osqa-ask.wireshark.org Open in urlscan Pro
2606:4700:20::ac43:4b27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Submission: On November 10 via api (November 10th 2021, 6:00:40 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2606:4700:20::ac43:4b27, located in United States and belongs to CLOUDFLARENET, US. The main domain is osqa-ask.wireshark.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2021. Valid for: a year.

This is the only time osqa-ask.wireshark.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:20:... 2606:4700:20::ac43:4b27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	40.114.177.156 40.114.177.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	3

6 2606:4700:20::ac43:4b27 (United States)

ASN13335 (CLOUDFLARENET, US)

osqa-ask.wireshark.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.114.177.156 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	wireshark.org osqa-ask.wireshark.org	30 KB
3	duckduckgo.com duckduckgo.com	27 KB
3	gravatar.com secure.gravatar.com	4 KB
12	3

	Domain	Requested by
6	osqa-ask.wireshark.org	osqa-ask.wireshark.org
3	duckduckgo.com	osqa-ask.wireshark.org duckduckgo.com
3	secure.gravatar.com	osqa-ask.wireshark.org
12	3

This site contains links to these domains. Also see Links.

Domain
ask.wireshark.org
www.cloudshark.org
web.archive.org
creativecommons.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-02` - `2022-11-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Frame ID: C018E951689B9B241A7AD4475DE86094
Requests: 9 HTTP requests in this frame

Frame: https://duckduckgo.com/search.html?site=osqa-ask.wireshark.org&prefill=Search%20questions%20using%20DuckDuckGo&focus=yes
Frame ID: DCBA1DD60F9A8C0057935B2E117A8495
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wireshark Q&A

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

61 kB
Transfer

127 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ask.wireshark.org/
Title: ask.wireshark.org

Search URL Search Domain Scan URL

URL: http://www.cloudshark.org/
Title: http://www.cloudshark.org

Search URL Search Domain Scan URL

URL: http://www.cloudshark.org/captures/67e2d1911ecd
Title: http://www.cloudshark.org/captures/67e2d1911ecd

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20120502005508/http://creativecommons.org/licenses/by-sa/3.0/

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-sa/3.0/legalcode
Title: Creative Commons Attribution Share Alike 3.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/ 16 KB
5 KB 218ms
189ms Document
text/html 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1be3d226c1a384555dc369707f166c20c4442171aefb4d1346e1034a592470d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
content-type: text/html
last-modified: Mon, 09 Aug 2021 23:13:56 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0Ht%2F4aOsV7LHPIebfextlRe2SpWab6KIeaTW9RvC3OBU5dprd6phcPNQJA5j6i0IJwAiVAFJ30OP3fHqFtQdY5amA%2FlD1flqNmR%2BroGYokrTjLjUiyn3KdzU%2FMgnNoTN%2FjKjirB6yZajehj1C5XjDv2Gwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac12e6afba34ed4-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
osqa-ask.wireshark.org/css/ 24 KB
6 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osqa-ask.wireshark.org/css/style.css
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b290a908a09b8c2ed9d6b26011e8bf74c34937236b3e14866785cd09f5c8106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6585
cf-polished: origSize=33893
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 09 Aug 2021 23:13:12 GMT
server: cloudflare
etag: W/"6111b688-8465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUGHXxtVwapcDwC1Z1khgTIy63pBzvy2Ycqh4bSvlpwg2f5w0EVVlC4OVLdMhHaQZjRNx6AHgK2zpPuXnd9bW6hNlcv7s1nuv%2BFVYhF%2FeM4jRLsa7k8eYhxl8pHFT1QYKIPrNTzQs14s7gc0%2BUkUUYhQFJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6ac12e6c5e454ed4-FRA
cf-bgj: minify

GET
H2 200 wsbadge@186x57.png
osqa-ask.wireshark.org/upfiles/ 11 KB
11 KB 22ms
22ms Image
image/png 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://osqa-ask.wireshark.org/upfiles/wsbadge@186x57.png
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9595f9abd2aa4d24b14e872b5f0d62e760593a0c603f512af74f93deba2b3c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11240
last-modified: Mon, 09 Aug 2021 23:13:14 GMT
server: cloudflare
etag: "6111b68a-2be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FREUz9OEST%2F7V5OlFHxDRUGix9WXbhxLtxoSLX%2BPx39mIi7xEUldOdM4122aixTiHluStddSwLS93U6jUXk51XBHH9QAU4z%2FYc4hWrTigCzMbrGuSz5WbVc0UstfiNU7yJ7aSM9bta6LuZDOlF%2BJlJMRpO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ac12e6c5e474ed4-FRA

