urlscan.io logo urlscan.io
SecurityTrails logo

leekduck.com Open in urlscan Pro
2606:4700:20::681a:7c3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leekduck.com/
Effective URL: https://leekduck.com/
Submission: On April 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2606:4700:20::681a:7c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is leekduck.com. The Cisco Umbrella rank of the primary domain is 459225.
TLS certificate: Issued by E1 on February 24th 2024. Valid for: 3 months.
This is the only time leekduck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:20::681a:7c3 (United States)

ASN13335 (CLOUDFLARENET, US)
leekduck.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2761:7600:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
3    2600:9000:2491:9200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.244.144.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.144.244.35.bc.googleusercontent.com
tracker.nitropay.com
Apex Domain
Subdomains		 Transfer
10 leekduck.com
leekduck.com — Cisco Umbrella Rank: 459225
736 KB
6 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 24575
tracker.nitropay.com — Cisco Umbrella Rank: 22962
232 KB
4 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 19940
rumcdn.geoedge.be — Cisco Umbrella Rank: 2210
168 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
170 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
74 KB
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207
29 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 871
29 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
54 11
Domain Requested by
10 leekduck.com leekduck.com
5 s.nitropay.com leekduck.com
s.nitropay.com
3 rumcdn.geoedge.be s.nitropay.com
rumcdn.geoedge.be
3 fonts.gstatic.com fonts.googleapis.com
2 static.cloudflareinsights.com leekduck.com
2 www.googletagmanager.com leekduck.com
www.googletagmanager.com
1 tracker.nitropay.com s.nitropay.com
1 c.amazon-adsystem.com s.nitropay.com
1 securepubads.g.doubleclick.net s.nitropay.com
1 btloader.com s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 www.google-analytics.com www.googletagmanager.com
1 ajax.googleapis.com leekduck.com
1 fonts.googleapis.com leekduck.com
54 14

This site contains links to these domains. Also see Links.

Domain
nitropay.com
Subject Issuer Validity Valid
leekduck.com
E1		 2024-02-24 -
2024-05-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
nitropay.com
GTS CA 1P5		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
btloader.com
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.nitropay.com
GTS CA 1D4		 2024-04-05 -
2024-07-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://leekduck.com/
Frame ID: 30FF4626C3C6E65D16C2C59E6DA0AAD4
Requests: 53 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: EDC890DF3AA6CF56A3ECF93BCAD45BB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Leek Duck | Pokémon GO News and Resources

Page URL History Show full URLs

  1. http://leekduck.com/ HTTP 307
    https://leekduck.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

