order.preparedhero.com Open in urlscan Pro
151.101.2.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick.com/ls/click?upn=u001.IfcCJLqxw9ginR4vxlSQpVJmJVKtgJfLlG3euQYy1c81HR6UpDfUsJtF7IgeadUEgEh5YPmrjo4xwV...
Effective URL:
https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_so...
Submission: On May 14 via manual (May 14th 2024, 1:44:57 pm UTC) from IN — Scanned from DE

Summary HTTP 35 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 35 HTTP transactions. The main IP is 151.101.2.132, located in San Francisco, United States and belongs to FASTLY, US. The main domain is order.preparedhero.com.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.

This is the only time order.preparedhero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:20a... 2600:9000:20ae:400:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
19	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	34.111.146.89 34.111.146.89	() ()
35	7

1 2600:9000:20ae:400:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

order.preparedhero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

img.funnelish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.146.89 (None, )

ASN- ()

analytics.app.funnelish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	funnelish.com img.funnelish.com — Cisco Umbrella Rank: 150606 analytics.app.funnelish.com Failed	389 KB
6	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 361	230 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	21 KB
4	preparedhero.com order.preparedhero.com	65 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 12912	471 B
35	5

	Domain	Requested by
19	img.funnelish.com	order.preparedhero.com
6	maps.googleapis.com	order.preparedhero.com maps.googleapis.com
4	order.preparedhero.com	order.preparedhero.com
2	maps.gstatic.com	order.preparedhero.com
2	fonts.gstatic.com	order.preparedhero.com
1	analytics.app.funnelish.com	order.preparedhero.com
1	trk.klclick.com	1 redirects
35	7

This site contains links to these domains. Also see Links.

Domain
preparedhero.com

Subject Issuer	Validity	Valid
order.preparedhero.com R3	`2024-04-28` - `2024-07-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
img.funnelish.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
analytics.app.funnelish.com GTS CA 1D4	`2024-04-15` - `2024-07-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Frame ID: 84616F8B7EC3022716DF6EBE542F14FA
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout | Prepared Hero

Page URL History Show full URLs

https://trk.klclick.com/ls/click?upn=u001.IfcCJLqxw9ginR4vxlSQpVJmJVKtgJfLlG3euQYy1c81HR6UpDfUsJtF7I... HTTP 302
https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Page Statistics

35
Requests

97 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

706 kB
Transfer

1556 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://preparedhero.com/policies/shipping-policy
Title: Shipping

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/refund-policy
Title: Refund

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://preparedhero.com/policies/terms-of-service
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick.com/ls/click?upn=u001.IfcCJLqxw9ginR4vxlSQpVJmJVKtgJfLlG3euQYy1c81HR6UpDfUsJtF7IgeadUEgEh5YPmrjo4xwVngguut-2F8GCWyJ0MJYHnutfKlAYZzvACN3LdZ9skmbEQBWcVaU3DCQI5iBEgTaJR4vUQM4k4ogrxkvr3-2BuUjpyeeZ0W0i0C2k-2FfNg8TkKvI4Fe9d0gCEP39h-2Bjb2QeKvvz1p8CyrYylkDgfnN9OenoPQk6GzAb5FL1rH51Dj2QggBVIVOihqYruim9XvHlTZ2y3LcqipAoNsPadc-2FuzQ177Uh7tJsqDesVfO9AH-2FM91ced5ivT9ZYU4oBS3rbWfMBZBu-2BlduucV2Zjx5Mzbu3wmT2OxaGjnQ2nN0pa4UGvhkiYMzJc-2BtnQ7jUd10tzfS4E8Sl8Ftg-3D-3DTIJc_E3jX7UdwUvWW16GmiaKN7MLr-2FwfHaeTBpZthNQJesBPWfFHSEPAaN5f6aPHrVUNlxiwsuYTSlr-2F0pci-2Fa1Ldu-2FwG5Hn5OFfhbO6-2FfmjwAG1vK-2Fgcyx6Us-2BaL5pgVtZUJZYJXVgH0romKbfPpQttngcl-2F5uNNsPv3ko2s0BjsPiFQDEDLGPP3Pl6IKCm-2Ft5ocXuXNu2poqpp9ZK14ZuSCdF15BdFzLn8na138mZfBLiIkXbEg8jnYcpEy4mBlPLnUpb5cXRR0vIy2ePbFjzvpP-2B4bq1G33z5mxcSQkLn63QslQXRmGsGE-2Bn9-2FYGY0ePOVaD9FKl3wWR03aqmtRBwuQ0nQBFsPDcVG81ncUX5sQywI7SUeb-2Bz7kWfVWkWopnC5r5p6xbsXd5Yr5qil30-2FfoHl2GSe6Ana-2Bcjufy2RcpGtPv6pq6Go3v-2B3yLshicBi3 HTTP 302
https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request efb-checkout-r Show response
order.preparedhero.com/
Redirect Chain

https://trk.klclick.com/ls/click?upn=u001.IfcCJLqxw9ginR4vxlSQpVJmJVKtgJfLlG3euQYy1c81HR6UpDfUsJtF7IgeadUEgEh5YPmrjo4xwVngguut-2F8GCWyJ0MJYHnutfKlAYZzvACN3LdZ9skmbEQBWcVaU3DCQI5iBEgTaJR4vUQM4k4ogrx...
https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E...

