xlek.com Open in urlscan Pro
2606:4700:20::681a:4aa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xlek.com/find/maxine-nielsen.130022915.html
Submission: On March 17 via manual (March 17th 2022, 4:34:52 am UTC) from IN — Scanned from DE

Summary HTTP 62 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 62 HTTP transactions. The main IP is 2606:4700:20::681a:4aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is xlek.com. The Cisco Umbrella rank of the primary domain is 125138.
TLS certificate: Issued by E1 on March 1st 2022. Valid for: 3 months.

This is the only time xlek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:20:... 2606:4700:20::681a:4aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.119.176 13.32.119.176	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700:20:... 2606:4700:20::681a:723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.88.112.125 35.88.112.125	16509 (AMAZON-02) (AMAZON-02)
62	12

39 2606:4700:20::681a:4aa (United States)

ASN13335 (CLOUDFLARENET, US)

xlek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.119.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-176.fra60.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

gvl.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:723 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-35-88-112-125.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.88.112.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-88-112-125.us-west-2.compute.amazonaws.com

v4-api-35-88-112-125.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	xlek.com xlek.com — Cisco Umbrella Rank: 125138	218 KB
5	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 7742 ezodn.com — Cisco Umbrella Rank: 7515 g.ezodn.com — Cisco Umbrella Rank: 57407 gvl.ezodn.com — Cisco Umbrella Rank: 77921	269 KB
4	b2c.com 1 redirects api-35-88-112-125.b2c.com v4-api-35-88-112-125.b2c.com	7 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	151 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	51 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490	11 KB
1	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 7566	933 B
0	Failed function sub() { [native code] }. Failed
62	10

	Domain	Requested by
39	xlek.com	xlek.com
4	fonts.gstatic.com	fonts.googleapis.com
3	api-35-88-112-125.b2c.com	1 redirects xlek.com
3	c.amazon-adsystem.com	xlek.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	xlek.com securepubads.g.doubleclick.net
2	gvl.ezodn.com	g.ezodn.com
2	fonts.googleapis.com	xlek.com
1	v4-api-35-88-112-125.b2c.com
1	cdn.id5-sync.com	xlek.com
1	g.ezodn.com	xlek.com
1	api.fouanalytics.com	xlek.com
1	ezodn.com	xlek.com
1	go.ezodn.com	xlek.com
0	Failed	xlek.com
62	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
*.xlek.com E1	`2022-03-01` - `2022-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xlek.com/find/maxine-nielsen.130022915.html
Frame ID: D12C5F9A4E64B964069AF9E08D46F874
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maxine Nielsen Public Data

Page Statistics

62
Requests

97 %
HTTPS

64 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

839 kB
Transfer

2594 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A//xlek.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Searching%20for%20free%20public%20data%20at%20http%3A//xlek.com/

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A//xlek.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://api-35-88-112-125.b2c.com/api/x?QNem3HzQDMxdXMqp$dXJsJDAkaHR0cHM6Ly94bGVrLmNvbS9maW5kL21heGluZS1uaWVsc2VuLjEzMDAyMjkxNS5odG1sIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkZXZpY2VNZW1vcnkkMSQ4IiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ0IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkTGludXggeDg2XzY0IiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3IiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJuYXZpZ2F0b3ItaGFzaCQ0JDI0YTExMDUyIiwibmF2aWdhdG9yLXRpbWUkNCQzIiwic2VuZEJlYWNvbiQ0JDEiLCJmb250cmVuZGVyJDgkMSIsInRpbWUkOCQxNjQ3NDkxNjg4MjI4IiwidGltZXpvbmUkOCQwIiwicGx1Z2lucy10aW1lJDgkMCIsInBsdWdpbnMkOCRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkOSQxMS4yIiwibWVtLXVzZWRKU0hlYXBTaXplJDkkMTAiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDkkMzc2MCIsInRpbWUtZmV0Y2hTdGFydCQ5JDEiLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDkkMSIsInRpbWUtZG9tYWluTG9va3VwRW5kJDkkMTAiLCJ0aW1lLWNvbm5lY3RTdGFydCQ5JDEwIiwidGltZS1jb25uZWN0RW5kJDkkNDYiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQ5JDIzIiwidGltZS1yZXF1ZXN0U3RhcnQkOSQ0NiIsInRpbWUtcmVzcG9uc2VTdGFydCQ5JDM4MDUiLCJ0aW1lLXJlc3BvbnNlRW5kJDkkMzgxOSIsInRpbWUtZG9tTG9hZGluZyQ5JDM4MDkiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDkkNDAwOCIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkOSQ0MDA4IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkOSQ0MDA5IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDkkMCIsIm5hdmlnYXRpb24tdHlwZSQ5JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDE3JDEuMyIsImdsb2JhbHMkMTgkNGYxZTNkMmMiLCJkb2N1bWVudC10aW1lJDI2JDIuNCIsImRvY3VtZW50JDI3JDkwMmQwYmMzIiwiY29ubmVjdGlvbiQyNyQiLCJkb3dubGlua01heCQyNyQiLCJnZXRVc2VyTWVkaWEkMjckMiIsInBhZ2UtZnJhbWUtY291bnQkMjgkMSIsInBhZ2UtZnJhbWUtbGlzdCQyOCQweDAjIiwicGFnZS1oYXNoLXRpbWUkMzIkNC40IiwicGFnZS1oYXNoJDMyJDdhZjhlNDZmIiwiZm9udCQ1NCQxMDAwMDAwIiwic3R5bGUtaGFzaCQ1NCQzNGQ3NmEzMiIsInN0eWxlLXRpbWUkNTQkMC43IiwiYXVkaW8tY29kZWMkNTUkMjIyMTIiLCJ2aWRlby1jb2RlYyQ1NSQyMjIwMDAiLCJjbG9jayQ3MiQ1OTI5Iiwic29ydCQ4MiQxMC40Iiwic3RhY2skODMkMTM5ODIiLCJzdGFjay1lcnJvciQ4MyRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkODMkMS4xIiwid2ViZ2wkOTIkMSIsIndlYmdsMiQ5MiQxIiwid2ViZ2wtdmVuZG9yJDkyJEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ5MiRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDkyJGM1MzgyMGZlIiwid2ViZ2wtdGltZSQ5MiQ5IiwiYmF0dGVyeSQxMTkkMSAxIDAgSW5maW5pdHkiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDExOSRwcm9tcHQiLCJhdWRpb2NvbnRleHQkMTM0JGY3ZTcxMmQ5IiwiYXVkaW9jb250ZXh0LXRpbWUkMTM0JDY2LjQiLCJpbnRlcnNlY3Rpb24tc2l6ZSQxMzUkMTYwMHgxMjAwIiwiaW50ZXJzZWN0aW9uJDEzNSQ4IiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDE0MiRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxNDIkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDE0MiRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxNDIkcHJvbXB0IiwiYWRibG9jayQxNjIkMCIsImZyYW1lcmF0ZSQxNjgkMzA~ HTTP 302
https://v4-api-35-88-112-125.b2c.com:444/api/4?QNem3HzQDMxdXMqp

62 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request maxine-nielsen.130022915.html Show response
xlek.com/find/ 261 KB
61 KB 3804ms
3759ms Document
text/html 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99254bcd79b94c0e6a276271ab4670d1f071675ecd4672d6bcd789a0b758b874

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Wed, 16 Mar 2022 04:34:47 GMT
pagespeed: off
pragma: no-cache
response: 200
vary: Accept-Encoding User-Agent,Accept-Encoding
x-ez-minify-html: 53.19% 202195 / 431932
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-sol: pub_site
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xPDPAXJKzF6ETEjjTEgvBU4oF8w8EukWVJEgOkP5MVAY29ttdOvlFTvCLskOKWOTZjIG2O0P9OU72aOV2tEYpVaDS80f4j5gjB3S9DThRcUiqL7r8eyjDvFR3fYfz%2FDOvFi4LCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ed3049149a690ec-FRA
content-encoding: gzip

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 168ms
54ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