61 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

1573 kB
Transfer

5124 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leekduck.com/ HTTP 307
    https://leekduck.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leekduck.com/
Redirect Chain
  • http://leekduck.com/
  • https://leekduck.com/
53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e90f6b5b88e0f657d2a3ea0f1d9ab42119362589d539da879464980a3a65b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
875ff6fdefd036dc-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 22:48:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeajtb72R%2FfzWnwnw3xPOeS851ocafgWqm7mAxDodjxbKDDJZ%2B5TLzYxa6eQrGwYbWIarMFAfqjP1QL2F8VPcsBsBr2iiL2k%2FbnBCPmsO1rWys2li35ZgE2w3L0Gk%2BZy629cPuIfVBXOd9E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://leekduck.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		3 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=block
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12280ee53076c3185469616cd4db7c3531a65c08f67c6cbaa140f2066326e4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 22:48:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 22:48:50 GMT
font-awesome.min.css
leekduck.com/assets/fonts/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leekduck.com/assets/fonts/font-awesome/css/font-awesome.min.css?v=0.03
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
HIT
age
3693
etag
W/"c0f1c54a4666f3024612e0efba3f911e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5PW15fUCNgsyMviOqytTTLt4I1nlx6A2cCJ94nbT3BfrlNoH53NrDTPrCsLwVRgR3UN9EGVYcH29%2Ffh3%2BHcEPJOyZFmyBln8KCIvw8y1M6bxmgzWRhUhvvMXDgkBug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
cf-ray
875ff7012a4a36dc-FRA
main.css
leekduck.com/assets/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leekduck.com/assets/css/main.css?=2024-03-31
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9818cd1c3e96d55968609125b0f427dc7aaa8cd291c86895ed0daaaa6bb13200
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3693
cf-polished
origSize=41022
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a37d2c645b5f49033c55d4ac47c2acf2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsVxovQBM9GMbxCPpqrK3dBoCxPCdAjZfSHbz%2BlNdVraDOhdZG8oFSQQ2IVulK5XPlFx6wVDVV8%2FBtybKS7karYYycWnDGEpUa3YbM%2FCfvLwYdMKBUq%2F7psidYID18lOL2CPEh1tNZa%2Bvu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
cf-ray
875ff7012a4b36dc-FRA
ads-642.js
s.nitropay.com/ 		583 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-642.js
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7b01fa94b9f47789960d05f9e4600fdfd6eac91a99c1c9ee6d6c1d74cf0ea9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1712943915
age
6726
x-guploader-uploadid
ABPtcPq7pVP8RgQgs0tt-k4-5eXEd5iTeJlavOKbjxTgIXDNXwE6stZ81oOyYL4c_tHNuB062efpFzt3Ew
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Apr 2024 20:56:32 GMT
server
cloudflare
etag
W/"bc4d6ed3269c129f6a828e86b0bc41d5:1713387392000"
vary
Accept-Encoding
x-goog-generation
1712944760821170
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=pQkyyQ==, md5=vE1u0yacEp9qgo6GsLxB1Q==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
593699
cf-ray
875ff701a9c7924a-FRA
expires
Thu, 18 Apr 2024 08:56:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 18:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Apr 2025 18:14:15 GMT
main.js
leekduck.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leekduck.com/assets/js/main.js?v=0.49
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9618c615fe736f863116c0a8df1f3828d0fcd44c0a53a1dd4d9987c3aa6b1928
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3693
cf-polished
origSize=8804
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"1e9ca88cfbdce01ddd6edbb7290aacfd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUWSJZ27JZOZGVpi%2F6CsQIZd49NcTdimmcq39JtN%2B9pUqGQwFZikcN2kdS1%2FUxU66uHBW87RxD1BfcgcN9QQnsZqFsvXpIMqlOOKSaCAR2kSdoDxUUclxBueU1njNL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
cf-ray
875ff7012a4c36dc-FRA
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96155731-1
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8bdfdaea4c83e0f1f159ca7a75fb12e159962039a8f165ddc48472b8e21c107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73063
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 22:48:50 GMT
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
875ff701fdb271cb-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Origin
https://leekduck.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
875ff701f9bd8ed1-FRA
1.gif
s.nitropay.com/ 		42 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?0.10284968232262792&adslot=
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
449300
x-guploader-uploadid
ABPtcPqUyATdPL5GosFHZs11DVTkAexT_UMRc943NI7WAbeqis8ASjG-0BYHT3-SWOghyxTDbVW_lFk1GA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
875ff701a9c4924a-FRA
expires
Fri, 19 Apr 2024 18:00:30 GMT
go-widgets-splash.jpg