82 KB
17 KB

94ms
22ms

Document
text/html

151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17e22be5994bd5cc3ba12d26b3d34f5fbcca0dc6c0f4bbbda6c5cb57f4b081a6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 502215
content-encoding: gzip
content-length: 16768
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 13:44:53 GMT
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin <https://images.funnelish.com>; rel=preconnect; crossorigin <https://img.youtube.com>; rel=preconnect; crossorigin
vary: X-Country, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-country: pl
x-index: 7
x-page: F_6074_141789_538051_556525
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1715694293.459722,VS0,VE1

Redirect headers

content-length: 322
content-type: text/html; charset=utf-8
date: Tue, 14 May 2024 13:44:53 GMT
location: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
server: nginx
via: 1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-id: iyfQp3V_jYRGvq-zoMBkDkdll1YDiDSPczt1j9KGsTG8o9ZlAXMJag==
x-amz-cf-pop: MUC50-P5
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 core.min.js Show response
order.preparedhero.com/ 130 KB
37 KB 22ms
21ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/core.min.js
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a84f82948131e922740b533c680b87203351fe310a226d5b4819d98150dd1362

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220020-FRA
date: Tue, 14 May 2024 13:44:53 GMT
content-encoding: gzip
via: 1.1 varnish
last-modified: Mon, 29 Apr 2024 11:31:18 GMT
age: 537018
x-timer: S1715694293.486746,VS0,VE1
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: no-store
accept-ranges: bytes
content-length: 38203
x-cache-hits: 0

GET
H2 200 core.min.css
order.preparedhero.com/ 51 KB
11 KB 125ms
125ms Stylesheet
text/css 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/core.min.css
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e11835a47dd8191ddc11754c1bf0b58c56ebc6a82b4a05106e0c0c0b70b2970

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220020-FRA
date: Tue, 14 May 2024 13:44:53 GMT
content-encoding: gzip
via: 1.1 varnish
last-modified: Fri, 26 Apr 2024 04:23:20 GMT
age: 0
x-timer: S1715694293.486763,VS0,VE105
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: no-store
accept-ranges: bytes
content-length: 10717
x-cache-hits: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 245 KB
80 KB 127ms
55ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Requested by

Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

32204db69e23eacd7538eddcc6bc98a3b615583fd29d5e7b38373f0c0492901e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81884
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 apply Show response
order.preparedhero.com/discounts/ 89 B
227 B 130ms
130ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://order.preparedhero.com/discounts/apply
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e0f4fe5c92f5833c4724a04f3270df2d826d8d013537b1175f6eeb7948bf180

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-etou8220020-FRA
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish
x-timer: S1715694294.623390,VS0,VE106
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=UTF-8
cache-control: no-store
accept-ranges: bytes
content-length: 89
x-cache-hits: 0

GET
H2 200 1657091907-1x-efb.jpg
img.funnelish.com/6074/30059/ 5 KB
6 KB 79ms
28ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657091907-1x-efb.jpg?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62c450ab887bb2e6eec880209eb4e3919046f137b8a99a6439cda6b7aae54e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 23 Apr 2024 02:46:31 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img02-europe-west2
age: 572558
x-guploader-uploadid: ABPtcPpQpOwvFCbp2SG2uxDsxc9wPD0UU3MPp0e2P7HWaVc2qMVMNqxRaFN1TRMbXZhe1xtb0xU
x-cache: HIT, HIT
fastly-io-info: ifsz=76840 idim=1000x1000 ifmt=jpeg ofsz=5506 odim=220x220 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5506
x-served-by: cache-lhr7329-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.677798,VS0,VE2
etag: "FYpgdjy2YJn1lx1CcQWwaJPUJjv7WBz9yNezVBR7yVY"
vary: Accept
x-goog-generation: 1657091907258712
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=16g/Ng==, md5=1uExYO8IcR0wu1ALTNCQVw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 76840
accept-ranges: bytes
cf-ray: 878a2e29889879b6-LHR
x-cache-hits: 10, 0

