mxmerchant.flightattendantmusings.com Open in urlscan Pro
89.208.103.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mxmerchant.flightattendantmusings.com/
Submission: On January 12 via manual (January 12th 2023, 4:47:33 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 54 HTTP transactions. The main IP is 89.208.103.174, located in Frankfurt am Main, Germany and belongs to AEZA-AS, RU. The main domain is mxmerchant.flightattendantmusings.com.
TLS certificate: Issued by R3 on January 12th 2023. Valid for: 3 months.

This is the only time mxmerchant.flightattendantmusings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	89.208.103.174 89.208.103.174	210644 (AEZA-AS) (AEZA-AS)
1	52.222.214.95 52.222.214.95	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::6816:2fa8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.112.89 18.66.112.89	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.104 143.204.89.104	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.98 13.32.121.98	16509 (AMAZON-02) (AMAZON-02)
2	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	52.89.105.88 52.89.105.88	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:ac00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
54	14

28 89.208.103.174 (Frankfurt am Main, Germany)

ASN210644 (AEZA-AS, RU)
PTR: even-scissors.aeza.network

mxmerchant.flightattendantmusings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-95.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:2fa8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.whisk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.whisk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-104.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-98.fra60.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.105.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-105-88.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	flightattendantmusings.com mxmerchant.flightattendantmusings.com	914 KB
6	whisk.com cdn.whisk.com — Cisco Umbrella Rank: 67551 events.whisk.com — Cisco Umbrella Rank: 76768	93 KB
6	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3753 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4611 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4911 signal-segments.s-onetag.com — Cisco Umbrella Rank: 7998	22 KB
5	proper.io global.proper.io — Cisco Umbrella Rank: 8561 abcheck.proper.io — Cisco Umbrella Rank: 9186 bids.proper.io — Cisco Umbrella Rank: 8841	148 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197	157 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 935 pixel.quantserve.com — Cisco Umbrella Rank: 656	10 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 590	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 869	2 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 267	403 B
0	Failed function sub() { [native code] }. Failed
54	10

	Domain	Requested by
28	mxmerchant.flightattendantmusings.com	mxmerchant.flightattendantmusings.com
4	cdn.whisk.com	mxmerchant.flightattendantmusings.com cdn.whisk.com
3	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net
2	events.whisk.com	cdn.whisk.com
2	abcheck.proper.io	mxmerchant.flightattendantmusings.com
2	ap.lijit.com	mxmerchant.flightattendantmusings.com ap.lijit.com
2	signal-segments.s-onetag.com	get.s-onetag.com
2	global.proper.io	get.s-onetag.com global.proper.io
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
1	pixel.quantserve.com	mxmerchant.flightattendantmusings.com
1	rules.quantcount.com	secure.quantserve.com
1	sentry.io	cdn.whisk.com
1	bids.proper.io	global.proper.io
1	secure.quantserve.com	global.proper.io
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	mxmerchant.flightattendantmusings.com
0	truncated Failed	mxmerchant.flightattendantmusings.com
54	17

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
uk.pinterest.com
instagram.com
pinterest.com
www.ocado.com
embarknow.co.uk

Subject Issuer	Validity	Valid
mxmerchant.flightattendantmusings.com R3	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
whisk.com Cloudflare Inc ECC CA-3	`2022-08-18` - `2023-08-17`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-02-09`	a year	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mxmerchant.flightattendantmusings.com/
Frame ID: 4BB0CD08CA9AEF7484C491F07E4272AC
Requests: 49 HTTP requests in this frame

Frame: https://cdn.whisk.com/sdk/proxy.html?v=5.7.0
Frame ID: 74B18772CC428A765D2BFDCEBA43671C
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: D4C3F9C2682076CADBB80F69C14F52FB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whipping Cream Instead of Double Cream | Ask Nigella.com | Nigella LawsonyoutubepinteresttwitterfacebookinstagramvimeowhatsappBookmarkEntriesBURGER NEWChevron DownChevron LeftChevron RightBasketSpeechCommentSearchVideo Play IconNigella LawsonPremiumNigella LawsonVeganVegetarianMemberSpeechRecipeEmailBookmarkCommentCameraScalesQuantityListReorderRemoveOpen book