GET
H2 200 9671ca387ae90de65e7436a376ee7e70
secure.gravatar.com/avatar/ 1 KB
1 KB 25ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/9671ca387ae90de65e7436a376ee7e70?s=32&d=identicon&r=g
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 55af6c6a07fae3b3f5048c7086f88755d224109cb9314e4ed4fbfd80f118c3da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 10 Nov 2021 18:00:36 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/9671ca387ae90de65e7436a376ee7e70?s=32&d=identicon&r=g>; rel="canonical"
content-length: 1148
expires: Wed, 10 Nov 2021 18:05:36 GMT

GET
H2 200 c578ba2967741f25aebd6afef702f432
secure.gravatar.com/avatar/ 1 KB
2 KB 25ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c578ba2967741f25aebd6afef702f432?s=32&d=identicon&r=g
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e444e47e7e2ca38d302ab5dfc9becc6382ba9c718d517b70dbff7fa66c5b157

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 10 Nov 2021 18:00:36 GMT
last-modified: Mon, 21 Jan 2013 19:23:35 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c578ba2967741f25aebd6afef702f432.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c578ba2967741f25aebd6afef702f432?s=32&d=identicon&r=g>; rel="canonical"
content-length: 1288
expires: Wed, 10 Nov 2021 18:05:36 GMT

GET
H2 200 ba7d962e8a01fefdcb80250238a1d9b4
secure.gravatar.com/avatar/ 1 KB
2 KB 25ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/ba7d962e8a01fefdcb80250238a1d9b4?s=32&d=identicon&r=g
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cb21117a79ffbab914c8cbc3a444a8e15c07fd96f8b87dd11765c79dc2bbb349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 10 Nov 2021 18:00:36 GMT
last-modified: Sat, 04 Apr 2015 23:46:47 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ba7d962e8a01fefdcb80250238a1d9b4.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ba7d962e8a01fefdcb80250238a1d9b4?s=32&d=identicon&r=g>; rel="canonical"
content-length: 1349
expires: Wed, 10 Nov 2021 18:05:36 GMT

GET
H2 200 by-sa.svg
osqa-ask.wireshark.org/images/ 16 KB
6 KB 26ms
26ms Image
image/svg+xml 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://osqa-ask.wireshark.org/images/by-sa.svg
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563ad4d85acbbe874a6e18c09f5ade965a38f19940d4a8245effcd915138b7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Aug 2021 23:13:12 GMT
server: cloudflare
age: 6585
etag: W/"6111b688-404e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3st9JOAYD1URZ7goNn6iUdFi03FT6VklFEQ%2FArdnLHIqCmqqmeojmrDLczyDisQ3HlzvD918WymoC8snBIA3OVbajmkFArJ%2FVSKKl6iyDEGmBi7qQg7Vb3c7greYyaUUCHTmNr%2BO2h%2FzImOgXVue9C4WgeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac12e6c5e4b4ed4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 search.html Show response
duckduckgo.com/ Frame DCBA 49 KB
18 KB 57ms
13ms Document
text/html 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/search.html?site=osqa-ask.wireshark.org&prefill=Search%20questions%20using%20DuckDuckGo&focus=yes

Requested by

Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/questions/29216/why-are-duplicate-tcp-acks-being-seen-in-wireshark-capture/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

f74c25c712fedd490ecb77d5fefbcd9ed8ca12ecc4a9a3edde8dcd51497a80b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/

Response headers

server: nginx
date: Wed, 10 Nov 2021 18:00:36 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 10 Nov 2021 17:33:12 GMT
vary: Accept-Encoding
etag: W/"618c0258-c2be"
strict-transport-security: max-age=31536000
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors * ; base-uri 'self' ; block-all-mixed-content ;
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: origin
expect-ct: max-age=0
expires: Thu, 11 Nov 2021 18:00:36 GMT
cache-control: max-age=86400
x-duckduckgo-locale: de_DE
content-encoding: br

GET
H2 200 vote-favorite-off.png
osqa-ask.wireshark.org/images/ 930 B
1 KB 17ms
17ms Image
image/png 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://osqa-ask.wireshark.org/images/vote-favorite-off.png
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffddd6cc26e7efd7463bd533f12f5e89c89678b65ffe4a521e3ea11ebfa2fa9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 930
last-modified: Mon, 09 Aug 2021 23:13:12 GMT
server: cloudflare
etag: "6111b688-3a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKythPDaWTzNxdflIQYWUV1Q%2FoqgrEFJYujlIaeJdiBXbXj%2FABV8qoq8gzSaN2ydKuP4G4pNnF%2B%2Fmse8YndOtZ7Q3vAOVS4kbJp5NyPxkdZbuGtksm4KT1Zut%2B8fqcZpxFyvjpXp0G%2FUgCM9CB1KwSr8%2BH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ac12e6c8eaf4ed4-FRA