GET
H2 200 1657091717-2x-efb.jpg
img.funnelish.com/6074/30059/ 9 KB
9 KB 72ms
21ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657091717-2x-efb.jpg?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7c90fc0c9e01f1222cf1c1d476cf0f13a19100cf61873be4096c00ac9efd9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 21 Apr 2024 14:13:05 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img08-europe-west2
age: 500147
x-guploader-uploadid: ABPtcPp0CxGm5ub2acMLrJltiwhJj4fjWAEaZhZmoD_iGnGYU0BOsz4dl0nieZ_Aff2SnMZ0Tq2ycOhukg
x-cache: HIT, HIT
fastly-io-info: ifsz=84917 idim=1000x1000 ifmt=jpeg ofsz=8976 odim=220x220 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 8976
x-served-by: cache-lhr7354-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.677670,VS0,VE1
etag: "GoJdwxA4IMvFjgztQ2do92PCmXURGVPaU7u7UDzik7c"
vary: Accept
x-goog-generation: 1657091717850060
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=+cqpmg==, md5=7VvIsiDl5yQakjNPDONdGg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 84917
accept-ranges: bytes
cf-ray: 877da1231b8b63b2-LHR
x-cache-hits: 10, 0

GET
H2 200 1657155120-EFB-AMZ-4pack.jpg
img.funnelish.com/6074/30059/ 9 KB
9 KB 72ms
21ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657155120-EFB-AMZ-4pack.jpg?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3d1441c5168b614e83bd1aa1cf37d2616b78f5ecda024db9dfc0f2f2fede90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 23:39:22 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img04-europe-west2
age: 1670060
x-guploader-uploadid: ABPtcPrlJbNC4M1GlzP8MGXZoEX13QBS9u0z7oaxmF-jHnTnWgMf4RbZwD0vMbzEXDzzN4OOtzM
x-cache: HIT, HIT
fastly-io-info: ifsz=1034797 idim=1237x1237 ifmt=jpeg ofsz=8926 odim=220x220 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 8926
x-served-by: cache-lhr7373-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.677541,VS0,VE1
etag: "rGklZh0I4tzjGp08y9yia7bI1TVvQyGy2JAiZVgPGNI"
vary: Accept
x-goog-generation: 1657155120460708
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ayCZuQ==, md5=4ZuboXJWh7FPpLt15u8I7g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1034797
accept-ranges: bytes
cf-ray: 879996c709c39449-LHR
x-cache-hits: 102, 0

GET
H2 200 1657243737-8-pack.jpg
img.funnelish.com/6074/30059/ 8 KB
8 KB 73ms
22ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657243737-8-pack.jpg?height=220&width=220&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49ef1b2a9de6d0800a7b8e5bb3e37f88fd27a55b2eb2684c221bb5440d8ce7b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Apr 2024 02:35:16 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img09-europe-west2
age: 1668629
x-guploader-uploadid: ABPtcPo8Kl1KQr4WpvFiiLRMlsf4SxM_IjruYX-KpDqFRBVwEe0BQT0-YDMkzsv_EWTpmjLvCZOTzR0B_Q
x-cache: HIT, HIT
fastly-io-info: ifsz=8300370 idim=4879x4876 ifmt=jpeg ofsz=8052 odim=220x220 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 8052
x-served-by: cache-lhr7357-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.677983,VS0,VE1
etag: "N0qVfXt8pU2h0uSVFBWdcczYG2lZ4XjriqXMc8nr7bQ"
vary: Accept
x-goog-generation: 1657243737920631
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=3iueAg==, md5=fWy5eWxdDovm4bvDk1Q50Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8300370
accept-ranges: bytes
cf-ray: 879a98706bac9571-LHR
x-cache-hits: 2, 0

GET
H2 200 1684337318-shipping_protection.png
img.funnelish.com/6074/60903/ 1 KB
2 KB 76ms
27ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/60903/1684337318-shipping_protection.png?height=60&width=60&auto=webp&fit=bounds
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b30332c3fc9968e41da36330f8059522726f6555015e1efd1dea63c8c8f625

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 03:43:13 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img10-europe-west2
age: 832808
x-guploader-uploadid: ABPtcPpo5t1Gd8aAH4NxNpM9f3Gy2XPNSZ8uzeaETmtbKzi6NYwBNVnBrXUl919_JkwqJF1MlTk8SmnsCw
x-cache: HIT, HIT
fastly-io-info: ifsz=2735 idim=180x180 ifmt=png ofsz=1236 odim=60x60 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 1236
x-served-by: cache-lhr7357-LHR, cache-fra-etou8220145-FRA
server: cloudflare
x-timer: S1715694294.677919,VS0,VE1
etag: "0A8JulS/4sQl50kniOE7ZiaBtAtzAL/hI2udGYExs9Q"
vary: Accept
x-goog-generation: 1684337318838378
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=TBlafw==, md5=Sj+f5TKKfcslK/uzmLeS3w==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2735
accept-ranges: bytes
cf-ray: 8792be98ee38652b-LHR
x-cache-hits: 44, 0