Detected technologies

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

54
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

17
Subdomains

14
IPs

2
Countries

1349 kB
Transfer

2890 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UC7jM43otyf2_Ye_DBrQYKfg

Search URL Search Domain Scan URL

URL: https://uk.pinterest.com/nigellalawson

Search URL Search Domain Scan URL

URL: https://instagram.com/nigellalawson

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/bookmarklet/?description=Whipping%20Cream%20Instead%20of%20Double%20Cream&url=#/ask/whipping-cream-instead-of-double-cream

Search URL Search Domain Scan URL

URL: https://www.ocado.com/webshop/recipe/Nigella-s-Feta-Black-Bean-and-Clementine-Couscous/223061?ad=223439%7C4689678%7C223455%7C4689680?utm_source=nigella_website&utm_medium=house_ad&utm_campaign=nigella_x_ocado

Search URL Search Domain Scan URL

URL: https://embarknow.co.uk/
Title: Embark

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mxmerchant.flightattendantmusings.com/ 81 KB
29 KB 500ms
64ms Document
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

e9e0b52daf795c0ca6a82a9b0d57d88133005c47cac9b67e14f9d8b503c235fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 29793
content-type: text/html; charset=UTF-8
date: Thu, 12 Jan 2023 16:47:28 GMT
server: nginx
strict-transport-security: max-age=15768000;
vary: Accept-Encoding

GET
H2 200 www.nigella.com16.css
mxmerchant.flightattendantmusings.com/css/ 233 KB
33 KB 19ms
18ms Stylesheet
text/css 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

9925851cc516bca2e89cd9ce006a536e33a8df5fc224254f337d28128b0328f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-3a5f7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com2.js Show response
mxmerchant.flightattendantmusings.com/js/ 30 KB
11 KB 25ms
25ms Script
application/javascript 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/js/www.nigella.com2.js

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

51fcb11941e7f553e163313e0d99c9a9efbcdd91360782f0624bd2124c575df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-7915"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/ 41 KB
12 KB 41ms
8ms Script
text/javascript 52.222.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Requested by: Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51e55f3aab5421b1ca7e5d0dcbde0c530cfd44ef8f8d75da97b77f3304e19c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1AP3WlCuETOXNNREkjFv_a8rT5btYau2
content-encoding: gzip
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
date: Thu, 12 Jan 2023 05:12:45 GMT
last-modified: Thu, 18 Aug 2022 15:20:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 41683
etag: W/"78ff2ec68e6abcd5d845bc5df6fb79e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: IPicSDX2_eUvF-vds8WwIkEM5K3Ttp5PigmzwHQljt1iSeL9UQXpuQ==

GET
H2 200 shopping-list.js Show response
cdn.whisk.com/sdk/ 188 KB
54 KB 52ms
21ms Script
application/javascript 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whisk.com/sdk/shopping-list.js
Requested by: Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97900c14f0bc4bbc2f6eeb51a690fff531a5f5f90f3efb6bbf73eddf5f8653e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 5548
cf-polished: origSize=192312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:19:37 GMT
server: cloudflare
etag: W/"f4d7882e216c6af9ce7b8dd2ecea1860"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78875fc90907bbe5-FRA
expires: Thu, 12 Jan 2023 19:15:00 GMT

GET
H2 200 www.nigella.com17.css
mxmerchant.flightattendantmusings.com/css/ 3 KB
1 KB 62ms
61ms Stylesheet
text/css 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/css/www.nigella.com17.css