GET
H2 200 dot-list.gif
osqa-ask.wireshark.org/images/ 56 B
375 B 25ms
25ms Image
image/gif 2606:4700:20::ac43:4b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://osqa-ask.wireshark.org/images/dot-list.gif
Requested by: Host: osqa-ask.wireshark.org
URL: https://osqa-ask.wireshark.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b430be02756916e027abbef7ae9244b0b6af5761e5f70f11939b78affac5e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://osqa-ask.wireshark.org/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56
last-modified: Mon, 09 Aug 2021 23:13:12 GMT
server: cloudflare
etag: "6111b688-38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jLnEOy%2Bv0T%2BYJYaTfftN3KjHwoptMX22BUaIe2osuWxy0xexLbHTwrIHqMCOsy4FMiW6Y1xlCaNyxvn8fqIIZqspiNol9M7CXtZpBQXSVHCuKeu3zxyRBv%2FvAmDqypbVwWl6UO%2B0E%2BwF2oEcqKFk23%2Fz1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ac12e6c8eb44ed4-FRA

GET
H2 200 logo_icon60.v101.png
duckduckgo.com/assets/ Frame DCBA 3 KB
4 KB 13ms
13ms Image
image/png 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/logo_icon60.v101.png

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/search.html?site=osqa-ask.wireshark.org&prefill=Search%20questions%20using%20DuckDuckGo&focus=yes

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

081b37efbf0d58fd65657e2cfc7f4826a44ff344e5ab5cfb5c6d0515d11ef5ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
x-content-type-options: nosniff
content-length: 2671
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 26 Mar 2021 02:22:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "605d4564-a6f"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=31536000, public
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
accept-ranges: bytes
expires: Thu, 10 Nov 2022 18:00:36 GMT

GET
H2 200 search_dropdown_homepage.v102.png
duckduckgo.com/assets/ Frame DCBA 3 KB
5 KB 14ms
14ms Image
image/png 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/search_dropdown_homepage.v102.png

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/search.html?site=osqa-ask.wireshark.org&prefill=Search%20questions%20using%20DuckDuckGo&focus=yes

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

2c6be53c81f3be784a0e852857fd88ab798d9efa73fdd48f0efd7d5e3d7bb5ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://duckduckgo.com/search.html?site=osqa-ask.wireshark.org&prefill=Search%20questions%20using%20DuckDuckGo&focus=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:36 GMT
x-content-type-options: nosniff
content-length: 3074
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 26 Mar 2021 02:22:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "605d4564-c02"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=31536000, public
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://3g2upl4pq6kufc4m.onion/ https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
accept-ranges: bytes
expires: Thu, 10 Nov 2022 18:00:36 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duckduckgo.com
osqa-ask.wireshark.org
secure.gravatar.com
2606:4700:20::ac43:4b27
2a04:fa87:fffe::c000:4902
40.114.177.156
081b37efbf0d58fd65657e2cfc7f4826a44ff344e5ab5cfb5c6d0515d11ef5ac
2c6be53c81f3be784a0e852857fd88ab798d9efa73fdd48f0efd7d5e3d7bb5ed
3e444e47e7e2ca38d302ab5dfc9becc6382ba9c718d517b70dbff7fa66c5b157
55af6c6a07fae3b3f5048c7086f88755d224109cb9314e4ed4fbfd80f118c3da
563ad4d85acbbe874a6e18c09f5ade965a38f19940d4a8245effcd915138b7eb
6b430be02756916e027abbef7ae9244b0b6af5761e5f70f11939b78affac5e69
7b290a908a09b8c2ed9d6b26011e8bf74c34937236b3e14866785cd09f5c8106
b9595f9abd2aa4d24b14e872b5f0d62e760593a0c603f512af74f93deba2b3c2
cb21117a79ffbab914c8cbc3a444a8e15c07fd96f8b87dd11765c79dc2bbb349
e1be3d226c1a384555dc369707f166c20c4442171aefb4d1346e1034a592470d
f74c25c712fedd490ecb77d5fefbcd9ed8ca12ecc4a9a3edde8dcd51497a80b5
ffddd6cc26e7efd7463bd533f12f5e89c89678b65ffe4a521e3ea11ebfa2fa9b

osqa-ask.wireshark.org Open in urlscan Pro 2606:4700:20::ac43:4b27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

61 kBTransfer

127 kBSize

0 Cookies

5 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

osqa-ask.wireshark.org Open in urlscan Pro
2606:4700:20::ac43:4b27 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

61 kB
Transfer

127 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions