilemonkey.com
stats.g.doubleclick.net
td.doubleclick.net
tte-prod.telemetry.vaultdcr.com
ttip-ipv4-prod.telemetry.vaultdcr.com
ttip-ipv6-prod.telemetry.vaultdcr.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
x.clarity.ms
13.225.63.13
142.251.40.163
151.101.194.132
151.101.66.132
157.240.241.1
18.235.175.73
18.238.49.57
18.238.80.119
20.110.205.119
20.114.190.119
20.119.0.18
2001:4860:4802:38::181
23.200.0.25
23.227.38.65
23.227.60.200
2600:9000:21dd:ee00:0:f171:6100:93a1
2600:9000:26fa:5e00:17:3f5c:f800:21
2606:4700:4400::ac40:92d9
2606:4700::6811:5d01
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::2002
2620:127:f00f:ff01::
2620:1ec:bdf::40
2620:1ec:c11::237
31.13.80.36
34.111.146.89
68.67.160.75
02807cf16028734d1f33a48fb99c843db09dc9c028c416c33dfbc6409c3b61c6
04779fa426ff4c83b9c66c50eaabbb7e16a6c527978c7c4b81b8766a49e81b1f
0ced30d4573615a6bb004877c0ffaebeb43df3ab99333bb73e6b222519659714
1a6d7254a075ffb6c9e3877d123a7ff61a588968cb98b0de5df2b3cf2f73a0db
1ef477fb02471c8e65947b2ab057fba33e9902640dfec639134a20de9b4dc401
2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65
438a89efaba46e82c223631d629ff92750ce789b2fd5fcdcdca3d88287a2d57a
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
452c1e9f751d7d8d78a9b3e91ed0332e489d71846f70b60e6e6c3a5fb47d152e
5e34091aa1cc8f834da84bb318c2ac004d24fcee154afa18361a25fcef309b43
642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284
6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf
78eab1ad75a4849f1dc21585d4f47e6768ccd35d5f69f41d17c7d2a619fffade
79fca0a56f8ff494309a67f45e8c3504fb4eae73962e51b69723633e410516b8
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8ee0cea2cc6772e3006c995462ce5cfbe91dc0e38b16c259ff6292b1661b9a94
8f773972ac92888ab6872a1c9462ece46f08b66bfb6d1ea4daeb012ecd072328
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0a05c21853e95f250a516ecdd8b2e15cf8168e39a292ca4b402701c099a708b
a44d099c0489eed1928185bf812108897e5c1c6ba7b85f85e9b758b6c4c92792
a786e6a7dd7ac9021b5047bc99492bc0f699e215edd2e8d68a7346f12e783879
a8f76376313b39772035e7c37d4d5c6fa98ed7b297a450e246faa5d11a750dfc
aa4fd276caaefd1402162439a6a881e33b49ecc911eca0480fd9028a53229ef7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd4f573f8bbfd0871f7a4380c317d33e65f44e4fba72154f27decaf3338ec70
c20509fb5ceacf62f39a5bbc8a6a755f9acc97f993bbe7a34ed7bc06c84259be
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d4ea762b6749390bf96f15b6427596f39b2971ba4cec498ad309e1e2b648b4d6
d6e04a9f7837e0a2fab2469ab5c6346ee4f8decab17cc6503d5f40253eeadc7c
d74e0aa43718bed0695c84280b8b59ff2a7cab82d4e11f4e9802c1d8182d71c1
d77fc7aeddab01e5343c80d17c1402fa43b56ab75bff071fa7f101726c99e554
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4853a48e75a373b21fcbdf40658b1db9d53a16083dd2ce3ad208b67cd2e3fe2
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e6b56c5b5a94c34b53b5a8334701acf419dd227f80ec03a0f955d10bc925456d
e9d75bafecc4cbb89ee6d50a758c83cceea1f6d449a43a0cffe6462b0782b0a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe109a5afecf3c10f0c69445daccd5da85bf0688c353be9645b04ba38dfc4c0b