113e77e4e7763582965aebeb7f66945f0a7af85429d5bebe831ee7dfa03d3750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27831
x-xss-protection: 0
server: sffe
etag: "1160 / 603 of 1000 / last-modified: 1647468510"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 04:34:47 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 390 KB
114 KB 109ms
68ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=33across,adyoulike,amx,appnexus,criteo,ix,oftmedia,onetag,pubmatic,rubicon,sharethrough,sovrn,yieldmo&cb=195-1-35
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c23bee811bc3f0c53a335f2f7fac8c2e80262bbfa9804fda1e49eabadccbc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 04:34:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89RPfhDHVnWuisugf1zsLoaMjCMX%2B6JiDCTcJ7FbJLO7ifNJYHZbhU5kasUjiUyVBEer24XDzq615FT4qmQWCxAvqmCRceXVfTJ1zHyww6cSSoSfZNyks%2F6D3Xh1PpYaXSvycpPSIJqy63s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304a91ad59be8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 47ms
9ms Script
application/javascript 13.32.119.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-176.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 791
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0S8TYEQ1AXKPJ9Y3MZGA
date: Thu, 17 Mar 2022 04:21:36 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0tHXdGZpkhtDS6m7lcK5A8jNfh-ldswP0fYjRNOc6VRiaew6_Koe0g==

GET
H2 200 bootstrap.css
xlek.com/find/css/ 38 KB
8 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/css/bootstrap.css?ff=1&wps=true&ez_used_css_s=13
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fc681a68632cf9284ab1e985419c8eda8963cb22c47acef2f9c0d229e2f300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 161287
x-ezoic-cdn: Hit ds;mm;90d7632769e0b0db1b5cd24e2351db42;2-127801-3;61ac583b-76aa-450a-5a0d-c1dbd714adf4
x-middleton-display: staticcontent_sol, orig_site_sol
x-ez-minify-css: 1.25% 38403 / 38890
response: 200
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQVRNQeMVWcVjZvH9Y6IOayO8yAjLs%2BTCoRhgczgGuqjIk7JzWTuK1D8YOn0B9ck95iPH2pHpvI8uR1Ih89WAFxc1%2Bt4Ih65xW0Iok0HsQQUxqRSJa%2BOU08YIFbl7n6XdvyM0v4F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=31536000
cf-ray: 6ed304a8de7590ec-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.css
xlek.com/find/css/ 16 KB
4 KB 67ms
66ms Stylesheet
text/css 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5b727d2d366cbe68c882abfbd28a0e2f359be56625d7684bdb25030a8fef74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: MISS
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;a0ca7816a59f7726a2d90c5f6a424202;2-127801-3;78a740dd-d786-4ac5-74cb-713ddc9e7e52
x-middleton-display: staticcontent_sol, orig_site_sol
x-ez-minify-css: 4.24% 16831 / 17576
response: 200
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BXR9uvT7UyXM6LHQlSFKLvQ0EPB3vycdy%2Fuz2zTiFCbcbv4FYx8wGyCy5yzzfU2amSGmDRH2YId8fmcLsuf9twD9eUF7XDTKJYV%2B66I96%2BXmkF6PUkmUeTOaFqxIrIqBsXZVUy0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=31536000
cf-ray: 6ed304a8de7690ec-FRA

GET
H2 200 responsive.css
xlek.com/find/css/ 3 KB
1 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/css/responsive.css?ez_used_css_s=13
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd3ea01b70075c018ebb7d530639fd9bd1c8354b4f129d4029fcba603998e70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 306443
x-ezoic-cdn: Hit ds;ms;40d0f87d527b301d2036750eae1b4de8;2-127801-3;4aef08aa-121f-44f3-61ae-4a137660c70f
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
content-length: 966
response: 200
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ez-minify-css: 3.66% 3372 / 3500
content-type: text/css
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHoVQZ0B9wGIr5yTDDQ%2FuprUILBJYR7S9bS1CHIV2vv7UMbOfJlHeq2uGxBlX5NMBfXIZMIZ%2Bk01TLe%2FreZ8mY4n1NpNtL54LCKsW4k3h7j0TZ7jx2j4xN%2BDH3D17%2BgrLL2glVln"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed304a8de7890ec-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 dd.css
xlek.com/find/css/ 5 KB
2 KB 56ms
55ms Stylesheet
text/css 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/css/dd.css?ez_used_css_s=13
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb6e1bc48145a037cae7c4c727a5c2a8a166c607528425840d746f598cb6e0bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: MISS
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;5aff175a9822b7fec10c9e1fa91241ae;2-127801-3;43412e9c-dc8e-4a33-6afe-322cb5f7ce5d
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
content-length: 1168
response: 200
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ez-minify-css: 2.50% 4638 / 4757
content-type: text/css
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kzs%2Bc1xjt8LOXFMFupJYGgYT5SsTZ1ypubST6Ru4CE0hNOu97KcLrL4lJvJrbTnob6keyjO28bYReIPHOttrXU%2FxOfXIe8RZ3QAjj1adU0jLOl0Nz0eyAbj4TD8noDUaMnSuTQYO"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed304a8de7990ec-FRA

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 142ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic|Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic&display=swap

Requested by

Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fef2106dee3db265de395931861184533189056b645ad1bec8cccfa9d247be27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 04:34:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 04:34:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 04:34:47 GMT

GET void(0)
/ 0
0

GET
H2 200 style_.css
xlek.com/find/css/ 932 B
756 B 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/css/style_.css?ez_used_css_s=13
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d27e51250823d7f1a6019ea2f2a007dedf4a1d523fcfc55a3db5adf524378a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 306421
x-ezoic-cdn: Hit ds;ms;e180c3694e41a867440b52969a5bf276;2-127801-3;76616585-60f7-4f3d-5544-f240536b7b42
x-middleton-display: staticcontent_sol, orig_site_sol
x-ez-minify-css: 1.79% 932 / 949
response: 200
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGgK68Qqty0Qz4L1ulG4ZHV%2BcXDnz6yKU5Z9R6FhS4FOWKmcYa5B7AtnU0JlWBoqJ5%2Fg51FVNuOV9NHoMv6nqEB%2B5kEE7aLbzG9QtqEVR8T9l78%2B4Xigq6XZRaoT8djqVRaYxVpA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=31536000
cf-ray: 6ed304a8de7b90ec-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 404 close.png
xlek.com/find/images/ 1 KB
1 KB 804ms
804ms Image
text/html 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/close.png?ezimgfmt=ng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fa369e0d631a868888c6a8153d0efcd9e26e393f6178d84e8a1e6e8a8fad2ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 404
pagespeed: off
response: 404
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vREtNwFL572tz525FPrf6xYRRXxWutHbMbznIPXOrpFaSGb6NOl9U%2BQKIjdiKZ1b4CQpehcsNWx3rxReoRyeQ0PrWjrfo0FU2DGt43Tc6jS9C%2FbCN9c99CXOGNg2At2gqnxl15R"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6ed304a94ed590ec-FRA
x-ez-minify-html: 19.25% 1372 / 1699
expires: Wed, 16 Mar 2022 04:34:48 GMT

GET
H2 200 consentsettings.js Show response
ezodn.com/detroitchicago/ 1 KB
1 KB 49ms
16ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/detroitchicago/consentsettings.js?cb=2
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1778761
cf-ray: 6ed304a909725c9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 24 Feb 2022 06:27:18 GMT
server: cloudflare
etag: W/"5be-5d8bdac8c6203;5d8bdac8c6203-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnBJdEPMGgMpAy22INt3vXJssUc0h7qB%2B3lKTJmKtdVn1bQZ7LHxPvnoSzlnk89kCobVM1Q3VYyHcKrh7fDQZCu4JSgLi74PlHKDPA5TzT1autDDYBdrqlPcB5jy3JSJ60Y6prqd4t4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 email-decode.min.js Show response
xlek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xlek.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 18:25:01 GMT
server: cloudflare
etag: W/"622f887d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49jAEn3Y6QuJ%2FEx68TvbSheT%2BwFkGQoL%2B2jNFUD0CGqJSkxWfN5igurS6W1y41WpHe9VqR9%2B7apW6FIjB%2Fb%2FQPI4YCeHXEkRzH%2BmTaxvENRSEo7iTFLR0lvKX0PHuj4lmUs4rGdb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304a8de7c90ec-FRA
vary: Accept-Encoding
expires: Sat, 19 Mar 2022 04:34:47 GMT