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

8e5dfa0f0812e45a3c9eee0bce13690773fa0f03d8e5d6dd64db78c1b80dd276

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-a85"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com2.svg
mxmerchant.flightattendantmusings.com/img/ 2 KB
997 B 34ms
31ms Image
image/svg+xml 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com2.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

d2446d04afcee25e8613c271f3a60cde872e9cebe77825f50659d801e1c990b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-6f4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com3.jpg
mxmerchant.flightattendantmusings.com/img/ 123 KB
123 KB 34ms
32ms Image
image/jpeg 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com3.jpg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

d078788c657326548c98a96a23a2002680a6f8a0a1cacf0e79da0f9b67a28300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: "63bc7948-1eba5"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125861
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com4.jpg
mxmerchant.flightattendantmusings.com/img/ 131 KB
131 KB 39ms
37ms Image
image/jpeg 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com4.jpg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

caa89ad4bbad481fe45c6a674a448904f714cd50e550381ca094911b7babffe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: "63bc7948-20a6b"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 133739
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com5.jpg
mxmerchant.flightattendantmusings.com/img/ 171 KB
171 KB 39ms
37ms Image
image/jpeg 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com5.jpg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

68405f1aac6e19b62ef750faff02e746367ff52e8a27ca178e8b22a3e629c529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: "63bc7948-2ac56"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 175190
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com6.jpg
mxmerchant.flightattendantmusings.com/img/ 171 KB
171 KB 39ms
38ms Image
image/jpeg 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com6.jpg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

68405f1aac6e19b62ef750faff02e746367ff52e8a27ca178e8b22a3e629c529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:02 GMT
server: nginx
etag: "63bc794a-2ac56"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 175190
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com7.png
mxmerchant.flightattendantmusings.com/img/ 20 KB
20 KB 62ms
61ms Image
image/png 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com7.png

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

38120426bcc307dfb010f812a8af507a11a6ba3406fbd5ca445f848ece551dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:02 GMT
server: nginx
etag: "63bc794a-509a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20634
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com8.jpg
mxmerchant.flightattendantmusings.com/img/ 73 KB
74 KB 62ms
61ms Image
image/jpeg 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com8.jpg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

e2977d79edf3781663a74d298a1f79263a437ceaa392691a1c58a0dc92737463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:02 GMT
server: nginx
etag: "63bc794a-12586"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 75142
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com9.png
mxmerchant.flightattendantmusings.com/img/ 13 KB
13 KB 62ms
61ms Image
image/png 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/www.nigella.com9.png

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

d1acedc88718f974a211792a222d6f0d5a59d90beebc059c82b4f4e6ebececc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
last-modified: Mon, 09 Jan 2023 20:30:02 GMT
server: nginx
etag: "63bc794a-33e7"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13287
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com12.js Show response
mxmerchant.flightattendantmusings.com/js/ 27 KB
7 KB 16ms
16ms Script
application/javascript 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/js/www.nigella.com12.js

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

a551fea26c31264be0080e5e803bca58dda0fb07de4fd7f0ca97c4053aa64f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-6c5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 www.nigella.com13.js Show response
mxmerchant.flightattendantmusings.com/js/ 324 KB
92 KB 20ms
20ms Script
application/javascript 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/js/www.nigella.com13.js

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

54f581284e38f6a0c18959cbcdf0f328cf84e04ce5c442345e730c3bebf18dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 20:30:00 GMT
server: nginx
etag: W/"63bc7948-50f9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET truncated
/ 0
0

GET
H2 404 speech-interaction.svg
mxmerchant.flightattendantmusings.com/assets/img/ 3 KB
3 KB 55ms
54ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/assets/img/speech-interaction.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 speech-interaction-inverted.svg
mxmerchant.flightattendantmusings.com/assets/img/ 3 KB
3 KB 53ms
53ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/assets/img/speech-interaction-inverted.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-express.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 53ms
51ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-express.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-baking.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 62ms
60ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-baking.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-sweet.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 58ms
56ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-sweet.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-vegetarian.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 58ms
56ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-vegetarian.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-vegan.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 60ms
58ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-vegan.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-gluten-free.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 60ms
59ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-gluten-free.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-nut-free.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 51ms
50ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-nut-free.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-egg-free.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 51ms
50ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-egg-free.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 tag-dairy-free.svg
mxmerchant.flightattendantmusings.com/img/ 3 KB
3 KB 60ms
59ms Image
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mxmerchant.flightattendantmusings.com/img/tag-dairy-free.svg

