urlscan.io logo urlscan.io
SecurityTrails logo

duckduckgo.com Open in urlscan Pro
79.125.108.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd
Effective URL: https://duckduckgo.com/
Submission: On April 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 79.125.108.59, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is duckduckgo.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 9th 2019. Valid for: a year.
This is the only time duckduckgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 3.92.99.136 14618 (AMAZON-AES)
3 6 151.80.221.9 16276 (OVH)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 34.230.174.59 14618 (AMAZON-AES)
1 188.164.249.105 35415 (WEBZILLA)
28 79.125.108.59 16509 (AMAZON-02)
34 6
2    3.92.99.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-99-136.compute-1.amazonaws.com
tryd.pro
6    151.80.221.9 (Netherlands)

ASN16276 (OVH, FR)
PTR: core.royalads.net
core.royalads.net
1    2606:4700:20::681a:3bc (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
3    34.230.174.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-174-59.compute-1.amazonaws.com
ps.popcash.net
1    188.164.249.105 (Netherlands)

ASN35415 (WEBZILLA, NL)
xml-ads.com
28    79.125.108.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
duckduckgo.com
improving.duckduckgo.com
Apex Domain
Subdomains		 Transfer
28 duckduckgo.com
duckduckgo.com
improving.duckduckgo.com
406 KB
6 royalads.net
core.royalads.net
3 KB
4 popcash.net
popcash.net
ps.popcash.net
1 KB
2 tryd.pro
tryd.pro
738 B
1 xml-ads.com
xml-ads.com
793 B
34 5
Domain Requested by
26 duckduckgo.com xml-ads.com
duckduckgo.com
6 core.royalads.net 3 redirects tryd.pro
ps.popcash.net
core.royalads.net
3 ps.popcash.net 2 redirects core.royalads.net
2 improving.duckduckgo.com duckduckgo.com
2 tryd.pro 1 redirects
1 xml-ads.com core.royalads.net
1 popcash.net 1 redirects
34 7

This site contains links to these domains. Also see Links.

Domain
spreadprivacy.com
donttrack.us
twitter.com
reddit.com
duckduckgo.merchmadeeasy.com
help.duckduckgo.com
Subject Issuer Validity Valid
*.duckduckgo.com
DigiCert SHA2 Secure Server CA		 2019-08-09 -
2020-10-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://duckduckgo.com/
Frame ID: B0F7B82465A646C721718A96B3AB7D3E
Requests: 34 HTTP requests in this frame

Frame: https://duckduckgo.com/post2.html
Frame ID: 03B71C093D323DDA95A4FBA8F8F8443D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd Page URL
  2. http://tryd.pro/ad/ad?p=216668&w=498903&t=0f5b84f955cb212a&r=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903 Page URL
  3. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Ftr... HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  4. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=514ce474951be070&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxh... HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
  5. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps... HTTP 302
    http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087 Page URL
  6. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fco... HTTP 302
    http://xml-ads.com/in.html Page URL
  7. https://duckduckgo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

34
Requests

82 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

421 kB
Transfer

1317 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd Page URL
  2. http://tryd.pro/ad/ad?p=216668&w=498903&t=0f5b84f955cb212a&r=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903 Page URL
  3. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903%3Fclickid%3D0c684930-797f-11ea-ad6c-128ede634dfd&scrw=1600&scrh=1200&nlc=1wsOpX7e5nWKijMh&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  4. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=514ce474951be070&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
  5. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087 Page URL
  6. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://xml-ads.com/in.html Page URL
  7. https://duckduckgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://tryd.pro/ad/ad?p=216668&w=498903&t=0f5b84f955cb212a&r=&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Request Chain 2
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903%3Fclickid%3D0c684930-797f-11ea-ad6c-128ede634dfd&scrw=1600&scrh=1200&nlc=1wsOpX7e5nWKijMh&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
  • http://popcash.net/world/go/79141/465699 HTTP 301
  • http://ps.popcash.net/go/79141/465699
Request Chain 3
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=514ce474951be070&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Request Chain 4
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
  • http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
Request Chain 5
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
  • http://xml-ads.com/in.html