leekduck.com/assets/img/posts/widgets/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img/posts/widgets/go-widgets-splash.jpg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f2defa8cf87709343942482131dc0e460c60815746645e7e174e7de71d76c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
qual=85, origFmt=jpeg, origSize=19530
content-disposition
inline; filename="go-widgets-splash.webp"
content-length
16440
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"a7e015caac7e689eef8efa670a984bf2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7jWhgwXuN9%2BvcARHxDxLe4WaCxmKJmIWJti1BOdGCpEc6476K0UeaHymiSTLR2eiMU1tF8H%2F1bGHQHXqqjq4y%2BSbUg4nHVSkB%2BzoEUNn%2BkfdZU1VDESQ3u3nQrafzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aaaa36dc-FRA
dittodisguises-halftone.jpg
leekduck.com/assets/img/ 		305 KB
306 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img/dittodisguises-halftone.jpg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62227a6f6db5dc512ddae42343e327289b8409e1ee4cc3204ddc99d206e9cf4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
status=not_needed
content-length
312297
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"3d164f6489b4a55ba27df7abe7214bd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zA3r0NwK4SKuQ0oBaHQY7U9qfIp8IqR2PAH%2Bei9vPNFTqaVGN9RhpASMsOtL%2BMarOb1QuyZPoYRZhvsVu8%2FVbn2Vz0BvEFIAWlvedI0rHrnNkviSjb%2Fl337qNx4xtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aaad36dc-FRA
meloetta.jpg
leekduck.com/assets/img//events/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img//events/meloetta.jpg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a363bc9ca5fff1815ecd881c2cab035c421811d89145dc7ed90adfb2ceeb0c2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
status=not_needed
content-length
50886
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"33a1a773200ccd5ecb7713f33c31d97f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kkfvnrS5JvyGhTgjdL%2BVxbLfFhQADxqbZw8INBAm1yy11bVwlbNWaL4TwY%2FKdNApA0sUqnK%2FJDxtdU47JQFM5AH2W3IIcBnM4kX0e2%2FzzX7cH3lzo5bFTHqui3KqBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aaaf36dc-FRA
how-to-evolve-eevee-splash.jpg
leekduck.com/assets/img/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img/how-to-evolve-eevee-splash.jpg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3fe492f88c423576518b70a4dec73704cdaab50fbe4377b426b70993f441e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
qual=85, origFmt=jpeg, origSize=88217
content-disposition
inline; filename="how-to-evolve-eevee-splash.webp"
content-length
73290
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"2046d33cb924d674ae20c1f507193cc7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A6D%2F8JsUa%2ByQMvLtt2a6JSb%2Bd9HOX8qfU3pMqFQaXQHhDl9VKIWKxRtT2o%2BDUat12wruaYfkEta5XiDxHsalqWAjN87zq7G4tx2kiQ%2BCs%2F6LRepF90LUr6YckFgQ64o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aab036dc-FRA
jumpstartresearch.jpg
leekduck.com/assets/img/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img/jumpstartresearch.jpg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d606ddb0ab1a60aa8cd8046cb87a10fc21f1d0fbd56453a49f17f93356f6bb47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
status=not_needed
content-length
206274
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"4517e9eebd015d36b12640a3d186049b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTq1QRC9jfBten4EgsEL2ZurcuPrtBRSEsJDGwIhb3KVF3iPSEAkbRpjnUhmiMh1867J1XMPicCNFLe12tpbjcR0V8Ha%2BNE783%2FGQqT9lawy6eR6LEioVATWiUmRDzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aab236dc-FRA
professors-research-willow-tgc.jpg
leekduck.com/assets/img//events/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leekduck.com/assets/img//events/professors-research-willow-tgc.jpg?v2
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57debe3b3defefaf2eac314cf8a07a0a5810940cf3f906503ed11ccb53ab6db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1534
cf-polished
degrade=85, origSize=295217, status=webp_bigger
content-length
59800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"4fe4053cf6a553ac7d24e61a5b5d470f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AO1SpSmSHFkuDTyiyhQ2b2CwycR1gMIH7ujIW0ms35ZdFOYbu1MbS2u9EoG%2B9BLS3fZcOz%2FOPbNWT2Zc%2BVJGlF%2BbIaElemoU4djggqcdHiMIqCtKGk%2BJN%2B%2F0peYJnQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
accept-ranges
bytes
cf-ray
875ff701aab336dc-FRA
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://leekduck.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 19:07:30 GMT
x-content-type-options
nosniff
age
358880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 19:07:30 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://leekduck.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 07:30:58 GMT
x-content-type-options
nosniff
age
141472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24448
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 07:30:58 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://leekduck.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 02:38:45 GMT
x-content-type-options
nosniff
age
159005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 02:38:45 GMT
js
www.googletagmanager.com/gtag/ 		296 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-35E44WDJ8H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96155731-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ba5ca2b685ec571906074022ad0d1256fb71a0ce607fa90b69a5ce85193e5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100846
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 22:48:50 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96155731-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Apr 2024 21:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3642
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Apr 2024 23:48:08 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:7600:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Wed, 17 Apr 2024 04:01:56 GMT
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
67615
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
HTjse_gulQubhRJ75Tx9y82cyWY_7v2XMr_Po7h9ffuDyYKyr0qtww==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 		517 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
136745780d3d90ea020b78d71b66ddef1a22fb8db0daa8a2cbcfe1223fa027a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:35:04 GMT
x-amz-version-id
xY63jNe4f77pPcoI5UNs75DoJpsGsbHn
content-encoding
br
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 22:18:59 GMT
server
AmazonS3
etag
W/"439b61d9c22569d126fc3ccd5953da8b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
IGeu8KUSBP-_0fYi2L2HY7J7efkkPHOHBua28SKSnt2w2JfNAgI1RQ==
tag
btloader.com/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2eebc706bb9ef090b912a9e190a0bad87157e57c4e2b1e381e4b51f0695ffdd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 22:35:28 GMT
server
cloudflare
age
682
etag
"9fa583b0dbdd66e2c1a865bfc8596e1a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
875ff704f92537e3-FRA
content-length
28876
grumi-ip.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:35:05 GMT
x-amz-version-id
WiOVCnEFt3_sokyg.radBxwTs.fq8OtZ
content-encoding
br
last-modified
Mon, 18 Dec 2023 19:27:12 GMT
server
AmazonS3
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
826
x-amz-cf-id
kLNkn8YKZk0yKnwte8b5aDN4UL7KUYMgCuE0CoXL2NTBAIawFxiOiQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35743e3c8a8323ccabc45f1cbebaab7c6ce7faedf5e2352ac77eb89a21b64046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29469
x-xss-protection
0
server
cafe
etag
160 / 19830 / 31082810 / config-hash: 4492863739698746870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Apr 2024 22:48:50 GMT
gpp-4cab6c0.min.js
s.nitropay.com/ 		260 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-4cab6c0.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67a7e47c9a86b72222902ce935afc142f683f415fc5be76e4d9f3061a57b200
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
449300
x-guploader-uploadid
ABPtcPrTLzCgQE48c08KnwuLrKOf7otMBi5_YB3ThbuWLzVntWJao__w_B8JY92fqD3dczgSVgI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Feb 2024 17:17:28 GMT
server
cloudflare
etag
W/"ce7b1fa893ef6245b7afb82ef7d5a764"
vary
Accept-Encoding
x-goog-generation
1707758248798793
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=9oy3/w==, md5=znsfqJPvYkW3r7gu99WnZA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
266449
cf-ray
875ff704db8b924a-FRA
expires
Fri, 19 Apr 2024 18:00:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:43:31 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 20:37:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
320
x-amz-server-side-encryption
AES256
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
jiyJFLhDRkUnh_QpHq90Xk6bRizOd3HKpx6A3khcWHa7KdO5PXVRFQ==
642
tracker.nitropay.com/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/a/642?d=eyJocmVmIjoiaHR0cHM6Ly9sZWVrZHVjay5jb20vIiwidiI6OTIsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiREUiLCJyIjoiSEUifQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.gif
s.nitropay.com/ 		42 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
449300
x-guploader-uploadid
ABPtcPqUyATdPL5GosFHZs11DVTkAexT_UMRc943NI7WAbeqis8ASjG-0BYHT3-SWOghyxTDbVW_lFk1GA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
875ff7052ba8924a-FRA
expires
Fri, 19 Apr 2024 18:00:30 GMT
close2.svg
s.nitropay.com/assets/ 		305 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/assets/close2.svg
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
449299
x-guploader-uploadid
ABPtcPqL6ACwcno00ab_Q2DafrsUGPkBMWe81XZYcKKHa4pnX7qVKgsOW3c2gsXVgzCDqfaZKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
x-goog-meta-
last-modified
Wed, 08 Dec 2021 23:38:47 GMT
server
cloudflare
etag
W/"ca26e4a931ab434f475491bcab06132b"
vary
Accept-Encoding
x-goog-generation
1639006727668923
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
305
cf-ray
875ff7052ba9924a-FRA
expires
Thu, 17 Apr 2025 22:48:50 GMT
collect