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 404 futura-medium-webfont.woff2
mxmerchant.flightattendantmusings.com/fonts/futura/ 0
0 49ms
49ms Font
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.woff2

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
Origin: https://mxmerchant.flightattendantmusings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 363ms
318ms Fetch
application/json 18.66.112.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-89.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront), 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 4ee35b27-2a42-44f5-9e6f-755a16186c68
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: eo3xHG0zCYcFwpA=
content-length: 555
x-amz-cf-id: _dgCYEZtBT1FDS0SBhLNqyUPygDmjGGVAOUt6oENwYC7s0ff3Py6WA==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 20 KB
7 KB 53ms
8ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding: gzip
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
date: Thu, 12 Jan 2023 01:02:00 GMT
last-modified: Wed, 10 Aug 2022 09:56:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 56729
x-amz-server-side-encryption: AES256
etag: W/"588a5c88fba4ca02dace48040384e257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: E2hRM5r_oohQtV99aTuBveQe5-Qxkn9YXqfmC0KwoFOfZtj6NaeNUw==

GET
H2 200 nigella.min.js Show response
global.proper.io/ 27 KB
7 KB 62ms
35ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/nigella.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf4f4c0152f73f117d2e7861b22f73fff744a57c01e0fd7607503a45ef27b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Jan 2023 10:01:25 GMT
server: cloudflare
age: 283035
etag: W/"63bbe5f5-6a29"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 78875fc97c0d2bb8-FRA
expires: Thu, 12 Jan 2023 16:52:28 GMT

GET
H2 404 %2F Show response
signal-segments.s-onetag.com/desktop/mxmerchant.flightattendantmusings.com/ 0
286 B 161ms
130ms Fetch
application/json 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/mxmerchant.flightattendantmusings.com/%2F
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: eo3xEhIVCYcEaGw=
x-amz-cf-id: zCxpkoOlOjhANkABI-Hkej9cX7F1jaf6iLalQ0QL-HAHi7Gu7fejmQ==

GET
H2 404 mxmerchant.flightattendantmusings.com Show response
signal-segments.s-onetag.com/desktop/ 0
286 B 166ms
135ms Fetch
application/json 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/mxmerchant.flightattendantmusings.com
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/dc1ee758-dfa6-4050-b059-9b4144b1e8e1/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: eo3xEjCDCYcEPog=
x-amz-cf-id: YeJ4vWWXrVXIeYbcn_EiKlUVOMej1_S1wCFvuQM6ID8XrvR3DPvjHQ==

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 6 KB
3 KB 54ms
15ms Script
text/javascript 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13413913
Requested by: Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 16:47:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 19 Jan 2023 16:47:28 GMT

GET
H2 404 futura-medium-webfont.woff
mxmerchant.flightattendantmusings.com/fonts/futura/ 0
0 17ms
14ms Font
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.woff

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
Origin: https://mxmerchant.flightattendantmusings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 proxy.html Show response
cdn.whisk.com/sdk/ Frame 74B1 493 B
399 B 29ms
28ms Document
text/html 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whisk.com/sdk/proxy.html?v=5.7.0
Requested by: Host: cdn.whisk.com
URL: https://cdn.whisk.com/sdk/shopping-list.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e56ffc39bbf38385249cda0fb75c952227ec69ab444b10020debc3a2449d8d5

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 5684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400, must-revalidate
cf-apo-via: origin,host
cf-cache-status: HIT
cf-ray: 78875fc969ebbbe5-FRA
content-encoding: br
content-type: text/html
date: Thu, 12 Jan 2023 16:47:28 GMT
expires: Thu, 12 Jan 2023 19:12:44 GMT
last-modified: Fri, 16 Dec 2022 10:19:38 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 404 futura-medium-webfont.ttf
mxmerchant.flightattendantmusings.com/fonts/futura/ 0
0 15ms
14ms Font
text/html 89.208.103.174
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.ttf

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.208.103.174 Frankfurt am Main, Germany, ASN210644 (AEZA-AS, RU),