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 480 B
933 B 242ms
197ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34214992174f6f2bfc2ef47aedc8d4fece2da0c1d91ae0008cdbd98e10ce2d21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i69SvDI7FCf1mgNvP2OpqMW59ndFXpoauFFqIJpLueA2LG2jxlIfLaVg0D8vlQWcgJ1W0hUWJMh%2FC5dX0YBv1UbKVnJHaULbwz6EvgYp8Y4hKESElX8WKZMGkbNAyREVAq0EF20CMSWQWsKtIMBOADrWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6ed304a98a099125-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 ezcl.webp Show response
xlek.com/utilcave_com/inc/ 1 KB
1 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
cf-cache-status: BYPASS
x-sol: middleton
server: cloudflare
display: staticcontent_sol
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9l8KJ5kyTR4JoeMF0u78KFevJ547546arS%2B3eUltQgXsRztJDWUM1Ph%2BoqcDXzeg218i%2FaYP6I8xqRE%2BE36eKH5Lph7e9NzLmJ6StVqI7ZT4FfLy%2BdYuaIhq8W5I9LG7F7uEz6fH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ez-minify-js: 0.00% 1337 / 1337
cf-ray: 6ed304a94ed690ec-FRA

GET
H2 200 banger.js Show response
xlek.com/porpoiseant/ 53 KB
13 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/porpoiseant/banger.js?cb=195-1&bv=107&v=57&PageSpeed=off
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d98d04b3f2f972cf4fe2b7897c9c4f6e48131ef3108703f89577921b76ea94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 06:10:00 GMT
server: cloudflare
age: 80687
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0afaaqwsE369gfHx62Qn20xctdDG4I2G1eqSRvFLOfFCUAzWff6Y31z5kj%2B%2FkG%2FNwy%2FlX0wveFEkiMueWaLWv%2Fh%2FE7DQK89yg4GqtoXLv0FLRQ1Jz0ejj%2FH6XPbE5P5VEYuWo%2Blz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304a94ed790ec-FRA
x-robots-tag: noindex

GET
H2 200 cmbv2.js Show response
xlek.com/detroitchicago/ 87 KB
26 KB 78ms
77ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59&abt=PositionCalculator
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cfd3eed6feab5a927df9533248e1baae746ee17f564660e4c77db77a54398b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 04:34:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJpVceoPx6%2Bp1WXgTulB1jK120HWK2K1KyVTHxepcESsoWP6HquOij2FKdAwDr8EIMfhDRLi%2B9%2FLbYYa5nggztohHxmAMmrL8bfqPgFUlo5mxN1pkD323c6UPJuo2xMzqLNnvvuV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304a94edb90ec-FRA
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cace8714fa44cc4cdd56f7185aa4c82e1a9441a9566c9855e20c92642d4c93b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2be53b764c2cfeaafaa418a135b951d0e9e591616ef98ad5e951c1ecc10ddd5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b630690e9e29d308078a2679fe5ad3b739a9b1dd376977eb6a5b1ee7abf92f49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7e76196a8279dd7e4856ca2eae16cec6feefc6a1aff8575f811f81760fc82d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 header-bg.jpg
xlek.com/find/images/ 72 B
814 B 20ms
20ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/header-bg.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8e600954354fa0c9ba4a3fdcb08c66e21122afd5a1fd9012b547449e468a045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1451054
x-amzn-requestid: 6a0f6e61-e234-4920-a922-2d4ba6e425b6
x-ezoic-cdn: Hit ds;ms;a123ecc48bfdb2cd7e751b5f77751971;2-127801-3;2c230f57-cbca-4959-6fef-6b911340be04
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa5469-0fae958a3e320bed56834209;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M6IgkEedIAMF2ng=
content-length: 72
x-amz-cf-id: hgGm__Rw6mT8Ea3tRwH_JpC3r58wWximTftWc1X11R23klOqENTMXw==
response: 200
last-modified: Mon, 28 Feb 2022 09:30:33 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtRa7u6AI4Z53DXs%2BDN2sb7BOJPCYtS1Wy3JLrWhAydwaYLZvEEsRJSyHoOWjtwYNWlZJPkL8JI1sNkU1wsDa039RHCxaIArIRMQREeMVAiAwdNhheDo9efZDHU4c3spggrVHgRl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304a95ef090ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 search_bg.jpg
xlek.com/find/images/ 352 B
1 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/search_bg.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8806f6f794a6720cb646e06509852a034c7b93784e619609a0c4c6264f584506

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1342005
x-amzn-requestid: b0bd7000-7595-4fb5-bed6-4346e606f7ab
x-ezoic-cdn: Hit ds;mm;94fd48a704e46e0fdb3eb99758e4f904;2-127801-3;6c4a55be-db35-4e8f-5d77-321988b665e6
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa8a96-784122f370fcf13e1d3ee030;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M6qXmH_gIAMFz9w=
content-length: 352
x-amz-cf-id: MpMRFIBHBeTgtGsS_tgOXNOLLYkZwUU81ZtzUJH6X2os_rLyd8FEww==
response: 200
last-modified: Tue, 01 Mar 2022 15:48:02 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFP4EnXPuQV2eu%2FDTfHTsaD4AjrrwwiEg%2F2xD5qXOlnxItnqC2izw62f516n4qPpituim%2BvcKAZ287IWRXLpHcKntYyuP4tJysIno7mp%2BpQZry%2BJH1zGP%2FQLqmQyAUPLw4VlaQbr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a95ef190ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 user.png
xlek.com/find/images/ 168 B
950 B 23ms
22ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/user.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1d39aa2e92f266ddd2698e5829f4a0ffae93307fc80ebeaa4f176ae918273d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4391420
x-amzn-requestid: ac47984b-fff9-4bb0-a399-38db5be75110
x-ezoic-cdn: Hit ds;mm;219c9fc34fa9368dcc72787c6a9afda3;2-127801-3;6433a8ef-0405-44b7-673f-f21a9190a579
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61d2f9d8-42470af5583fc0eb3003e75b;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: LXv5yE8eoAMFULQ=
content-length: 168
x-amz-cf-id: wYS30Am3C-7MD5tW-Rjl_SfOMJwDunYaH1jSn4ZO_UQ8PaOKxJlhhg==
response: 200
last-modified: Tue, 25 Jan 2022 08:44:27 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BlDo9Q4KEyEYm5yVA3o6zhk4IvxpiQT6P%2BBgcFUyhEcrSTUZeKKMvO3UKWC3ljOv24s9GRdWUstca%2Bi3LeHBtWfohzulvi2YiHZuDSVcxVrcqve1vD%2FUpWlcCw%2B7dvWV7MrsPFv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304a95ef390ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 button-bg.png
xlek.com/find/images/ 58 B
817 B 23ms
22ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/button-bg.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc736d8153f84bf22e2b6e4c6bdcc8468bf7a1459e1a4d52ca978f098d098d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1457211
x-amzn-requestid: a565e206-f451-436b-a1e8-1663c28d9f0a
x-ezoic-cdn: Hit ds;ms;87ad49c4b99bdc258cdfae2cced2a9b5;2-127801-3;98df797c-0e0d-45a7-4090-9ca5df5891e2
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa4463-05422cf1440d2efc1e077be7;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M5-flHHSIAMFz3Q=
content-length: 58
x-amz-cf-id: qp9siB99Gnn8SQBzX58gMEjBOf32z-wcoW9LMtAsYsreQTEj0H3KBQ==
response: 200
last-modified: Mon, 28 Feb 2022 07:47:56 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkcYCMwUWQEWwDC5rFBoWVs7Th5ao%2BstokDkwpi1vpEefh0XVyWab%2BT7tJYrvRp8BqNu%2BFGiIAp0NpDrlTxyEi%2FI%2Bp1QtfjVrqJ7gy9tnClhMwcGPKa6qJhCFCVj2JlYnvIEzSu4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6ed304a95ef590ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 Klavika-Bold.otf
xlek.com/find/fonts/Klavika-Bold/ 69 KB
42 KB 20ms
20ms Font
font/otf 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/fonts/Klavika-Bold/Klavika-Bold.otf
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76dfac817aab244ccc97b6707dd5cfe4e0eabdd2899ba14d3b9a4b774ea1cb12

Request headers

Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 830676
x-ezoic-cdn: Hit ds;ms;7de4e7792e53b9b471110a90219591aa;2-127801-3;c89e16ec-3384-470d-5e3c-5df5f8e34f33
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Fri, 04 Mar 2022 01:55:03 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/otf
access-control-allow-origin: https://xlek.com
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRPkEKe5eJ2k85EoxpGXbJKufbuBW3LMW2UoM2JFEeZkPGKoQ6OiIMcwCEjvCFSTr8CRssFe%2FQBA7xFYupD0tflSpdwA3VGL29bcfwsCKW%2F422jI2%2BiLXq0tbxsPbptMw%2BN8Jt5X"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ed304a95ef690ec-FRA
display: staticcontent_sol