www.google-analytics.com/j/ 		2 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1590877696&t=pageview&_s=1&dl=https%3A%2F%2Fleekduck.com%2F&ul=de-de&de=UTF-8&dt=Leek%20Duck%20%7C%20Pok%C3%A9mon%20GO%20News%20and%20Resources&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=549144638&gjid=1974575895&cid=810886033.1713394131&tid=UA-96155731-1&_gid=1845607332.1713394131&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1182614604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 22:48:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leekduck.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 17 Apr 2024 22:48:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2115760
x-guploader-uploadid
ABPtcPqLF_nsU44AaRYQZvip2rnoLIgml-a62QjrWNYp6HOPjUpnOrFLIfAkZZ3izgLuAKfQ6SPlwPgTzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxFBJWZLJc8fwBBzrMntRNDoIkvJqjgvymGXo0ifAGwfbG3zZZ14Dnh25f3JOTUdC3o7DqMiOsKi7Hvk0dAGu8kPdXgElTjE%2FEob70%2B3Z12g59St%2B8yainiNrJMDBTwv%2B1%2BMlWls2lOFKSj9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
x-goog-generation
1620242732037093
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
875ff7060a048f27-FRA
expires
Sun, 24 Mar 2024 11:46:31 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Apr 2024 17:31:55 GMT
px.gif
ad-delivery.net/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7249965754435244
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2115760
x-guploader-uploadid
ABPtcPqLF_nsU44AaRYQZvip2rnoLIgml-a62QjrWNYp6HOPjUpnOrFLIfAkZZ3izgLuAKfQ6SPlwPgTzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4Uv7tXXhEdnXw2cMUdakbeoMk6CrecdbK7lVfZKGZgyiVnbZtBsz1fRj7tuQi7GTeErn%2FKJGy%2FKXDqwzfGWEaeB7rlPsrWOgEVY8TPG9s0rQmmTbb5QncxzQDdgsrkpWWkhXHbj8ompvNcSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
x-goog-generation
1620242732037093
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
875ff7060a018f27-FRA
expires
Sun, 24 Mar 2024 11:46:31 GMT
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-4cab6c0.min.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
322880
x-guploader-uploadid
ABPtcPqoVWrMV7DYAwd4X6098aFxatfYusoEH7PBSSDXttmBkGIo3C5uTG2dT7iPk38qsG2JBUOtA9KgAQ
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHGBkx6dTLQzjHhcuem6PjBfjVmJlECDhiUHTBzmxJS%2Bv95brjCrRKinETPeXuwyHvmLRYYxMQUS%2BvY%2BBsDTVe9g44rYoQGzyn99ULNSH1YVhZt18NOLum%2BfaZyPrVJ3z0iysXA16QAx%2BEcZ8hbtBe7MSKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
*
x-goog-generation
1689147090287559
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-stored-content-length
119221
cf-ray
875ff706086435f7-FRA
expires
Sun, 21 Apr 2024 04:11:52 GMT
vendor-list-v3.json
consent.nitrocnct.com/ 		591 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-4cab6c0.min.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7dfd67fbdf67d3314a3899486d9a9172a49ecface2d334b00f76ef475313b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
433444
x-guploader-uploadid
ABPtcPq8HTXSJCTJ5HP9LDB2ECQXaspT95e5HsfkhiBSjdb24_97XXpJgoXNbMjTDBJB57jKIg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Apr 2024 16:15:05 GMT
server
cloudflare
etag
W/"8e329866b344c76c0b7663eb1a31da1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOt2XM6MpHjnThfIy%2F28M7cFYjDt6Sk1MMfIg2Q8FKHYi2bvJHAQfJegIlPp2ZzTKbWegHZS1%2BOdeTOdy3ArYRab%2Bsx5x0N7iwsQiI9qj%2Bmz2rFgXQJHJgaa72crGxXY7c65fiA4QDphUw8To6dG5hKO%2FqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-goog-generation
1712852105160601
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
x-goog-hash
crc32c=guYXBw==, md5=jjKYZrNEx2wLdmPrGjHaHw==
x-goog-stored-content-length
604684
cf-ray
875ff706086135f7-FRA
expires
Fri, 19 Apr 2024 21:32:07 GMT
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame EDC8 		517 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
136745780d3d90ea020b78d71b66ddef1a22fb8db0daa8a2cbcfe1223fa027a5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:35:04 GMT
x-amz-version-id
xY63jNe4f77pPcoI5UNs75DoJpsGsbHn
content-encoding
br
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 22:18:59 GMT
server
AmazonS3
etag
W/"439b61d9c22569d126fc3ccd5953da8b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
IGeu8KUSBP-_0fYi2L2HY7J7efkkPHOHBua28SKSnt2w2JfNAgI1RQ==
collect
stats.g.doubleclick.net/j/ 		1 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-96155731-1&cid=810886033.1713394131&jid=549144638&gjid=1974575895&_gid=1845607332.1713394131&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1960343875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 22:48:50 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leekduck.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-35E44WDJ8H&gtm=45je44f0v9102328408za200&_p=1713394130174&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=810886033.1713394131&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713394130&sct=1&seg=0&dl=https%3A%2F%2Fleekduck.com%2F&dt=Leek%20Duck%20%7C%20Pok%C3%A9mon%20GO%20News%20and%20Resources&en=page_view&_fv=1&_ss=1&tfd=1373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-35E44WDJ8H&l=dataLayer&cx=c
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 22:48:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leekduck.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/ 		448 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js?cb=31082810
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 10:00:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
46084
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143226
x-xss-protection
0
server
cafe
etag
18387702370034619198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Apr 2025 10:00:46 GMT
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/ 		563 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-642.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:14:18 GMT
via
1.1 edfa50bbeda89838b4ee2ce6eaea1b04.cloudfront.net (CloudFront)
server
CloudFront
age
2072
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
uKcVBj14X4W7xJgBMBQOKRbaQctKrjT5xFrCWpZaMWVvor-Bj-Y6Aw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fleekduck.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 17:37:40 GMT
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server
Server
age
18670
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
access-control-allow-origin
https://leekduck.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
garg8nfONIgxU4Q2ZC8IPH9_bLyXfpPCrAgaOw7Lo8yYmVgiNiA2Zg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fleekduck.com%2F&pid=CNPqVWAcLegJX&cb=0&ws=1600x1200&v=24.305.1002&t=2200&slots=%5B%7B%22sd%22%3A%22ad-homepage%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x250%22%2C%22336x280%22%5D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!nitropay.com%2C574%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:50 GMT
via
1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://leekduck.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
SbhIh8ELTUee3ACIrXsafVt8SZjKuDVNRzwXiIpxfpi7X7GzwHul9A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 05:39:22 GMT
content-encoding
gzip
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age
66326
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8DAx-HBXZRmPu4R3Dl8aYmH6rudXrOd_wfbFy7sdUrorvQ5thqnZdA==
lang.png
s.nitropay.com/cmp/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2660
x-guploader-uploadid
ABPtcPqRgU26r8W_Bs1kSR9uq-8ixbDX_ss_AZwjxFYTDmupYPYFarhkm8QV0uI2U1XIlASjiF7ylXIlrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1887
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"ca072a3965f49a2c242c45d535163a53"
vary
Accept-Encoding
x-goog-generation
1666344058779792
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1887
accept-ranges
bytes
cf-ray
875ff706dc7b924a-FRA
expires
Wed, 17 Apr 2024 23:04:31 GMT
cancel.png
s.nitropay.com/cmp/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
2325
x-guploader-uploadid
ABPtcPrTZib5YSvZm0Ry5qvnIp43A9iFGHLGu-P4ldQrvr7nekUraBg9wEqPcQu5Sm1p62Fo7MLahreSig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
1302
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
vary
Accept-Encoding
x-goog-generation
1666344058825998
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1302
accept-ranges
bytes
cf-ray
875ff706dc7d924a-FRA
expires
Wed, 17 Apr 2024 22:23:57 GMT
logo.png
s.nitropay.com/cmp/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: leekduck.com
URL: https://leekduck.com/
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
1943
x-guploader-uploadid
ABPtcPq_93dfnlrHaKW4gNsUcVyl993_MOQWkoIYcZDBWl9cbBAqD4Pys0g6oGTazBnMek4d7i5b1DJrlw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2592
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
server
cloudflare
etag
"940aa5b81e99bbb7414acc474a89bad9"
vary
Accept-Encoding
x-goog-generation
1666344058842900
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2592
accept-ranges
bytes
cf-ray
875ff706dc7f924a-FRA
expires
Wed, 17 Apr 2024 23:16:28 GMT
country
api.btloader.com/ 		37 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=VphRMh9Dj&w=5076679675346944&o=6278260873756672&cv=2.1.41&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fleekduck.com%2F&sid=hBi5bKW5v&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 17 Apr 2024 22:48:51 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
rum
cloudflareinsights.com/cdn-cgi/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://leekduck.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
875ff7080ecc8ed1-FRA
favicon.ico
leekduck.com/assets/img/favicon/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://leekduck.com/assets/img/favicon/favicon.ico
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
676a2c02945351de35137e714683b01bb8270d07f16e59e3a65054455b325f46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://leekduck.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 22:48:51 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30
x-content-type-options
nosniff
etag
W/"41735efb7fbfe388e406204f758aa892"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnH6g3Ze8tZnTtD2NfpMybNtPtb7YHimcjVcoMRSyNghAkfCOcyXWLoIwvElW5V0voCem9b0HlDinqjTZuM3HAfZv2%2BfvVvfwjaf0CSJJZLLddvWSs9R5H23O5KbAVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
public, max-age=1382400, must-revalidate
cf-ray
875ff707ff8436dc-FRA

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| nitroAds function| $ function| jQuery function| saveLastVisitedToLocalStorage function| gtag object| dataLayer function| scrollFunction function| topFunction function| toggleStickyOffset function| moveTopButton object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals object| mnet object| grumi object| googletag function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __tcfapi_queue function| __tcfapi object| apstag object| __cfBeacon object| gaplugins object| gaGlobal object| gaData object| __bt object| __bt_intrnl object| __bt_tag_d object| nitroAdsCMP object| regeneratorRuntime object| __npcmp_queue function| __npcmp boolean| __npcmp_init function| __cmp function| onYouTubeIframeAPIReady object| win object| doc object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing boolean| __bt_already_invoked

6 Cookies

Domain/Path Name / Value
.leekduck.com/ Name: _gid
Value: GA1.2.1845607332.1713394131
.leekduck.com/ Name: _gat_gtag_UA_96155731_1
Value: 1
.leekduck.com/ Name: ncmp.domain
Value: leekduck.com
.leekduck.com/ Name: _ga_35E44WDJ8H
Value: GS1.1.1713394130.1.0.1713394130.0.0.0
.leekduck.com/ Name: _ga
Value: GA1.1.810886033.1713394131
.nitropay.com/ Name: __cf_bm
Value: Ls8GVu9_uo8exmyxaUFel6KNJ3I2OlZrVvVRmsorjJ4-1713394131-1.0.1.1-2sh03JLQwEsiiaw690mZzdGh1xgy0zOBEPwbJ._w0RUtYGQ5FbMfHn43DCfSSibym916Lvksdt7sBnWeRs1eQA

6 Console Messages

Source Level URL
Text
other warning URL: https://leekduck.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://leekduck.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://leekduck.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://leekduck.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://leekduck.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://leekduck.com/
Message:
The resource https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
btloader.com
c.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
leekduck.com
rumcdn.geoedge.be
s.nitropay.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
tracker.nitropay.com
wrappers.geoedge.be
www.google-analytics.com
www.googletagmanager.com
108.138.6.136
2600:9000:2491:9200:4:b37b:9440:93a1
2600:9000:2761:7600:2:d490:4d80:93a1
2606:4700:10::6816:4ad8
2606:4700:20::681a:7c3
2606:4700::6810:5049
2606:4700::6812:34e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
35.244.144.25
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0f7b01fa94b9f47789960d05f9e4600fdfd6eac91a99c1c9ee6d6c1d74cf0ea9
11e90f6b5b88e0f657d2a3ea0f1d9ab42119362589d539da879464980a3a65b9
12280ee53076c3185469616cd4db7c3531a65c08f67c6cbaa140f2066326e4c8
136745780d3d90ea020b78d71b66ddef1a22fb8db0daa8a2cbcfe1223fa027a5
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
2ba5ca2b685ec571906074022ad0d1256fb71a0ce607fa90b69a5ce85193e5ed
35743e3c8a8323ccabc45f1cbebaab7c6ce7faedf5e2352ac77eb89a21b64046
4e7f2defa8cf87709343942482131dc0e460c60815746645e7e174e7de71d76c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62227a6f6db5dc512ddae42343e327289b8409e1ee4cc3204ddc99d206e9cf4a
676a2c02945351de35137e714683b01bb8270d07f16e59e3a65054455b325f46
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
70b3fe492f88c423576518b70a4dec73704cdaab50fbe4377b426b70993f441e
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a7dfd67fbdf67d3314a3899486d9a9172a49ecface2d334b00f76ef475313b4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9618c615fe736f863116c0a8df1f3828d0fcd44c0a53a1dd4d9987c3aa6b1928
9818cd1c3e96d55968609125b0f427dc7aaa8cd291c86895ed0daaaa6bb13200
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
a363bc9ca5fff1815ecd881c2cab035c421811d89145dc7ed90adfb2ceeb0c2f
a9d795e10d030c1fd5f70e0629cfa06248e3d73088b4c3a1b297f8361644b126
b67a7e47c9a86b72222902ce935afc142f683f415fc5be76e4d9f3061a57b200
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d606ddb0ab1a60aa8cd8046cb87a10fc21f1d0fbd56453a49f17f93356f6bb47
d8bdfdaea4c83e0f1f159ca7a75fb12e159962039a8f165ddc48472b8e21c107
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2eebc706bb9ef090b912a9e190a0bad87157e57c4e2b1e381e4b51f0695ffdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57debe3b3defefaf2eac314cf8a07a0a5810940cf3f906503ed11ccb53ab6db
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629