GET
H2 200 1643364132-arrow-flash-small.gif
img.funnelish.com/4224/20304/ 494 B
1 KB 67ms
20ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/4224/20304/1643364132-arrow-flash-small.gif
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Apr 2024 06:41:29 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img02-europe-west2
age: 1591281
x-guploader-uploadid: ABPtcPqJpWmzxvUHbbIqPIZFkbZ1psjda_WBXRVuPJk8b-mbacGVbupGRm2NQIeb6VHMTNh0sPTjZ50NQQ
x-cache: HIT, HIT
fastly-io-info: ifsz=494 idim=28x17 ifmt=gif ofsz=494 odim=28x17 ofmt=gif ofrm=3
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 494
fastly-io-warning: Failed to shrink image
x-served-by: cache-lhr7386-LHR, cache-fra-etou8220145-FRA
server: cloudflare
x-timer: S1715694294.677375,VS0,VE0
etag: "K/BLoOQIkc4m9ZRGLwpp1QD1mz6Hk+Y5f659iwHI/+U"
vary: Accept
x-goog-generation: 1643364132725553
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ppkZvg==, md5=ZKfdcde9xqcgDFLOmzZwGg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 494
accept-ranges: bytes
cf-ray: 879c0119683624d4-LHR
x-cache-hits: 1591, 2

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:14:28 GMT
x-content-type-options: nosniff
age: 19825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:14:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 71ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 10:16:35 GMT
x-content-type-options: nosniff
age: 271698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 May 2025 10:16:35 GMT

GET
H2 200 1680799941-main-logo.png
img.funnelish.com/6074/60903/ 2 KB
3 KB 62ms
23ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/60903/1680799941-main-logo.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aea686f92bc8f488e8c1f45ec00b7602cef094a65297ae0502fb35b724962e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Apr 2024 03:42:11 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img06-europe-west2
age: 1638128
x-guploader-uploadid: ABPtcPofQGb2PWDuJb7Knbe3519Va0gMgUVVe3zBY6i9ocrOcszxY8PKvMSUwPmOvTIy_Jq9kqca02dIVQ
x-cache: HIT, HIT
fastly-io-info: ifsz=3122 idim=250x34 ifmt=png ofsz=2440 odim=250x34 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2440
x-served-by: cache-lhr7374-LHR, cache-fra-etou8220141-FRA
server: cloudflare
x-timer: S1715694294.727475,VS0,VE1
etag: "25yi/XGTbHvX28OO+vWF6WxrXitVfyV9IRIfpYu7txc"
vary: Accept
x-goog-generation: 1680799941590470
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=sGIDOQ==, md5=wE06aVyVf3mGdgskkwHuzw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 3122
accept-ranges: bytes
cf-ray: 879afa751ccb9457-LHR
x-cache-hits: 71, 0

GET
H2 200 1675196004-4.jpg
img.funnelish.com/6074/30059/ 24 KB
25 KB 72ms
34ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196004-4.jpg?auto=compress,format&optimize=medium&fit=clip&w=400&h=400
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6e2559438b3edfb1a43420df00b023a737dab3315661cdda78ad1b2bab7edf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 04:26:30 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img10-europe-west2
age: 255983
x-guploader-uploadid: ABPtcPqpwQwZfvpuSpGNxUn98P5JAxw0dxJBg2nLwgZyh5Fut1PGjvkYpQlRFjNZbB4ga1wfI8Bb70SIfQ
x-cache: HIT, HIT
fastly-io-info: ifsz=80334 idim=600x600 ifmt=jpeg ofsz=24770 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24770
x-served-by: cache-lhr7365-LHR, cache-fra-etou8220141-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.727905,VS0,VE14
etag: "SvVDMGpGf7z2TT0bFTDhCLiWnzxwW5zq33x/hK/SGPA"
vary: Accept
x-goog-generation: 1675196004384223
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=k9ekuA==, md5=lQ771j9E7cRcGPwXm7TwFA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 80334
accept-ranges: bytes
cf-ray: 8792fdffba189547-LHR
x-cache-hits: 9, 0

GET
H2 200 1675196004-4.jpg
img.funnelish.com/6074/30059/ 30 KB
30 KB 53ms
53ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196004-4.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2683e824a1460e8c3f46458e51b362c830a31be392a0ebc20ffde2b8e17cd4e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 04:26:30 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img10-europe-west2
age: 255984
x-guploader-uploadid: ABPtcPqpwQwZfvpuSpGNxUn98P5JAxw0dxJBg2nLwgZyh5Fut1PGjvkYpQlRFjNZbB4ga1wfI8Bb70SIfQ
x-cache: HIT, HIT
fastly-io-info: ifsz=80334 idim=600x600 ifmt=jpeg ofsz=30230 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 30230
x-served-by: cache-lhr7365-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.689034,VS0,VE14
etag: "wJ9DDuo6Kbs05Q37kCo04RhEFuN7wYPAoBXhoUta8oo"
vary: Accept
x-goog-generation: 1675196004384223
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=k9ekuA==, md5=lQ771j9E7cRcGPwXm7TwFA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 80334
accept-ranges: bytes
cf-ray: 8792fdffba189547-LHR
x-cache-hits: 9, 0