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
498903
tryd.pro/go/216668/ 		426 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd
Protocol
HTTP/1.1
Server
3.92.99.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-99-136.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b2a8b58e3a804b70ebd60ca873ca6650d910a51e55b726628f1ac47f96e88de7

Request headers

Host
tryd.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 09 Apr 2020 12:45:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://tryd.pro/ad/ad?p=216668&w=498903&t=0f5b84f955cb212a&r=&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
995 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Requested by
Host: tryd.pro
URL: http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd
Protocol
HTTP/1.1
Server
151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
core.royalads.net
Software
nginx /
Resource Hash
dedc5a277394dbbe86feab02cd48cf2da9e2899db128e04ad74413d5eca83ab1

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tryd.pro/go/216668/498903?clickid=0c684930-797f-11ea-ad6c-128ede634dfd

Response headers

Server
nginx
Date
Thu, 09 Apr 2020 12:45:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=735;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Thu, 09 Apr 2020 12:45:57 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
465699
ps.popcash.net/go/79141/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F498903%3Fclickid%3D0c684930-797f-11ea-ad6c-128ede634dfd&scrw=1600&scrh=12...
  • http://popcash.net/world/go/79141/465699
  • http://ps.popcash.net/go/79141/465699
469 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/79141/465699
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Protocol
HTTP/1.1
Server
34.230.174.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-174-59.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d4b10594fbc1bb24aba141baf47a90ed11586436357
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903

Response headers

Date
Thu, 09 Apr 2020 12:45:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Thu, 09 Apr 2020 12:45:58 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=d4b10594fbc1bb24aba141baf47a90ed11586436357; expires=Sat, 09-May-20 12:45:57 GMT; path=/; domain=.popcash.net; HttpOnly; SameSite=Lax
Location
http://ps.popcash.net/go/79141/465699
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
581454053f476407-FRA
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=514ce474951be070&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
955 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/79141/465699
Protocol
HTTP/1.1
Server
151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
core.royalads.net
Software
nginx /
Resource Hash
ca4e72e2e3c9004b6f3416b606e16d28ebc28c909ffe671e911a0ca29b427acf

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ps.popcash.net/go/79141/465699
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ps.popcash.net/go/79141/465699

Response headers

Server
nginx
Date
Thu, 09 Apr 2020 12:46:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=236;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Thu, 09 Apr 2020 12:46:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexun...
  • http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
943 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Protocol
HTTP/1.1
Server
151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
core.royalads.net
Software
nginx /
Resource Hash
9eae49fdd62954d496799854e61a63e27a8fe97ba60344acd281bf974476d673

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
cflag=236; hash=68dd5cf9-6174-4559-b210-eb01692205a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

Response headers

Server
nginx
Date
Thu, 09 Apr 2020 12:46:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=236;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Thu, 09 Apr 2020 12:46:02 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
in.html
xml-ads.com/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nytzDpn&ven=&ver=&p=falsexundefined&iif=0
  • http://xml-ads.com/in.html
1 KB
793 B 		Document
General
Check archive.org
Download Go to
Full URL
http://xml-ads.com/in.html
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
Protocol
HTTP/1.1
Server
188.164.249.105 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ea881f51822534735bd2d19cd14b615ad8ca6659252ea5ee2178d8143173364

Request headers

Host
xml-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://core.royalads.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087

Response headers

Server
nginx
Date
Thu, 09 Apr 2020 12:44:08 GMT
Content-Type
text/html text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 09 Apr 2020 12:46:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://xml-ads.com/in.html
Cache-Control
no-cache
Primary Request /
duckduckgo.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/
Requested by
Host: xml-ads.com
URL: http://xml-ads.com/in.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d66231675a7f96cc6c9bbd33746e99f19e8a56096af2b20c42a482f618db1e90
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
duckduckgo.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://xml-ads.com/in.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://xml-ads.com/in.html