Reverse DNS

even-scissors.aeza.network

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/css/www.nigella.com16.css
Origin: https://mxmerchant.flightattendantmusings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 15:33:50 GMT
server: nginx
etag: W/"ce6-5f212d7f492fa"
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 200 proxy.js Show response
cdn.whisk.com/sdk/ Frame 74B1 41 KB
14 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whisk.com/sdk/proxy.js?v=38c156e4c753e0b3b70c
Requested by: Host: cdn.whisk.com
URL: https://cdn.whisk.com/sdk/proxy.html?v=5.7.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6983071a41c5f0b8ffd622e1f055ccd73ab8fe45ff26c285bf8fe8dc6776c19d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.whisk.com/sdk/proxy.html?v=5.7.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 5878
cf-polished: origSize=41632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:19:37 GMT
server: cloudflare
etag: W/"296b0f3a83a7ce5160b408510dc68dc7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78875fc9b9822c7e-FRA
expires: Thu, 12 Jan 2023 19:09:30 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 281ms
280ms Fetch
application/json 18.66.112.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-89.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront), 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 4ee35b27-2a42-44f5-9e6f-755a16186c68
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: eo3xHG0zCYcFwpA=
content-length: 555
x-amz-cf-id: 6eT6yk5tBMsTRkIskKBHxCEzJgc8xZnP3TSXNKUoh_831qrNg9EQ2A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/nigella.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479c9b3c3d3a24cd456ee17e3aaf0ba4915280248cc71b646bf61a4853b6058c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27526
x-xss-protection: 0
server: sffe
etag: "1449 / 109 of 1000 / last-modified: 1673525422"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Jan 2023 16:47:28 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 553 KB
139 KB 27ms
26ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/nigella.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 17:09:31 GMT
server: cloudflare
age: 1757291
etag: W/"637d024b-8a3ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 78875fc9cce82bb8-FRA
expires: Thu, 12 Jan 2023 16:52:28 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
981 B 371ms
362ms Image
image/gif 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=2.9428586040233027
Requested by: Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: NDJX23BJQZC5G8DY
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 78875fc9dd002bb8-FRA
content-length: 842
x-amz-id-2: c3gvp+Wkmy+AuptAYvsGimO7hTbYh2WRYF3ksgvfuwxT0foNNJGhkVrdGBHIIbmGDSdV4ODvKtw=
expires: Thu, 12 Jan 2023 20:47:28 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 369ms
360ms Image
image/gif 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=2.9428586040233027
Requested by: Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: NDJV58J68PVY1BA3
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 78875fc9dcfe2bb8-FRA
content-length: 842
x-amz-id-2: HwaU3eGgPnr7BEyHHiQVAhYJ+0YeGBE5s0O5yBLTxR+hd0SzmaHw94YTre08dP9YR578okQfAvo=
expires: Thu, 12 Jan 2023 20:47:28 GMT

GET
H3 200 async~sentry-608c1455d097078695cf.js Show response
cdn.whisk.com/sdk/ Frame 74B1 84 KB
25 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whisk.com/sdk/async~sentry-608c1455d097078695cf.js
Requested by: Host: cdn.whisk.com
URL: https://cdn.whisk.com/sdk/proxy.js?v=38c156e4c753e0b3b70c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74daaf2ab529a2b7d14bd9346401eb42d65f85fd5b32e80f3c84e951c7380862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.whisk.com/sdk/proxy.html?v=5.7.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 5878
cf-polished: origSize=85616
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 10:19:37 GMT
server: cloudflare
etag: W/"6ef14af19e38cedc73017249ec3ba8f5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78875fc9f9f22c7e-FRA
expires: Thu, 12 Jan 2023 19:09:30 GMT

OPTIONS
H2 200 track
events.whisk.com/v1/ Frame 0
0 203ms
151ms Preflight 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.whisk.com/v1/track

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mxmerchant.flightattendantmusings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: PATCH, HEAD, PUT, GET, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78875fca4af29b9b-FRA
content-length: 0
date: Thu, 12 Jan 2023 16:47:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: deny
x-robots-tag: noindex