GET
H2 200 1675196014-1.jpg
img.funnelish.com/6074/30059/ 47 KB
47 KB 25ms
25ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196014-1.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c03db8df228b95094010adab4a18d92fa4c10638318ada3e0c1cc76c3342d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 17 Apr 2024 06:42:10 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img09-europe-west2
age: 859026
x-guploader-uploadid: ABPtcPo-t-VBrq49lrBxbVJwxeIoS20s_vqhivwawsBhFAKwp5GXv18EOolNS2pyWqcLm1_ynKh20tUsIw
x-cache: HIT, HIT
fastly-io-info: ifsz=125561 idim=600x600 ifmt=jpeg ofsz=47828 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 47828
x-served-by: cache-lhr7324-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.689126,VS0,VE1
etag: "vBBsaQSXc4AO4YF2LCGUGr6EwhJpnKWbopRVut6QesQ"
vary: Accept
x-goog-generation: 1675196014450473
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=8VjVmA==, md5=ZTwnH04psjaFfwW7E50kuA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 125561
accept-ranges: bytes
cf-ray: 875a171cda9b93f1-LHR
x-cache-hits: 10, 0

GET
H2 200 1675196019-2.jpg
img.funnelish.com/6074/30059/ 33 KB
33 KB 34ms
34ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196019-2.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b800edca5108f0d955a8a6fa78cadfe72ad1e1094862480d4ae6921e7e64988

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 20 Apr 2024 15:09:12 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img04-europe-west2
age: 654366
x-guploader-uploadid: ABPtcPofeECNDM3c2W0Dzykv4WYsbC_hqQOzRzHWCyqUSNA9vBzqdKzcXq7UOyVywlg9GAvwuYc
x-cache: HIT, HIT
fastly-io-info: ifsz=97474 idim=600x600 ifmt=jpeg ofsz=33452 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 33452
x-served-by: cache-lhr7325-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.694098,VS0,VE1
etag: "WvKV9SXrOZ70vFG7By8yE5ICb1hWyML8mSiFxCk1iNQ"
vary: Accept
x-goog-generation: 1675196019929541
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=TH80Wg==, md5=2ld4xLugVhcb0XbfZ9Q6QA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 97474
accept-ranges: bytes
cf-ray: 8775b5f23f619481-LHR
x-cache-hits: 10, 0

GET
H2 200 1675196024-3.jpg
img.funnelish.com/6074/30059/ 43 KB
44 KB 48ms
48ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196024-3.jpg?auto=compress,format&fit=clip&w=65&h=65
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaea76a9bcf74e531ddfd862a4aaaaa0cff3d6982b149ad06b6be570087842e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 20 Apr 2024 15:09:12 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img07-europe-west2
age: 1551911
x-guploader-uploadid: ABPtcPoDRXydLHC0zdWiSHSV05YThMHQL8hl1yoDA4KJtaJLLuO7iVfn2idJQ3SRvHhNgPIb6lMzSqpHeA
x-cache: HIT, HIT
fastly-io-info: ifsz=120672 idim=600x600 ifmt=jpeg ofsz=44154 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 44154
x-served-by: cache-lhr7325-LHR, cache-fra-etou8220145-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.694106,VS0,VE1
etag: "uD1lnTW8jgW61P6NdrlrZQoHf8aTp6RqoYwbcufSLPM"
vary: Accept
x-goog-generation: 1675196024988559
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=lQQ3KA==, md5=lNDCv9zBo5GT0fmSgaNzUA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 120672
accept-ranges: bytes
cf-ray: 8775b5f23e9e777a-LHR
x-cache-hits: 68, 0

GET
H2 200 1675196826-arrow.png
img.funnelish.com/6074/30059/ 186 B
571 B 61ms
22ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1675196826-arrow.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae29f305d19931388ce8482fdd27934cad55af9bbebe34a0e4699f820d18bb2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 15:26:21 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img08-europe-west2
age: 1552034
x-guploader-uploadid: ABPtcPqGW-4spyMSYg24orzk9hN5fd4FZkIlb4HJSpjKtWjQrffHf4C4EaGcUsb7xWxuEjdsP6ShO_ieFw
x-cache: HIT, HIT
fastly-io-info: ifsz=1231 idim=31x28 ifmt=png ofsz=186 odim=31x28 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 186
x-served-by: cache-lhr7323-LHR, cache-fra-etou8220141-FRA
server: cloudflare
x-timer: S1715694294.727639,VS0,VE1
etag: "tS7hal826cw/5LhhzhzqaOxUzW2Cp+g9vT+goHriZ4w"
vary: Accept
x-goog-generation: 1675196826581075
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=D5pnlA==, md5=EZ+WaM3p/Rr4cM/iMmCGPQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1231
accept-ranges: bytes
cf-ray: 8796c492fca094a1-LHR
x-cache-hits: 166, 0

GET
H2 200 1657636070-warning.png
img.funnelish.com/6074/30059/ 4 KB
4 KB 60ms
21ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657636070-warning.png
Requested by: Host: order.preparedhero.com
URL: https://order.preparedhero.com/efb-checkout-r?discount=EXTRA10&utm_campaign=Email%20%232%20%28VWvEi5%29&utm_medium=email&utm_source=MP%20%7C%20Ab%20Cart%20Flow%20%28CustomersAI-%20%E2%80%98%2Fefb%E2%80%99%29&_kx=ycsIOJ0FNjr-wyMzc5oxhtaXnZn7slSPBWYDdHaPljDCy2-mkEkz3S56kNA2iLPr.Ncipn8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c246a64acc1412e5e60639a46a2bbeff2b6f134c69f4f775f7eb1cefcb58ab7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 13:48:39 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img09-europe-west2
age: 1586925
x-guploader-uploadid: ABPtcPq-Il3Zg4E6UfCKC7jWUlGj5o8gtn5h22qK48cHqWzT_zbLq7ZlPVJZri2SdWEFcnv8s0KsGMUipg
x-cache: HIT, HIT
fastly-io-info: ifsz=10731 idim=512x512 ifmt=png ofsz=3848 odim=512x512 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3848
x-served-by: cache-lhr7349-LHR, cache-fra-etou8220141-FRA
server: cloudflare
x-timer: S1715694294.727464,VS0,VE1
etag: "ZBzjU4R8iejSlFXTVtyBHcSKth37X19P3GA8SKdC7Bk"
vary: Accept
x-goog-generation: 1657636070312454
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=64aDEA==, md5=TaXA8CG3Oj3Ak7TTS0tuTw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 10731
accept-ranges: bytes
cf-ray: 87963574988c63f6-LHR
x-cache-hits: 128, 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 76ms
32ms XHR
application/json 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://order.preparedhero.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 256 KB
56 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 21:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57202
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 21:16:27 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 182 KB
56 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 21:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57145
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 21:16:27 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 94 KB
25 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

808ea90cebc0f9a52fc022bdb3a5221d58cdd28336333e2ad94a7f85c665f26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 21:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25278
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 21:16:28 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/ 43 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/12a/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBX0PgjqQslj7EcJirWQGA7A2DeoSPydPw&loading=async&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2595ce2de7420236eaec8d2051f0e811c51f0c1bd18e3394684e5e1fde14d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 21:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13342
x-xss-protection: 0
last-modified: Tue, 07 May 2024 21:52:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 May 2025 21:16:37 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 87ms
35ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:44:53 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 14 May 2024 13:44:53 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 88ms
36ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:44:53 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 14 May 2024 13:44:53 GMT

GET
H2 200 1660668305-favicon.png
img.funnelish.com/6074/30059/ 2 KB
2 KB 20ms
20ms Other
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.funnelish.com/6074/30059/1660668305-favicon.png?auto=webp&fit=bounds&width=40&height=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 25 Apr 2024 03:31:07 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img01-europe-west2
age: 1451232
x-guploader-uploadid: ABPtcPpmJhi92euXmtGVqtr0eaFfDr3JO-dipj9D3wPteb58iJg3uAl7KcoCj5UprJlyrvAVKS862iZhyg
x-cache: HIT, HIT
fastly-io-info: ifsz=11877 idim=192x210 ifmt=png ofsz=1840 odim=37x40 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 1840
x-served-by: cache-lhr7380-LHR, cache-fra-etou8220145-FRA
server: cloudflare
x-timer: S1715694294.881469,VS0,VE1
etag: "9JCQX/wigJqzWPPkV7WLrIdnWgR2EFjhaOT6qI8xDh0"
vary: Accept
x-goog-generation: 1660668305685401
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ll4OBA==, md5=HXsHPcwuP0BRU3jVzk/KOA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 11877
accept-ranges: bytes
cf-ray: 879aea3ccd2d4197-LHR
x-cache-hits: 44, 0

GET
H2 200 1653027341-checkout-secured.png
img.funnelish.com/5682/26088/ 89 KB
89 KB 21ms
20ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/5682/26088/1653027341-checkout-secured.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4d0c00c4767c09557646606c23b7e152b982a59b7ac5513dd278432ae8aa95

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 21:32:56 GMT
date: Tue, 14 May 2024 13:44:53 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
fastly-io-served-by: img02-europe-west2
age: 810991
x-guploader-uploadid: ABPtcPohbWHJnhcABsZT0_e4jmmUfTu8UGhisQRwcjXhiDs_2e32iS69ZTNv4etHyIsZmnRyhxc
x-cache: HIT, HIT
fastly-io-info: ifsz=146309 idim=1368x182 ifmt=png ofsz=90978 odim=1368x182 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 90978
x-served-by: cache-lhr7380-LHR, cache-fra-etou8220141-FRA
server: cloudflare
x-timer: S1715694294.950494,VS0,VE1
etag: "TU4XmqIoJhCmkIquIQhaddb7kbzsLmZzWP9E5XoaC3c"
vary: Accept
x-goog-generation: 1653027342107048
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=zKX+cw==, md5=3HDl3n8pcDoi4WArWq5DYA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 146309
accept-ranges: bytes
cf-ray: 8798faa0c863dd77-LHR
x-cache-hits: 1, 0