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd3e5220e9eda0e6982e9b3e3c1c3168e9c26e43a3b6662ace2f03dde6e217d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 button-bg-hr.png
xlek.com/find/images/ 94 B
911 B 23ms
23ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/button-bg-hr.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6fe6f66a91d0d7b713236d124c92825f0e180ba996e92790d20d7defec4998f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1414118
x-amzn-requestid: 15fa3cb0-99ff-479d-9adb-2c906413334c
x-ezoic-cdn: Hit ds;ms;efa71b8cc3e6dc4007ba05ac40f7abb8;2-127801-3;9b79ff28-0510-43b3-7227-f8c8437c6eaf
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa4463-4c2ad5546f2cda9907706a36;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M5-fmG_GIAMFQZQ=
content-length: 94
x-amz-cf-id: OReQlJQ255gQW8QcwUBj1Xm_Azb5Pr5eixfsMkRZ_o4x1aiveII4lg==
response: 200
last-modified: Mon, 28 Feb 2022 19:46:09 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Coo1a1q4EewxbX1UZud2x0V8CSo9%2FKGKcMjW0pJPF%2FuEHZ%2F0VyxLhxNd7GCgr5ybel69s6vVxQQRScq1X8jFEUNnJAUIbghN8d88%2Bdv2cxgub7dbEf%2BVdrEVRk2SOiCTNliHeiS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304a98f1e90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 location-icon.png
xlek.com/find/images/ 222 B
1 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/location-icon.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94aa52ecd64e35429d7dab23af4484e3c7185d1a3122d96f8076e4d337323e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1331954
x-amzn-requestid: f9453419-902f-4542-9cfc-c7c01aaa9fcb
x-ezoic-cdn: Hit ds;ms;2db063bb26fa7ca87702c8d5a6939c36;2-127801-3;0a6722c8-f6e8-44e4-4895-cc60e51ccb3c
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa5c04-299542a262fd564a655473ad;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M6NQsEBFoAMFZKA=
content-length: 222
x-amz-cf-id: ULnpw0ZpRav1uFGA2CaY1tEL6EeBMDbQnXjtijbz-EbnVyZTzzTL7A==
response: 200
last-modified: Tue, 01 Mar 2022 18:35:33 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oub%2B1cQ124N%2F2IDbh3E3c3fZIuxC7ie4t28GrQJxWVO5%2BO6zsEEdjHkffT%2FIV69kvl%2BbNKkve%2BQKOFC2JJuhzIEsqAlgEjId8UEr1FY%2BfWRp43G4OPn98uObufcl9FcBrovFxh2H"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a99f1f90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 phone-icon.png
xlek.com/find/images/ 324 B
916 B 23ms
23ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/phone-icon.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2ad5bb255c64bb43d8408366423f87ed076d921166f4a690f21fb7cd400e95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161287
x-amzn-requestid: b66ebced-2245-418b-87fa-571f81628596
x-ezoic-cdn: Hit ds;mm;7bfed6d61d8c9ea81e8825bbbf078e17;2-127801-3;aa4100cf-1470-44b2-7112-7d0942eeca6b
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6222347e-782ef6907374c1705f780e10;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: Od0jyGOIIAMFtQQ=
content-length: 324
x-amz-cf-id: DhC3SpsgLPYISo3KyC5m-tICRCuQJxJ61TqyoBjWpFyj8CmeoDDaAA==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:40 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDGdlqx7M66EiIliRfVJVMEq3nUhIbbZaoEJnET%2FN8F6XHzb%2B%2B%2BeTJ9GKsWKfpBHgWDMw%2BHuaaTe1hPIjNFrpl1o%2BRhaSNt4Bsh%2FvhDu39Cpspw%2BMjsibxu1sc2te8Udsq33Jz7b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304a99f2090ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 possible-relatives.png
xlek.com/find/images/ 246 B
882 B 26ms
25ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/possible-relatives.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717ab304772ef159996a78650641af71e88bf51600539fdefe6f00f13cf829d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161286
x-amzn-requestid: 61747dc6-1ef3-4331-a612-295ae7e10260
x-ezoic-cdn: Hit ds;ms;86ed5297405e53a87d6d19dd57c87c3d;2-127801-3;c1014b75-acc8-4b0e-74cc-678028b21760
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92c-56bfe8f767e63a8b5ea5cf82;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFe8FZuoAMFh2Q=
content-length: 246
x-amz-cf-id: QIkyIDR4DJZgFaLnS--j_CURS4AXQh5JCLkjEyrRb46sBUkjoYQ8zg==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:41 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfoSN%2BIriURquOoGKS6u14x9Uc9ohSGcnTzD1yPOU%2FWdas2BRnbn2vWl9ud3WnYRJ69XrMWlRrooBWQ0Ds03%2BjMl1oWTxzWkD4yA1yDhF16DtlV3HL9BbU8nQkuIuTrFVRQqfaJy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a99f2190ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 prev-location.png
xlek.com/find/images/ 170 B
918 B 22ms
21ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/prev-location.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a50707d65d886a2e8b7f4c9327c9a7477cd98ffa7f85da587ea3c536356715a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1288455
x-amzn-requestid: c0be2663-d0ca-42d2-ba61-094eb8475d86
x-ezoic-cdn: Hit ds;ms;b85bb962c4d5019af5e1ef1a044ee8b7;2-127801-3;d524e4cd-51ac-4147-43a8-ebcb8074e954
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fa4464-69a8ab4b08dc80541bc78350;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M5-frFvAIAMFpFQ=
content-length: 170
x-amz-cf-id: nabHlsxawwImUTfQnSU3yVtKVtxl5NZayKGlzYvkyxEMdhqeTuWNrA==
response: 200
last-modified: Wed, 02 Mar 2022 06:40:32 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZUSHyi9jMgeDg7EDMZDRqqBHQandYqB7kV1gLKme2W67csucVUB%2B%2FLkGjY56JEg9AnUq4yj20%2FDk0WCo1FWFfjE7Bli%2F3ZpmbiwNu2c94CxVBgyZ7l00jC3NSxi6pA58lHNgBSZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 6ed304a99f2290ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 otherph-icon.png
xlek.com/find/images/ 224 B
1 KB 24ms
24ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/otherph-icon.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8da7da4ab1cf046ec128c76f5d30b6c6445eb41adf91de1160ad5b8adc98c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1288455
x-amzn-requestid: 4dec01b1-2a66-4d57-9f5f-797e927bc54b
x-ezoic-cdn: Hit ds;ms;93dc7c239d5284d6547ee771817d62c0;2-127801-3;978a44d9-cdd0-4084-5490-b63548abbfb9
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61f9b707-0e1367ff5d5373f004cbea20;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: M4mJJEHPoAMFoFA=
content-length: 224
x-amz-cf-id: ykXCEt3tPuUtxzCdCq791ai6fetbMLpwYRt4QaEPvChlpoZDZ7asng==
response: 200
last-modified: Wed, 02 Mar 2022 06:40:32 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWZVA4fuwx2yZB0OixAgTAc3RSXcVy9bw9WBlv7c9pxbF53B5FHWFRzO2LMztvfTOjlVwput2Sk2D4DjUFH4Q%2FJEMRyVc%2F%2BnfuQIwuDml4glaZ%2BvmZMo6%2F6PEgckrgYhBXjy4M9h"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a99f2390ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 email-icon.png
xlek.com/find/images/ 178 B
768 B 25ms
24ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/email-icon.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb2742f1a9cb7b6fb7d406f49a999a8456c7da5b00a8a181632d17b0888ff9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161286
x-amzn-requestid: 41879bde-fdac-48e0-9d98-0e929f94dbd6
x-ezoic-cdn: Hit ds;ms;5da2c0976fed39268b0e18bf9776bf2d;2-127801-3;0ba7dbfe-d3aa-4f18-72c4-deb75c6be0d0
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92c-4476dcae5a1659ab3ab22858;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFe7H62oAMFj8w=
content-length: 178
x-amz-cf-id: 1VmMdnBpGCwCBmn6CRjVhAjQuHDw94j6mTlZ6AgIVQJIR1ht6i9_ow==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:41 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsvdP9kW18xB92QeLOPna%2BSu8rMOkAgtPsM3Qc1OaurJhPmVkQ5TV5PfrjEvJmtmVMnF6PSwRqbhfepRlytF%2FXkKagSlWNxl3BRs7x7mV9P7CN%2Bz%2BbgYIwMfBVpstQQffvZ%2FPu20"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a99f2690ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 glyphicons-halflings-regular.woff2
xlek.com/find/fonts/ 18 KB
18 KB 23ms
23ms Font
font/woff2 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/find/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/bootstrap.css?ff=1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://xlek.com/find/css/bootstrap.css?ff=1&wps=true&ez_used_css_s=13
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4391413
x-ezoic-cdn: Hit ds;mm;30a45db5e874858407c3e97454a822f4;2-127801-3;c50fbc3e-653d-4b3c-47d4-e76cbb9c1ce3
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Tue, 25 Jan 2022 05:15:28 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://xlek.com
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9CVUbNHpgHacQuW1kAttF6eh5yXt8m7Lb%2BnbHEJB1RMdzl5gZIpkeP%2BsQ87I8c4mnP8ZpY%2BCZF6UWKVtgcbyI8Tgd7S9K8Y5joSEd%2BqUadDmiQg2udCtw8z6S1vaWMyo8pvHMIg"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ed304a99f2590ec-FRA
display: staticcontent_sol

GET
H2 200 otheremail.png
xlek.com/find/images/ 156 B
721 B 31ms
31ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/otheremail.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d050495ac5f6a0de1ec7e96e42ece42f99033500eecc12e622adb143c4a76a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588760
x-amzn-requestid: a9babfd9-7270-4fb7-850d-b1612d3039c3
x-ezoic-cdn: Hit ds;mm;a18ad107503f4905a2aae2b4f1d86062;2-127801-3;fbc8e1a2-38e1-42d6-6031-d4ca09d77fde
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92b-4e6b55bb10a59b3007f3a132;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFe5F-pIAMF81Q=
content-length: 156
x-amz-cf-id: LuPqg0t-GXF22re61K-6hjEXd1ELm-y__oT4GIrCFfoArI3Ge9S7Ug==
response: 200
last-modified: Thu, 10 Mar 2022 09:02:07 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20VWRYWOiNuPNQYCiG1HEW2l90Toblr3yWAJlW3STx0FIsV334zIMCDl3Z6a85klNuxkoEjkM%2BNvRUGytyjTxvQIFrWAscsu7XihYRVGuMTFEnkfRAUx%2FtmaWj2SvWzZIVUvi%2B%2BO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a9af3590ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31393a868b5890a026cbbdc595e6d130bf38b9cd9dffab4abf33324c0465cd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0250edaa156ff31c0ae0bc7c957d513d2025d934c95902c1aa45872e63c9cdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a6cd594a0f02bc06367345f3a70a28bbeed0f3011d77facf071846082535817

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 business-icon.png
xlek.com/find/images/ 186 B
830 B 20ms
19ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/business-icon.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c769ff0e8757904ea0e407dc63f3b67f57744862b29411e69cdf8193dc7c60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style.css?ff=1&v=1.1&wps=true&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 610364
x-amzn-requestid: 351b26cc-f764-409b-bffb-1f87243bb7b2
x-ezoic-cdn: Hit ds;ms;d2adfbc4588e6be521df74f68b231edf;2-127801-3;d879f6b5-a824-4ff3-5142-c9f114f353a3
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221c722-3c697172349287020d84546f;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OcwNbFsMIAMFkaw=
content-length: 186
x-amz-cf-id: hMsz9aMtcTeomp9mGKfJBYjj9QVA0MguszsXYcjb82ufa4hGlB7_Rg==
response: 200
last-modified: Thu, 10 Mar 2022 03:02:03 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzgxNvqPTF9ipz%2BwqvuUca4WDx5SyOFhB8q2G%2FM0B2cxPNH0YYt6V%2BZZ1APcOjfOq13tx8ZvOSG8Ask6IRXL9UKxQQqg3E2YhdibGeJWldjwlfY%2BlMIHW3OZMfSeE%2BTzjwR3tEAD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304a9bf4490ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 cd-top-arrow.svg
xlek.com/find/images/ 555 B
990 B 19ms
19ms Image
image/svg+xml 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/cd-top-arrow.svg
Requested by: Host: xlek.com
URL: https://xlek.com/find/css/style_.css?ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/css/style_.css?ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1400995
x-ezoic-cdn: Hit ds;ms;1858644f8f7021aede9fe063d613075b;2-127801-3;cb13c9a5-c732-460b-412e-8991493cbb5e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
response: 200
last-modified: Mon, 28 Feb 2022 22:45:33 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCoS4H1jJLOr241yWNws%2BEfsV2RoDgXKCeh5xmFk%2FA4EMx3WUiw0ItHFtU%2FTEz5pzTwooEVpB5%2FdAhizDbMGHFU5qL2u8A%2FeekPwCSVCSlXmgUahU1YryRj%2B5H0NfLVjWyhoEycY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6ed304a9bf4c90ec-FRA
display: staticcontent_sol

GET
H2 200 houston.js Show response
xlek.com/detroitchicago/ 4 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/detroitchicago/houston.js?gcb=1&cb=16
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:47 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3267321
x-middleton-display: sol-js
content-length: 1459
x-robots-tag: noindex
last-modified: Mon, 07 Feb 2022 08:59:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VI4%2BBifs8VKonTJqHUxZzIWQKdJNMSyefemDYYV9k3FqScX2QJFpNQHnIuH8SWAHoGmn0Moh5DHq%2BcimjrWc78W9phtstwj8phDTVdBYB7p6jH7rdjncCj8NOs2bu%2FNQdXhuuEh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ed304a9df6990ec-FRA

GET
H2 200 cmp.js Show response
g.ezodn.com/cmp/v2/ 399 KB
108 KB 36ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7360356b5ade646c718574599e78e4216c1e0979278ea730bd0b5ab9d3032f9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 07:54:18 GMT
server: cloudflare
age: 532076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YryRD34mMAGvNWZYasFBmGEmhIuhQNHQzM1t6JsU%2F3sWa4vJpzVmOI8rWoqj66nANGaYqdoSvX%2FO7MTK2Ghr9mlhKo9fUpNA0JJ9KSbueReILcVl3h7tPKzs13M0kFWrax16EQZgUY%2F4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304aa0a675c9e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
736 B 15ms
15ms XHR
application/json 13.32.119.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fxlek.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-176.fra60.r.cloudfront.net
Software: Server /
Resource Hash: dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:32:27 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server: Server
age: 140
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://xlek.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
content-length: 385
x-amz-cf-id: iyK2FZ-8MktDZPsBV7hqZ4RJ1w4RGNqAsZ6gyys9y2B0QcylpSyk2g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
12ms XHR
application/javascript 13.32.119.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-176.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:29:44 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 7505
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: 74Tucywn292sLZaJ1-n2byhfBg7K8QwsAIDU8RVEyNjuj7383_vfqg==

GET
H2 200 nmash.js
xlek.com/porpoiseant/ 24 KB
6 KB 21ms
20ms Other
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/porpoiseant/nmash.js?v=107
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Mar 2022 23:11:51 GMT
server: cloudflare
age: 80687
etag: "6003-5d9e556d39bc0;5d9e556d39bc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BCMFaMdtWiV06c3sRlQv8pxYalru5PErf4gMXpGHn2M6jEPOkwc5OazGAjN79Kq%2FTZvNEGDlBtJVBupIsY0OH4zWy3Dk%2BnZKJeueKtIDObcxXj2Sh4bTyPMwiA92dS8rhPvwXnw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304aa2fae90ec-FRA
x-robots-tag: noindex