Response headers

status
200
server
nginx
date
Thu, 09 Apr 2020 12:46:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
etag
W/"5e8e0cf7-1531"
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-xss-protection
1;mode=block
x-content-type-options
nosniff
referrer-policy
origin
expect-ct
max-age=0
expires
Thu, 09 Apr 2020 12:46:01 GMT
cache-control
no-cache
content-encoding
br
s1885.css
duckduckgo.com/ 		187 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/s1885.css
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e56c43aab1676f22c26489a254913030463d827bb77c93ad57bbfea7e05f330c
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
37558
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Fri, 03 Apr 2020 20:44:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5e87a026-92b6"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
o1885.css
duckduckgo.com/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/o1885.css
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
25a02847dffab3be997a5c6042ab8fb79be41f3acb224aae63d910de96341003
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
3689
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Fri, 03 Apr 2020 20:44:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5e87a026-e69"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
l113.js
duckduckgo.com/lib/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/lib/l113.js
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cbf634d16f01aa151b30182aa76aab58d0a56cb57c3bb0796f601deae5b1609f
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
52917
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 06 Mar 2019 20:15:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5c802a6a-ceb5"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/x-javascript
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
duckduckgo14.js
duckduckgo.com/locale/en_US/ 		505 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/locale/en_US/duckduckgo14.js
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
790f083d45a4a716dbec546771888883690e58379526146fc429cf310df9a49f
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
282
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Mon, 10 Jun 2019 17:43:37 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5cfe96c9-11a"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/x-javascript
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
u437.js
duckduckgo.com/util/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/util/u437.js
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ae77a75b21364ccd35c1615dcf5850849214ce8ca05a7168a0c76781a985b4b9
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
25934
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Mon, 06 Apr 2020 18:42:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5e8b782a-654e"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/x-javascript
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
d2773.js
duckduckgo.com/ 		549 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/d2773.js
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a71827ae8d12e4a43f8b00d36830b0b6be63d40f29e201502d232af53932d065
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding, Accept-Encoding
content-length
117474
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Fri, 03 Apr 2020 20:44:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5e87a026-1cae2"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/x-javascript
cache-control
max-age=31536000
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
ProximaNova-Reg-webfont.woff
duckduckgo.com/font/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/font/ProximaNova-Reg-webfont.woff
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cb7723d2b3fec88ad5f70163043929a20c70391b1ad31b3fac279e438fd42e2d
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
Origin
https://duckduckgo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Tue, 24 Jan 2017 20:50:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5887be2f-5ce0"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/font-woff
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
logo_homepage.normal.v108.svg
duckduckgo.com/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/logo_homepage.normal.v108.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2cf6e05e04f305de66708f94f05a3f65ce113334451551cfccfa3c417cdddac9
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 06 Feb 2019 19:44:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5c5b3934-1296"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
ProximaNova-Sbold-webfont.woff
duckduckgo.com/font/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/font/ProximaNova-Sbold-webfont.woff
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9f7bceacd7105ae099827e515c7f4562b9d33898dba2cd000664fe62d7031b4a
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
Origin
https://duckduckgo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Tue, 24 Jan 2017 20:50:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5887be2f-5d5c"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/font-woff
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05ea6357028f2a0cbb71d3b59e64bb54ccd3b87f01e548b8146448422eb98080

Request headers

Origin
https://duckduckgo.com
Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
post2.html
duckduckgo.com/ Frame 03B7 		540 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/post2.html
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/d2773.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4aa4e6c44b36c12b6b0f694ea744b4fcfb64d5f5e7d88ca393ca766d5affe38b
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
duckduckgo.com
:scheme
https
:path
/post2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://duckduckgo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://duckduckgo.com/