GET
H2 200 1669664459-hook.jpg
img.funnelish.com/6074/30059/ 17 KB
17 KB 20ms
20ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1669664459-hook.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b655c92f0393c27b4b4f92ffa6b87e10fbeeedec8ee6eae37e7b60a5ce1e822d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 24 Apr 2024 02:36:55 GMT
date: Tue, 14 May 2024 13:44:54 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: REVALIDATED
fastly-io-served-by: img01-europe-west2
age: 1272904
x-guploader-uploadid: ABPtcPrAOzwY3QwObczWOoqYU2wchv-fqJBYVjNVjQFrBLYp9qage3OKm_qXvt-SKURGwLJCyHL1zbeB1A
x-cache: HIT, HIT
fastly-io-info: ifsz=15767 idim=600x600 ifmt=jpeg ofsz=17394 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 17394
x-served-by: cache-lhr7380-LHR, cache-fra-etou8220141-FRA
cf-bgj: h2pri
server: cloudflare
x-timer: S1715694294.082418,VS0,VE1
etag: "Oisw1DtbmOGADU2J0OBjadjcdr22I0G26o4X2hN0Jmg"
vary: Accept
x-goog-generation: 1669664460085202
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=GXxSeA==, md5=VsM83wRU/Ksq6nbizMZD2Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 15767
accept-ranges: bytes
cf-ray: 87925d7aeffb4189-LHR
x-cache-hits: 55, 0

GET
H2 200 1653376152-6143e22a819db63e038347ba_30mbg.svg
img.funnelish.com/3986/26453/ 91 KB
19 KB 20ms
20ms Image
image/svg+xml 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/3986/26453/1653376152-6143e22a819db63e038347ba_30mbg.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207ac888ee9ae038f56e2470dcd2f358854ea5dd2e862ae31b453d16c332513d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 17 Apr 2024 11:22:25 GMT
date: Tue, 14 May 2024 13:44:54 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
cf-cache-status: REVALIDATED
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 1437831
x-guploader-uploadid: ABPtcPr5Ambn8KHWMwgHCxiQLcRneHkaeTDf1yVSGRUJ_NnObq0zgivOslUvcBGlfPtCCsUOseqIEJRjrg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18634
x-served-by: cache-lhr7336-LHR, cache-fra-etou8220141-FRA
last-modified: Tue, 24 May 2022 07:09:12 GMT
server: cloudflare
x-timer: S1715694295.899695,VS0,VE1
etag: "f0fc853b97f819d2248c06856702e07c"
vary: Accept
x-goog-generation: 1653376152873477
x-goog-hash: crc32c=mM3axA==, md5=8PyFO5f4GdIkjAaFZwLgfA==
access-control-allow-origin: *
content-type: image/svg+xml
cache-control: public, max-age=3600
x-goog-stored-content-length: 92719
accept-ranges: bytes
cf-ray: 875bb1a05bac06cd-LHR
x-cache-hits: 29, 0

GET
H2 200 1657636981-r1.webp
img.funnelish.com/6074/30059/ 38 KB
39 KB 22ms
22ms Image
image/webp 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.funnelish.com/6074/30059/1657636981-r1.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f2bcb22c71ea2b08a3ccab9e2f471fce327a739ff5458234d91df98a2e81ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://order.preparedhero.com/
Origin: https://order.preparedhero.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 18 Apr 2024 11:28:10 GMT
date: Tue, 14 May 2024 13:44:54 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
fastly-io-served-by: img07-europe-west2
age: 1578339
x-guploader-uploadid: ABPtcPq12NyFulh8MXZvcQbMx6ag-S-OmL5w72pOmWS2zVbm-2IB6sQBRB-rhaAJllpmB4GZDCw
x-cache: HIT, HIT
fastly-io-info: ifsz=49216 idim=600x600 ifmt=webp ofsz=39198 odim=600x600 ofmt=webp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 39198
x-served-by: cache-lhr7370-LHR, cache-fra-etou8220141-FRA
server: cloudflare
x-timer: S1715694295.899834,VS0,VE1
etag: "sFkThUNorxHBCQZAtRhd38ALEhsllZJJY0xSA2khDuA"
vary: Accept
x-goog-generation: 1657636981432924
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ApRqXw==, md5=mRFBD9dhcCMzIb8KuqPz+A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 49216
accept-ranges: bytes
cf-ray: 876427da388bdc83-LHR
x-cache-hits: 11, 0

POST view
analytics.app.funnelish.com/ 0
0

OPTIONS
H2 204 view
analytics.app.funnelish.com/ 0
0 191ms
142ms Preflight
text/html 34.111.146.89