POST
H2 200 track
events.whisk.com/v1/ 0
0 86ms
84ms Fetch 2606:4700:10::6816:2fa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.whisk.com/v1/track

Requested by

Host: cdn.whisk.com
URL: https://cdn.whisk.com/sdk/shopping-list.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: deny
access-control-allow-origin: *
x-robots-tag: noindex
cf-ray: 78875fcb3de09b9b-FRA
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2023011001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js?cb=31071544

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132153
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 09:35:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Jan 2024 16:12:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
80 B 58ms
41ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mxmerchant.flightattendantmusings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfd0bc96d6de143b36d246165eeb03275b40e9c5ade2cf6c2c36f82554b76621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Thu, 12 Jan 2023 16:47:28 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 35ms
10ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:47:28 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 19 Jan 2023 16:47:28 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 1261ms
707ms XHR
application/octet-stream 52.89.105.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.105.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-105-88.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Jan 2023 16:47:29 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

POST
H/1.1 200
OK / Show response
sentry.io/api/302060/envelope/ Frame 74B1 2 B
403 B 468ms
114ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/302060/envelope/?sentry_key=a87a1b8c91304f81a3686ff7752639ee&sentry_version=7

Requested by

Host: cdn.whisk.com
URL: https://cdn.whisk.com/sdk/async~sentry-608c1455d097078695cf.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://cdn.whisk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 12 Jan 2023 16:47:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://cdn.whisk.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 4 KB
2 KB 47ms
7ms Script
application/javascript 2600:9000:223c:ac00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 16:14:10 GMT
content-encoding: gzip
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1998
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:52:56 GMT
server: AmazonS3
etag: W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Ttn23FYEmXRfMo62DsMk2kqpv5aCSdp2ixV-z-moZspLdss3n2G6vQ==

GET
H2 200 pixel;r=1542230576;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fmxmerchant.flightattendantmusings.com%2F;uht=2;fpan=1;fpa=P0-834254782-1673542048399;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;...
pixel.quantserve.com/ 35 B
371 B 23ms
10ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1542230576;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fmxmerchant.flightattendantmusings.com%2F;uht=2;fpan=1;fpa=P0-834254782-1673542048399;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=flightattendantmusings.com;dst=0;et=1673542048449;tzo=0;ogl=site_name.Nigella%252Ecom;ses=6d3ce91b-1da9-4814-8fde-ec286e8eebe3

Requested by

Host: mxmerchant.flightattendantmusings.com
URL: https://mxmerchant.flightattendantmusings.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mxmerchant.flightattendantmusings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 16:47:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame D4C3 0
0 33ms
32ms Document
text/plain 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13413913
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mxmerchant.flightattendantmusings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Thu, 12 Jan 2023 16:47:28 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap5ams1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.proper.io/	1970-01-20 08:52:23	Name: __cf_bm Value: snlqkunNUmQp0obZyIGuk1fuM4dP9oapvbkFTZkV5PQ-1673542048-0-ASfvsG3iICMyymt5BRhnpDp3S4BNTY+ZYJ+83IiiAuW/40BCk+33GLGibBttigqq/zBOHGMrojrhXsHNQ3DF0PnyQDo8ec0z+c3kVP/lmp5Q
.whisk.com/	1970-01-20 17:37:58	Name: whisk.sdk.cookietest Value: name
.flightattendantmusings.com/	1970-01-20 08:52:23	Name: properSessionStorage Value: eyJ1dWlkIjoiZGNiMjRhMmEtNzdlNS00YmQwLTlhNTEtZGJmMDRkYTk2ZTUzIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjAsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.quantserve.com/	1970-01-20 18:22:36	Name: mc Value: 63c039a0-723ac-1f53a-0706d
.flightattendantmusings.com/	1970-01-20 18:16:50	Name: __qca Value: P0-834254782-1673542048399

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBR%E2%80%8C%E2%80%8BAA7 Message: Failed to load resource: net::ERR_INVALID_URL
network	error	URL: https://mxmerchant.flightattendantmusings.com/assets/img/speech-interaction-inverted.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-nut-free.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-egg-free.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/assets/img/speech-interaction.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-express.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-sweet.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-vegetarian.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-vegan.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-gluten-free.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-dairy-free.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/img/tag-baking.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mxmerchant.flightattendantmusings.com/fonts/futura/futura-medium-webfont.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/mxmerchant.flightattendantmusings.com/%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/mxmerchant.flightattendantmusings.com Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abcheck.proper.io
ap.lijit.com
bids.proper.io
cdn.whisk.com
events.whisk.com
get.s-onetag.com
global.proper.io
mxmerchant.flightattendantmusings.com
onetag-geo.s-onetag.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
sentry.io
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
truncated
truncated
13.32.121.98
143.204.89.104
18.66.112.89
216.52.2.48
2600:9000:223c:ac00:6:44e3:f8c0:93a1
2606:4700:10::6816:2fa8
2606:4700::6811:4e22
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:831::2002
35.188.42.15
52.222.214.95
52.89.105.88
89.208.103.174
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
2e56ffc39bbf38385249cda0fb75c952227ec69ab444b10020debc3a2449d8d5
38120426bcc307dfb010f812a8af507a11a6ba3406fbd5ca445f848ece551dce
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479c9b3c3d3a24cd456ee17e3aaf0ba4915280248cc71b646bf61a4853b6058c
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
51e55f3aab5421b1ca7e5d0dcbde0c530cfd44ef8f8d75da97b77f3304e19c0d
51fcb11941e7f553e163313e0d99c9a9efbcdd91360782f0624bd2124c575df8
54f581284e38f6a0c18959cbcdf0f328cf84e04ce5c442345e730c3bebf18dde
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
68405f1aac6e19b62ef750faff02e746367ff52e8a27ca178e8b22a3e629c529
6983071a41c5f0b8ffd622e1f055ccd73ab8fe45ff26c285bf8fe8dc6776c19d
74daaf2ab529a2b7d14bd9346401eb42d65f85fd5b32e80f3c84e951c7380862
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
859a885aa32847000c002c0bce5c07ff72d2958242524ce7e42796965f2f6166
8e5dfa0f0812e45a3c9eee0bce13690773fa0f03d8e5d6dd64db78c1b80dd276
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
97900c14f0bc4bbc2f6eeb51a690fff531a5f5f90f3efb6bbf73eddf5f8653e3
9925851cc516bca2e89cd9ce006a536e33a8df5fc224254f337d28128b0328f4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a551fea26c31264be0080e5e803bca58dda0fb07de4fd7f0ca97c4053aa64f52
b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
bcf4f4c0152f73f117d2e7861b22f73fff744a57c01e0fd7607503a45ef27b00
caa89ad4bbad481fe45c6a674a448904f714cd50e550381ca094911b7babffe8
d078788c657326548c98a96a23a2002680a6f8a0a1cacf0e79da0f9b67a28300
d1acedc88718f974a211792a222d6f0d5a59d90beebc059c82b4f4e6ebececc9
d2446d04afcee25e8613c271f3a60cde872e9cebe77825f50659d801e1c990b0
dfd0bc96d6de143b36d246165eeb03275b40e9c5ade2cf6c2c36f82554b76621
e2977d79edf3781663a74d298a1f79263a437ceaa392691a1c58a0dc92737463
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e0b52daf795c0ca6a82a9b0d57d88133005c47cac9b67e14f9d8b503c235fa
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

mxmerchant.flightattendantmusings.com Open in urlscan Pro 89.208.103.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

38 %IPv6

10 Domains

17 Subdomains

14 IPs

2 Countries

1349 kBTransfer

2890 kBSize

5 Cookies

6 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mxmerchant.flightattendantmusings.com Open in urlscan Pro
89.208.103.174 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

17
Subdomains

14
IPs

2
Countries

1349 kB
Transfer

2890 kB
Size

5
Cookies

54 HTTP transactions
1 data transactions