Response headers

status
200
server
nginx
date
Thu, 09 Apr 2020 12:46:02 GMT
content-type
text/html; charset=UTF-8
last-modified
Tue, 24 Jan 2017 20:50:55 GMT
vary
Accept-Encoding
etag
W/"5887be2f-21c"
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-xss-protection
1;mode=block
x-content-type-options
nosniff
referrer-policy
origin
expect-ct
max-age=0
expires
Fri, 10 Apr 2020 12:46:02 GMT
cache-control
max-age=86400
x-duckduckgo-locale
en_US
content-encoding
br
logo_homepage_mobile.normal.v108.unoptimized.svg
duckduckgo.com/assets/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/logo_homepage_mobile.normal.v108.unoptimized.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8af5ecc83adcd30d52a675ef657ea48ea05803aa2c9f15ebc506cf2955636ac5
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Tue, 05 Mar 2019 19:26:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5c7ecd53-289d"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
install_arrow.svg
duckduckgo.com/assets/ 		1 KB
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/install_arrow.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0a75a8519cc22927259de5ea9f0e7facafc61c722332441ff7e459ee9d7b93a4
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Mon, 12 Feb 2018 22:05:18 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5a820f9e-4ea"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
ProximaNova-ExtraBold-webfont.woff
duckduckgo.com/font/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://duckduckgo.com/font/ProximaNova-ExtraBold-webfont.woff
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
896b497f10122e21ca02e140b34686b071db787208127ed31f2930882821b174
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
Origin
https://duckduckgo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Tue, 24 Oct 2017 20:32:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"59efa35a-6c20"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
application/font-woff
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
atbhi_chrome_v216-2
improving.duckduckgo.com/t/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://improving.duckduckgo.com/t/atbhi_chrome_v216-2?5561982&va=_&atbva=_&l=en_US&p=mac
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=0
x-duckduckgo-moreinfo
See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/atb/
content-length
43
x-xss-protection
1;mode=block
x-duckduckgo-locale
en_US
referrer-policy
origin
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Thu, 09 Apr 2020 12:46:01 GMT
background.svg
duckduckgo.com/assets/home/landing/ 		40 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/background.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4944cb60de5b53ac1e702014cff3e763363a198c59e8fe82acc671c3db480c45
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 18 Dec 2019 19:27:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfa7dba-9ff1"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
background-small.svg
duckduckgo.com/assets/home/landing/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/background-small.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5b51b14292512ccd55491bcb904510264a7d29e4ef1b26bce1eec9cbd08320e5
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 18 Dec 2019 19:27:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfa7dba-52ca"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
background-dark.svg
duckduckgo.com/assets/home/landing/ 		42 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/background-dark.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc3d24b1b341a013fab48df369ca74633e8b23403f4389bcc141926606a304ff
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 19 Dec 2019 19:01:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfbc920-a733"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
background-small-dark.svg
duckduckgo.com/assets/home/landing/ 		35 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/background-small-dark.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
67ca6b86633dfdff95a4ad329cb9b97ad4b9aa7ff5277a6ac5fe99347b5965c9
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 19 Dec 2019 19:01:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfbc920-8c24"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
box.svg
duckduckgo.com/assets/home/landing/icons/ 		1 KB
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/icons/box.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
34ee6869ed6ed26b47cd87673835a4de39164a6629344358bf53a8510718ba8f
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 18 Dec 2019 19:27:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfa7dba-4a9"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
browser.svg
duckduckgo.com/assets/home/landing/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/icons/browser.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6c7c23d0ad55e8462d8f68895ab4a5f88069b6879f87fba3f82cd5692a0d5648
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 18 Dec 2019 19:27:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfa7dba-8b3"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
shield.svg
duckduckgo.com/assets/home/landing/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/home/landing/icons/shield.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a280a2de9a75041eac595f31c35d85062770582839e6995b0d6867e7052cc96
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Wed, 18 Dec 2019 19:27:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5dfa7dba-64e"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
arrow.svg
duckduckgo.com/assets/onboarding/ 		427 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/onboarding/arrow.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
60afde70046cf7bb977d3e650f5d059266548d15e4c5d5329bab88ee0e45f482
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Tue, 24 Jan 2017 20:50:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5887be2e-1ab"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
1-monster-v2--pre-animation.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 		22 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/onboarding/bathroomguy/1-monster-v2--pre-animation.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
37cf726bf0e8c66e42e7aca3fb431030c6bdf05ce2acc6b89f79f1550196dc04
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 08 Jun 2017 15:33:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"59396e32-57cf"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
2-ghost-v2.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/onboarding/bathroomguy/2-ghost-v2.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
25c1b9804ee113bf441e25850924795e510944af3776b0d427ba1e54d67e9489
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 08 Jun 2017 15:33:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"59396e32-3c63"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
3-bathtub-v2--pre-animation.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/onboarding/bathroomguy/3-bathtub-v2--pre-animation.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b89e632378315023226521fecaf0941ed9844bbf95b0d94fb9668dd53fd53581
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 08 Jun 2017 15:33:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"59396e32-39f1"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
4-alpinist-v2.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 		22 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duckduckgo.com/assets/onboarding/bathroomguy/4-alpinist-v2.svg
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e40d43051c3fe2a697f8a19a83461e65ebc7ddec273e3cbc8f953ffbe30ee3df
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1;mode=block
referrer-policy
origin
last-modified
Thu, 08 Jun 2017 15:33:06 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"59396e32-5912"
expect-ct
max-age=0
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
max-age=31536000, public
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Fri, 09 Apr 2021 12:46:02 GMT
hi
improving.duckduckgo.com/t/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://improving.duckduckgo.com/t/hi?4503350&b=chrome&atbi=true&ei=true&i=false&d=d&l=en_US&p=mac&atb=v216-2&va=_&atbva=_
Requested by
Host: duckduckgo.com
URL: https://duckduckgo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.125.108.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-108-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Content-Security-Policy default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://duckduckgo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 09 Apr 2020 12:46:02 GMT
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=0
x-duckduckgo-moreinfo
See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/atb/
content-length
43
x-xss-protection
1;mode=block
x-duckduckgo-locale
en_US
referrer-policy
origin
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
content-security-policy
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires
Thu, 09 Apr 2020 12:46:01 GMT