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.app.funnelish.com/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.146.89 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://order.preparedhero.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html
date: Tue, 14 May 2024 13:44:57 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google, 1.1 google
x-cloud-trace-context: 73906fd5d1216b1c7b7c4560d1d6d052

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.app.funnelish.com
URL: https://analytics.app.funnelish.com/view

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
order.preparedhero.com/discounts	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/discounts	1969-12-31 23:59:59	Name: x-geo-city Value: bocholt
order.preparedhero.com/discounts	1969-12-31 23:59:59	Name: x-geo-latitude Value: 51.830
order.preparedhero.com/discounts	1969-12-31 23:59:59	Name: x-geo-longitude Value: 6.640
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-country_code Value: DE
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-city Value: bocholt
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-latitude Value: 51.830
order.preparedhero.com/	1969-12-31 23:59:59	Name: x-geo-longitude Value: 6.640
order.preparedhero.com/	1969-12-31 23:59:59	Name: X-ResourcesToken Value: 1715701493_0x0825835bf16ebba55a23ee1cac5d7558f6517ba7
order.preparedhero.com/	1969-12-31 23:59:59	Name: X-Page Value: F_6074_141789_538051_556525

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.app.funnelish.com
fonts.gstatic.com
img.funnelish.com
maps.googleapis.com
maps.gstatic.com
order.preparedhero.com
trk.klclick.com
analytics.app.funnelish.com
151.101.2.132
151.101.66.132
2600:9000:20ae:400:14:c8fd:7700:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:808::2003
2a00:1450:4001:828::200a
34.111.146.89
08c03db8df228b95094010adab4a18d92fa4c10638318ada3e0c1cc76c3342d0
0b800edca5108f0d955a8a6fa78cadfe72ad1e1094862480d4ae6921e7e64988
17e22be5994bd5cc3ba12d26b3d34f5fbcca0dc6c0f4bbbda6c5cb57f4b081a6
207ac888ee9ae038f56e2470dcd2f358854ea5dd2e862ae31b453d16c332513d
2595ce2de7420236eaec8d2051f0e811c51f0c1bd18e3394684e5e1fde14d0c2
2683e824a1460e8c3f46458e51b362c830a31be392a0ebc20ffde2b8e17cd4e7
32204db69e23eacd7538eddcc6bc98a3b615583fd29d5e7b38373f0c0492901e
3aea686f92bc8f488e8c1f45ec00b7602cef094a65297ae0502fb35b724962e4
3c3d1441c5168b614e83bd1aa1cf37d2616b78f5ecda024db9dfc0f2f2fede90
49f2bcb22c71ea2b08a3ccab9e2f471fce327a739ff5458234d91df98a2e81ec
4d4d0c00c4767c09557646606c23b7e152b982a59b7ac5513dd278432ae8aa95
4e11835a47dd8191ddc11754c1bf0b58c56ebc6a82b4a05106e0c0c0b70b2970
5c246a64acc1412e5e60639a46a2bbeff2b6f134c69f4f775f7eb1cefcb58ab7
642d87383477078fed5a7535b6b287581ea5fb62b41dfe54c367ed06478ce284
6e02652bb3712b0d6c86d46b57605d17f3620592c070f87889855a180047079d
77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
808ea90cebc0f9a52fc022bdb3a5221d58cdd28336333e2ad94a7f85c665f26d
8ae29f305d19931388ce8482fdd27934cad55af9bbebe34a0e4699f820d18bb2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99fef3f878b819e7ed61ba40a1d4cb9aa10a115ce5861823f7d67f5623d4440c
9aaea76a9bcf74e531ddfd862a4aaaaa0cff3d6982b149ad06b6be570087842e
9e0f4fe5c92f5833c4724a04f3270df2d826d8d013537b1175f6eeb7948bf180
a84f82948131e922740b533c680b87203351fe310a226d5b4819d98150dd1362
b1b30332c3fc9968e41da36330f8059522726f6555015e1efd1dea63c8c8f625
b655c92f0393c27b4b4f92ffa6b87e10fbeeedec8ee6eae37e7b60a5ce1e822d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c49ef1b2a9de6d0800a7b8e5bb3e37f88fd27a55b2eb2684c221bb5440d8ce7b
c62c450ab887bb2e6eec880209eb4e3919046f137b8a99a6439cda6b7aae54e9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
fb6e2559438b3edfb1a43420df00b023a737dab3315661cdda78ad1b2bab7edf
ff7c90fc0c9e01f1222cf1c1d476cf0f13a19100cf61873be4096c00ac9efd9f

order.preparedhero.com Open in urlscan Pro 151.101.2.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

57 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

706 kBTransfer

1556 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

order.preparedhero.com Open in urlscan Pro
151.101.2.132 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

706 kB
Transfer

1556 kB
Size

10
Cookies

35 HTTP transactions
1 data transactions