GET
H2 200 imp.gif Show response
xlek.com/detroitchicago/ 43 B
405 B 29ms
29ms XHR
image/gif 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A2%2C%22ad_lazyload_version%22%3A104%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A127801%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A4%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A22%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1134%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22ff20bcf7-4b6a-4f7a-611a-07bd363744ed%22%2C%22position_selection_id%22%3A41%2C%22postal_code%22%3A%2260326%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A341544%2C%22response_time_orig%22%3A3314%2C%22serverid%22%3A%223.121.220.54%3A28777%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1134%22%2C%22t_epoch%22%3A1647491684%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fxlek.com%2Ffind%2Fmaxine-nielsen.130022915.html%22%2C%22user_id%22%3A0%2C%22word_count%22%3A3096%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: xlek.com
URL: https://xlek.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59&abt=PositionCalculator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNOkiWSvUSWTA%2B%2FdJSiE4CsncshhK45hrFo5lG3fCjjT3OZI6QBQjRSR6cgdV90IGxB%2BK1DQs5lX0IAhblHhqsDwQa3nwP4ut3dm41jAcjJHpg4dMRcH2s9Ll8sRXJ1YyXI3Qph3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6ed304aa2fb090ec-FRA
content-length: 43
expires: Wed, 16 Mar 2022 04:34:49 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css
fonts.googleapis.com/ 49 KB
49 KB 52ms
51ms Image
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 04:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 04:34:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 04:34:48 GMT

GET
H2 200 cmbdv2.js Show response
xlek.com/detroitchicago/ 46 KB
11 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/detroitchicago/cmbdv2.js?gcb=195-1&cb=03-5y0c-5y18-4y37-23y5a-21&cmbcb=28&sj=x03x0cx18x37x5a&abt=PositionCalculator
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20ed3e7e6d18cac5fb6a4b458cc68207494ab07f5ef0b8f863d7004ad4e6c50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 17 Mar 2022 04:34:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1X9egRKQRbUT0ipDUupdrswkmIjkpFtd8X2aXVXAfgiIArKN8l6CbKNgJWbEWV5V7XfaSdLIBcYOYlI9sB%2BVQavlXKdQrXPYSBh2j0PzBoYa7ZltVN2qxPU0ZBYEuEeR2x2jipw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304aa2fb690ec-FRA
x-robots-tag: noindex

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic|Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 120899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 18:59:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 180ms
95ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 107358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 163ms
82ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 61931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 113ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xlek.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 116813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 20:07:55 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 61ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Thu, 17 Mar 2022 04:22:34 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 659555306

GET
H2 200 logo.png
xlek.com/find/images/ 768 B
2 KB 20ms
18ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/logo.png?ezimgfmt=rs:43x43/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b12d4bbe01690c20bac8054d822dc191b15f276cd54b1874b0e21afe4faff42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 d79861a030d3421826a919f9c2b00147.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4391420
x-amzn-requestid: c6d9472a-01d5-4280-b914-c2fdcd7510d1
x-ezoic-cdn: Hit ds;mm;53e843f9e246951ec4b2d1658b653210;2-127801-3;b457f65c-9bc3-4a72-7a81-83391c1c0e7b
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61d2ba93-165ba90e015602eb48841aa9;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: LXIXIFtzoAMFaMw=
content-length: 768
x-amz-cf-id: AVhb3P-ks1zYKB-n-LL7m5LK-_fn9EgDvvaXW2l4PjmJ6srkOeKbzw==
response: 200
last-modified: Tue, 25 Jan 2022 08:44:28 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oW4Fst24WJ1XEc0cllRDuzf9s18VHg5zaWCkZIW9gGs7urC4HpQ%2BPMhkZlEs%2BHw%2BDA2DFwJmGYkYXOVtbJR31D8q9gO8mZfGkc2nBE8ag7YSpqFk56SZl9wduUarb%2Bnb8Pkus0A"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304aa6ffa90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 logo_top_icon.png
xlek.com/find/images/ 162 B
715 B 21ms
19ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/logo_top_icon.png?ezimgfmt=rs:16x15/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e774d399f3970266610d9a9af8cd9878698b693fba5cb673fc18ec154c17374f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161287
x-amzn-requestid: cbb8d7cb-d699-4694-b4f4-91f0ba1291b2
x-ezoic-cdn: Hit ds;ms;2ca1386d1e3061d5ee5b8dde79149366;2-127801-3;bb567172-3654-4d54-7926-22a101e0dc1a
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92c-3e65aa1f053675cd53db8e93;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFe_FhuoAMFrEA=
content-length: 162
x-amz-cf-id: itUZ3G4ysetOWjXpicgT7gQpOOOsBa0_IWYTRuB_iwfMR0R0fdoMKA==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:41 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeyezjVQGkw9u4vbZJItPfKX97CAkrQ1YdGSD85MBKaHaiOXi6D0xsQZuEoyyFVwnNMWuHcna5VzRoYlhClUguSiksDSfxwFezuOMlV0TVFaUC%2Bpdvo6jDw39h7TeMnQ3OeRQGam"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304aa6ffc90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 social_icon1.png
xlek.com/find/images/ 238 B
820 B 23ms
20ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/social_icon1.png?ezimgfmt=rs:19x19/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd1cb1a1850da21f936e45a8887da5c522797c01d76f6251d0347996d91445f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588760
x-amzn-requestid: f47dd851-9fae-49db-b84f-c5ecc4c1f748
x-ezoic-cdn: Hit ds;mm;0a89f453c5c9b2019152c813354ddd20;2-127801-3;3b97fc84-5880-4f47-457e-0f6ff2d08aad
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-62234427-75b21b3b075999a3267261f0;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OgeWPFqNoAMF6wg=
content-length: 238
x-amz-cf-id: GrtiRzmhsixYyzxRt6WarNSgT8PkYhilcyGB6QS1HNXpV7PDUvFpig==
response: 200
last-modified: Thu, 10 Mar 2022 09:02:08 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTBJcvqyoAZHkCyA7qzSnKFqSYj5TuSxG9RGNlSoQ0WUJzGALCl7%2FWSogMcDfwA%2BAZ9JCY99S26n%2BjLzEdXvIDAeKO%2FYGf45tgJ%2BIxWv8VIkThgr164RJErjidTTfJpP0rMdlNNU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
cf-ray: 6ed304aa6ffd90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 social_icon2.png
xlek.com/find/images/ 252 B
833 B 20ms
18ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/social_icon2.png?ezimgfmt=rs:19x19/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c0a96438fac4eb5a97d96c25accb2c6200877760296371a0277afd29933d7c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161287
x-amzn-requestid: 7680bd82-a273-4eb2-b4f9-5c7fc784f078
x-ezoic-cdn: Hit ds;ms;36ae4a0479f53ad9b76ce83093befdcd;2-127801-3;13091b78-294e-4d31-6189-d75a5e700478
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92c-2a4cb27d2473c62e77ec8442;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFfAGjuIAMF5IQ=
content-length: 252
x-amz-cf-id: pkXuqjCtK2aVc5s3QaQsYuEy_e-ZkKudfrP5Mz5_yQWQq4IDH_CzFg==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:41 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F86%2FRul16rwCjqGb%2FaIwHz%2BcQlKotNlf3eRgXQ3zaL9nV0RauUwZfsaRE1mDEUrxPKoIN6vF0z1FJDoRC60xo5AiX%2B2BG%2F5yrXu0l8wtzrGMYjb9ONpZ6oc8ELm9tWmefiUJ%2BKX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304aa6ffe90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 social_icon3.png
xlek.com/find/images/ 264 B
866 B 23ms
21ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/social_icon3.png?ezimgfmt=rs:19x19/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e27719c191590a4e040cb82e53dc9e35d3c9bbb1fd690bc9010bd989c2c58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161287
x-amzn-requestid: 9b0e5897-4814-4cbc-a8c5-6f345f019abf
x-ezoic-cdn: Hit ds;ms;fbcbdcea65605db02c6086f61b250147;2-127801-3;6c7722ca-2ede-4caa-6844-9f4e78ddc0d7
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-6221e92c-35580e7156bd8ab54096a849;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: OdFfAHYRIAMF8-g=
content-length: 264
x-amz-cf-id: QqzENkOgmh_kLtF_QlWmxj05t8w42cqtLDVDz1rC-saJFy-C897Sfw==
response: 200
last-modified: Tue, 15 Mar 2022 07:46:41 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MO0tW9mBzvkU61q4K3IFiKh2S%2B%2BugT2T5HL9%2FMP08j47K6e%2FiuslQEzXiOsDGCSHtTWpmWSzpFBO%2FpEm%2BRE7MqvckOZITL2ypCZsAoPUJT5hw2rv4MEBPTYP9Zd%2BttlQ4YLYezS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 6ed304aa6fff90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H2 200 tumbnain-img.jpg
xlek.com/find/images/ 188 B
1 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/tumbnain-img.jpg?ezimgfmt=rs:100x100/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e14582f0eae3d1f40e472045759189070780148d5aa48aa988fe9e3d2968b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 3d31b9207a0bab7982999e9846baee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2953375
x-amzn-requestid: 14710819-4013-474d-94d2-ddbfeb0dd47e
x-ezoic-cdn: Hit ds;ms;4bb4ee194d58d2bf2a5e12ffae1c8cda;2-127801-3;88d127f2-4ead-47c7-5520-669851986788
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fff02b-79315f306cb43e8c454845d4;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: NIJ2wFg0IAMFknQ=
content-length: 188
x-amz-cf-id: jTrgoI0YZG2q6qM9eZ311aihy6OlAUI2NM_DzYZiajYbIoNidzO-dg==
response: 200
last-modified: Fri, 11 Feb 2022 00:11:53 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcXQ5nr51nSLSvjV0SsudO9plP537s5Uw7BwGQ8%2BkVue9IA3UQOIibmf3X%2BysIB2P7wvhGuQtShcaaw%2BsdCh15DPXcjh6adASpPg4yhCdRhxCp8s0ODuZJdJpb60ECiH3HL4c8oc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
cf-ray: 6ed304aa680090ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 86ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 22:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 22:06:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
112 B 94ms
47ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=xlek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