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| settings_js_version string| locale function| sprintf object| locale_data object| locale_simple function| l_dry function| l_dir function| l_lang function| ltd function| ln function| lp function| lnp function| ld function| ldn function| ldp function| ldnp object| Handlebars object| html5 object| Modernizr function| $ function| jQuery function| EventEmitter2 function| decodeURIComponentSafe function| relativeDate function| tinycolor object| polyline function| Gettext object| DDG boolean| SM2_DEFER object| d object| w undefined| cd number| dz number| da number| fk number| fb number| fs undefined| fm number| fe number| fl number| fo number| fa number| fn number| fq number| fz undefined| ie undefined| io undefined| ir undefined| is undefined| ga undefined| gd undefined| rc undefined| rd undefined| rs object| rsd number| rdc number| rsc number| rtc number| rii number| rin undefined| rir undefined| rl undefined| rp object| reb number| rebc number| sx number| sy number| tl number| tlz number| tac object| tr object| ts number| tn number| tsl number| tz function| nir string| kurl number| is_mobile undefined| dow undefined| iosx number| slo function| ncku function| nckd function| ncf function| ncg function| nis function| nkda function| nkua function| nke function| nko function| nkt function| nkd function| nkn function| nkm function| nksb function| nks function| nkdc function| nkdm function| nkdt function| nkds function| nkf string| mousewheelevt function| nkw function| nrv function| nro function| nrs function| sendCount function| nrj function| nrc function| nrg function| nrl function| nrrel function| nrb function| nrm function| appendAdClass function| nrn function| nsr function| nul function| nutp function| nua function| nug function| nun function| iframeOpen function| openBlankWindow function| getLinkType function| adOrOrganicClick function| organicClick function| adClick number| iadt number| iad3 number| iad2 number| iad number| ieof number| fmy number| fmx number| daia number| daiq number| dam number| il number| irl number| rpc boolean| is_retina number| viewport_width number| viewport_height number| is_mobile_device string| k0 string| k1 string| k2 string| k3 string| k4 string| k5 string| k6 string| k7 string| k8 string| k9 string| ka string| kaa string| kb string| kab string| kc string| kac string| kd string| kad string| ke string| kae string| kf string| kaf string| kg string| kag string| kh string| kah string| ki string| kai string| kj string| kaj string| kk string| kak string| kl string| kal string| km string| kam string| kn string| kan string| ko string| kao string| kp string| kap string| kq string| kaq string| kr string| kar string| ks string| kas string| kt string| kat string| ku string| kau string| kv string| kav string| kw string| kaw string| kx string| kax string| ky string| kay string| kz string| kaz string| k10 string| k11 string| k12 string| k13 string| k14 string| k15 string| k16 string| k17 string| k18 string| k19 string| k20 string| k21 object| err object| errm function| seterr string| t string| objectKey

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

core.royalads.net
duckduckgo.com
improving.duckduckgo.com
popcash.net
ps.popcash.net
tryd.pro
xml-ads.com
151.80.221.9
188.164.249.105
2606:4700:20::681a:3bc
3.92.99.136
34.230.174.59
79.125.108.59
05ea6357028f2a0cbb71d3b59e64bb54ccd3b87f01e548b8146448422eb98080
0a75a8519cc22927259de5ea9f0e7facafc61c722332441ff7e459ee9d7b93a4
1ea881f51822534735bd2d19cd14b615ad8ca6659252ea5ee2178d8143173364
25a02847dffab3be997a5c6042ab8fb79be41f3acb224aae63d910de96341003
25c1b9804ee113bf441e25850924795e510944af3776b0d427ba1e54d67e9489
2cf6e05e04f305de66708f94f05a3f65ce113334451551cfccfa3c417cdddac9
34ee6869ed6ed26b47cd87673835a4de39164a6629344358bf53a8510718ba8f
37cf726bf0e8c66e42e7aca3fb431030c6bdf05ce2acc6b89f79f1550196dc04
4944cb60de5b53ac1e702014cff3e763363a198c59e8fe82acc671c3db480c45
4aa4e6c44b36c12b6b0f694ea744b4fcfb64d5f5e7d88ca393ca766d5affe38b
5b51b14292512ccd55491bcb904510264a7d29e4ef1b26bce1eec9cbd08320e5
60afde70046cf7bb977d3e650f5d059266548d15e4c5d5329bab88ee0e45f482
67ca6b86633dfdff95a4ad329cb9b97ad4b9aa7ff5277a6ac5fe99347b5965c9
6c7c23d0ad55e8462d8f68895ab4a5f88069b6879f87fba3f82cd5692a0d5648
790f083d45a4a716dbec546771888883690e58379526146fc429cf310df9a49f
7a280a2de9a75041eac595f31c35d85062770582839e6995b0d6867e7052cc96
896b497f10122e21ca02e140b34686b071db787208127ed31f2930882821b174
8af5ecc83adcd30d52a675ef657ea48ea05803aa2c9f15ebc506cf2955636ac5
9eae49fdd62954d496799854e61a63e27a8fe97ba60344acd281bf974476d673
9f7bceacd7105ae099827e515c7f4562b9d33898dba2cd000664fe62d7031b4a
a71827ae8d12e4a43f8b00d36830b0b6be63d40f29e201502d232af53932d065
ae77a75b21364ccd35c1615dcf5850849214ce8ca05a7168a0c76781a985b4b9
b2a8b58e3a804b70ebd60ca873ca6650d910a51e55b726628f1ac47f96e88de7
b89e632378315023226521fecaf0941ed9844bbf95b0d94fb9668dd53fd53581
bc3d24b1b341a013fab48df369ca74633e8b23403f4389bcc141926606a304ff
ca4e72e2e3c9004b6f3416b606e16d28ebc28c909ffe671e911a0ca29b427acf
cb7723d2b3fec88ad5f70163043929a20c70391b1ad31b3fac279e438fd42e2d
cbf634d16f01aa151b30182aa76aab58d0a56cb57c3bb0796f601deae5b1609f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d66231675a7f96cc6c9bbd33746e99f19e8a56096af2b20c42a482f618db1e90
dedc5a277394dbbe86feab02cd48cf2da9e2899db128e04ad74413d5eca83ab1
e40d43051c3fe2a697f8a19a83461e65ebc7ddec273e3cbc8f953ffbe30ee3df
e56c43aab1676f22c26489a254913030463d827bb77c93ad57bbfea7e05f330c