536ec0b9facb95a8355d26097c28f9fbcee5aa49c789229a8f7cbd562e2612c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Thu, 17 Mar 2022 04:34:48 GMT

GET
H2 200 GVL Show response
gvl.ezodn.com/gvlcache/ 307 KB
41 KB 57ms
27ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=en&cmpv=57
Requested by: Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83256f0570f66796778a0f8ce187aa831aefd358a21ed9b6887546896af5872d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOsFadY3bAf2GlSwITAm%2BgJBy7lI2DzJrfNNdLSXLMyZDTFb4eMRgkBmCjcEbobfPD3LiUsQCJritQ%2FewIrzIXp%2FpR2RJbgTQeUGcANdPNWVcaGb1lfhDkHem6%2F6JNTLtpFFIP370WNlsYbk"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 6ed304aafcc49b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pp.js Show response
api-35-88-112-125.b2c.com/s/ 15 KB
6 KB 40ms
14ms Script
text/javascript 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-35-88-112-125.b2c.com/s/pp.js
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 139
etag: W/"620fe3a7-3aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcLf0kxXlEb2cLIk%2Bsd8I8kE4vwK6ryDzRr%2F8IIifVXmoIBfG0WBwJA3ciVCXpBh2Y%2BT%2Fj68z3TqDRD2qXMgIhnLv9evyuqg2Of4Ud%2FEP04G2ocEqWSg605X2B0eRyc8DAYf20DCl2eh5gazaNGXuYKk1QnMN%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed304ab1e789b76-FRA

GET
H3 200 GVL Show response
gvl.ezodn.com/gvlcache/ 31 KB
6 KB 50ms
29ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gvl.ezodn.com/gvlcache/GVL?gvlSpecificationVersion=2&language=de&cmpv=57
Requested by: Host: g.ezodn.com
URL: https://g.ezodn.com/cmp/v2/cmp.js?v=50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04fca553b0846ddc1d8cce80d15f8ce1e7fab7df6da9bbf49ab72f635c05f970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
gvlcache-hit: true
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0DFnAi1jF6B86Uz7jC%2Fh7wlX%2Ft1c92GP0iMMVM2%2FxgJn7kIaGoFlwHdRw3uEwJv0c3xu5P2tAY1Y3etqicKlXrv7kUSdx2TB8UUmf7jkTSGacv6PrRL%2B7QS9QPG6%2B849yCGbe2RYSBbiMx3"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf-ray: 6ed304ab6c489195-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ad.gif
api-35-88-112-125.b2c.com/s/ 43 B
382 B 14ms
13ms Image
image/gif 2606:4700:20::681a:723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-35-88-112-125.b2c.com/s/ad.gif
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 108
etag: "620fe3a7-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkM7tH%2B0CNVlcA%2FYAfxjIG70k%2BFH2pXdj91H4X4EjWCkiCzD9c%2FA2nhRKQWGHUyD7PsCuBUGSmxb67k9xXlSj7PMOATg%2BYIyU2B8oCiq3O7Uk7TIRucj0Hzy6mphzBqOSJ7sWPa4SD4Byg0SAN6EExFxwwXbQkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed304abcf3d9b76-FRA
content-length: 43

GET
H2 200 tumbnain-img.jpg
xlek.com/find/images/ 188 B
1 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xlek.com/find/images/tumbnain-img.jpg?ezimgfmt=rs:100x100/rscb1/ng:webp/ngcb1
Requested by: Host: xlek.com
URL: https://xlek.com/detroitchicago/cmbv2.js?gcb=195-1&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y36-23y59-21&cmbcb=28&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x36x59&abt=PositionCalculator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e14582f0eae3d1f40e472045759189070780148d5aa48aa988fe9e3d2968b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/find/maxine-nielsen.130022915.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:34:48 GMT
via: 1.1 3d31b9207a0bab7982999e9846baee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2953375
x-amzn-requestid: 14710819-4013-474d-94d2-ddbfeb0dd47e
x-ezoic-cdn: Hit ds;ms;4bb4ee194d58d2bf2a5e12ffae1c8cda;2-127801-3;88d127f2-4ead-47c7-5520-669851986788
x-cache: Miss from cloudfront
x-middleton-display: staticcontent_sol
x-amzn-trace-id: Root=1-61fff02b-79315f306cb43e8c454845d4;Sampled=0
access-control-allow-methods: GET
x-middleton-response: 200
x-amz-apigw-id: NIJ2wFg0IAMFknQ=
content-length: 188
x-amz-cf-id: jTrgoI0YZG2q6qM9eZ311aihy6OlAUI2NM_DzYZiajYbIoNidzO-dg==
response: 200
last-modified: Fri, 11 Feb 2022 00:11:53 GMT
server: cloudflare
x-origin-cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjCAckuRzyIJevocu9T7mW%2FDhZgJoCOTGgl5xc6Lr05z1Npi2p21RnbmB6XTOTqI1epJnRmovOzgiD9EA%2BN9%2BjJnY3zhz576OzxJNAfPqDzNfYngIxWfIkFNp7vJl3OWrXn91b93"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: CDG53-C1
accept-ranges: bytes
cf-ray: 6ed304ac79cc90ec-FRA
access-control-allow-headers: Content-Type, Authorization
display: staticcontent_sol

GET
H/1.1

200
OK

4 Show response
v4-api-35-88-112-125.b2c.com/api/
Redirect Chain

https://api-35-88-112-125.b2c.com/api/x?QNem3HzQDMxdXMqp$dXJsJDAkaHR0cHM6Ly94bGVrLmNvbS9maW5kL21heGluZS1uaWVsc2VuLjEzMDAyMjkxNS5odG1sIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2...
https://v4-api-35-88-112-125.b2c.com:444/api/4?QNem3HzQDMxdXMqp

0
141 B

513ms
167ms

XHR
text/plain

35.88.112.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-35-88-112-125.b2c.com:444/api/4?QNem3HzQDMxdXMqp
Protocol: HTTP/1.1
Server: 35.88.112.125 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-88-112-125.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xlek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Thu, 17 Mar 2022 04:34:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-35-88-112-125.b2c.com:444/api/4?QNem3HzQDMxdXMqp
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2BMoYYvfwk5TX9BUqtJsI%2F7yLHrUZlOR8r9S9L5dghpHYMp6enUctkvKU85yHlnwhrwH9ckQWiFz9vo48tAPJHvKAH3lIRFNXR%2BqsgUR83O%2BVNgknUHSZum5oWl0WK%2BB5NEagL0HAYxtHKVE8Xh9d2zWZgrP7s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ed304ae2c0d9969-FRA

POST
H2 200 lcpel.go Show response
xlek.com/cheetah/ 0
392 B 26ms
26ms XHR
text/plain 2606:4700:20::681a:4aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xlek.com/cheetah/lcpel.go
Requested by: Host: xlek.com
URL: https://xlek.com/find/maxine-nielsen.130022915.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xlek.com/find/maxine-nielsen.130022915.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Mar 2022 04:34:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FW14IGLFK2DIpoeLXxtNLoi%2BTmv9X1SXm8stNNU7g%2Fj0DhtzOZGzfc7HVrg8%2B3B3ZGTIp7%2Bkfqupm4DGkCxDCyGac%2FcMXaBOTLs%2FoQE%2FH%2BwUd9SNCo%2BdDgRIPFFnHqLzaIKvPv6"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://xlek.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 6ed304b8ebcf90ec-FRA
content-length: 0
expires: Wed, 16 Mar 2022 04:34:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: javascript: void(0)

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xlek.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ogg31nijs2gtkgjf8qll7fa366
.xlek.com/	1970-01-20 01:38:13	Name: ezoadgid_127801 Value: -1
.xlek.com/	1970-01-20 01:38:18	Name: ezoref_127801 Value:
.xlek.com/	1970-01-20 01:38:18	Name: ezoab_127801 Value: mod12
.xlek.com/	1970-01-20 01:38:13	Name: ezopvc_127801 Value: 1
.xlek.com/	1970-01-20 01:39:38	Name: ezepvv Value: 1408
.xlek.com/	1970-01-20 01:38:13	Name: ezovid_127801 Value: 904886918
.xlek.com/	1970-01-20 01:38:13	Name: lp_127801 Value: https://xlek.com/find/maxine-nielsen.130022915.html
.xlek.com/	1970-01-20 01:41:04	Name: ezovuuidtime_127801 Value: 1647491687
.xlek.com/	1970-01-20 01:38:13	Name: ezovuuid_127801 Value: c3bcd809-e7f1-4dab-7ab5-798524e37cc3
.xlek.com/	1970-01-20 10:23:47	Name: ezCMPCCS Value: false
.xlek.com/	1970-01-20 10:23:47	Name: ezosuibasgeneris-1 Value: 5cec6b35-2260-46fc-59a8-8815fbb8495c
.xlek.com/	1970-01-20 01:41:04	Name: active_template::127801 Value: pub_site.1647491687
xlek.com/	1970-01-22 14:57:23	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
xlek.com/	1970-01-22 14:57:23	Name: ezohw Value: w%3D1600%2Ch%3D1200
xlek.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
xlek.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: javascript: void(0) Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://xlek.com/find/images/close.png?ezimgfmt=ng%3Awebp%2Fngcb1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-35-88-112-125.b2c.com
api.fouanalytics.com
c.amazon-adsystem.com
cdn.id5-sync.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
go.ezodn.com
gvl.ezodn.com

securepubads.g.doubleclick.net
v4-api-35-88-112-125.b2c.com
xlek.com

13.32.119.176
142.250.184.226
2606:4700:20::681a:4aa
2606:4700:20::681a:723
2606:4700:3036::ac43:c834
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a06:98c1:3120::7
2a06:98c1:3121::7
35.88.112.125
46.105.202.126
04fca553b0846ddc1d8cce80d15f8ce1e7fab7df6da9bbf49ab72f635c05f970
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a6cd594a0f02bc06367345f3a70a28bbeed0f3011d77facf071846082535817
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
113e77e4e7763582965aebeb7f66945f0a7af85429d5bebe831ee7dfa03d3750
16c23bee811bc3f0c53a335f2f7fac8c2e80262bbfa9804fda1e49eabadccbc3
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2be53b764c2cfeaafaa418a135b951d0e9e591616ef98ad5e951c1ecc10ddd5b
2cd1cb1a1850da21f936e45a8887da5c522797c01d76f6251d0347996d91445f
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34214992174f6f2bfc2ef47aedc8d4fece2da0c1d91ae0008cdbd98e10ce2d21
383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c
3c0a96438fac4eb5a97d96c25accb2c6200877760296371a0277afd29933d7c4
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
4b12d4bbe01690c20bac8054d822dc191b15f276cd54b1874b0e21afe4faff42
4bb2742f1a9cb7b6fb7d406f49a999a8456c7da5b00a8a181632d17b0888ff9e
4d1d39aa2e92f266ddd2698e5829f4a0ffae93307fc80ebeaa4f176ae918273d
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
536ec0b9facb95a8355d26097c28f9fbcee5aa49c789229a8f7cbd562e2612c5
5e2ad5bb255c64bb43d8408366423f87ed076d921166f4a690f21fb7cd400e95
5fa369e0d631a868888c6a8153d0efcd9e26e393f6178d84e8a1e6e8a8fad2ff
6a50707d65d886a2e8b7f4c9327c9a7477cd98ffa7f85da587ea3c536356715a
6a8da7da4ab1cf046ec128c76f5d30b6c6445eb41adf91de1160ad5b8adc98c7
717ab304772ef159996a78650641af71e88bf51600539fdefe6f00f13cf829d7
7360356b5ade646c718574599e78e4216c1e0979278ea730bd0b5ab9d3032f9b
76dfac817aab244ccc97b6707dd5cfe4e0eabdd2899ba14d3b9a4b774ea1cb12
78d98d04b3f2f972cf4fe2b7897c9c4f6e48131ef3108703f89577921b76ea94
78fc681a68632cf9284ab1e985419c8eda8963cb22c47acef2f9c0d229e2f300
7dc736d8153f84bf22e2b6e4c6bdcc8468bf7a1459e1a4d52ca978f098d098d5
83256f0570f66796778a0f8ce187aa831aefd358a21ed9b6887546896af5872d
8806f6f794a6720cb646e06509852a034c7b93784e619609a0c4c6264f584506
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8cace8714fa44cc4cdd56f7185aa4c82e1a9441a9566c9855e20c92642d4c93b
91c769ff0e8757904ea0e407dc63f3b67f57744862b29411e69cdf8193dc7c60
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
94aa52ecd64e35429d7dab23af4484e3c7185d1a3122d96f8076e4d337323e6b
99254bcd79b94c0e6a276271ab4670d1f071675ecd4672d6bcd789a0b758b874
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
a8e600954354fa0c9ba4a3fdcb08c66e21122afd5a1fd9012b547449e468a045
ae5b727d2d366cbe68c882abfbd28a0e2f359be56625d7684bdb25030a8fef74
b0250edaa156ff31c0ae0bc7c957d513d2025d934c95902c1aa45872e63c9cdd
b2d050495ac5f6a0de1ec7e96e42ece42f99033500eecc12e622adb143c4a76a
b630690e9e29d308078a2679fe5ad3b739a9b1dd376977eb6a5b1ee7abf92f49
b6e14582f0eae3d1f40e472045759189070780148d5aa48aa988fe9e3d2968b1
b6fe6f66a91d0d7b713236d124c92825f0e180ba996e92790d20d7defec4998f
bb6e1bc48145a037cae7c4c727a5c2a8a166c607528425840d746f598cb6e0bc
bbd3e5220e9eda0e6982e9b3e3c1c3168e9c26e43a3b6662ace2f03dde6e217d
bfd3ea01b70075c018ebb7d530639fd9bd1c8354b4f129d4029fcba603998e70
c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d20ed3e7e6d18cac5fb6a4b458cc68207494ab07f5ef0b8f863d7004ad4e6c50
d7e76196a8279dd7e4856ca2eae16cec6feefc6a1aff8575f811f81760fc82d1
d94bbee4b8120bf8e4937e3e9c54de44bdb866291db81088601bde90085092da
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
e31393a868b5890a026cbbdc595e6d130bf38b9cd9dffab4abf33324c0465cd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e774d399f3970266610d9a9af8cd9878698b693fba5cb673fc18ec154c17374f
e8cfd3eed6feab5a927df9533248e1baae746ee17f564660e4c77db77a54398b
f0e27719c191590a4e040cb82e53dc9e35d3c9bbb1fd690bc9010bd989c2c58b
f2d27e51250823d7f1a6019ea2f2a007dedf4a1d523fcfc55a3db5adf524378a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fef2106dee3db265de395931861184533189056b645ad1bec8cccfa9d247be27
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

xlek.com Open in urlscan Pro 2606:4700:20::681a:4aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

62 Requests

97 %HTTPS

64 %IPv6

10 Domains

14 Subdomains

12 IPs

3 Countries

839 kBTransfer

2594 kBSize

17 Cookies

3 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xlek.com Open in urlscan Pro
2606:4700:20::681a:4aa Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

64 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

839 kB
Transfer

2594 kB
Size

17
Cookies

62 HTTP transactions
9 data transactions