duckduckgo.com Open in urlscan Pro
52.213.95.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/Im6akwtJfG
Effective URL:
https://duckduckgo.com/
Submission: On April 02 via manual (April 2nd 2020, 6:45:56 pm UTC) from US

Summary HTTP 38 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 38 HTTP transactions. The main IP is 52.213.95.108, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is duckduckgo.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 9th 2019. Valid for: a year.

This is the only time duckduckgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 3	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
1 3	198.143.165.221 198.143.165.221	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	104.24.121.206 104.24.121.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.236.172.182 54.236.172.182	14618 (AMAZON-AES) (AMAZON-AES)
3 6	151.80.221.9 151.80.221.9	16276 (OVH) (OVH)
1 1	2606:4700:20:... 2606:4700:20::681a:3bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.230.174.59 34.230.174.59	14618 (AMAZON-AES) (AMAZON-AES)
1	188.164.249.105 188.164.249.105	35415 (WEBZILLA) (WEBZILLA)
25	52.213.95.108 52.213.95.108	16509 (AMAZON-02) (AMAZON-02)
38	10

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

klm.tmediatower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.vultow.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.221 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

go.fastlanes.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.24.121.206 (United States)

ASN13335 (CLOUDFLARENET, US)

yltenim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.172.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-172-182.compute-1.amazonaws.com

tryd.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.80.221.9 (Netherlands) 3 redirects

ASN16276 (OVH, FR)
PTR: core.royalads.net

core.royalads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:3bc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.230.174.59 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-174-59.compute-1.amazonaws.com

ps.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.164.249.105 (Netherlands)

ASN35415 (WEBZILLA, NL)

xml-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.213.95.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
improving.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	duckduckgo.com duckduckgo.com improving.duckduckgo.com	402 KB
6	royalads.net 3 redirects core.royalads.net	3 KB
4	popcash.net 3 redirects popcash.net ps.popcash.net	1 KB
3	fastlanes.info 1 redirects go.fastlanes.info	5 KB
2	tryd.pro tryd.pro Failed	777 B
2	vultow.icu go.vultow.icu	1 KB
1	xml-ads.com xml-ads.com	793 B
1	yltenim.com yltenim.com	4 KB
1	tmediatower.com 1 redirects klm.tmediatower.com	1 KB
1	t.co t.co	512 B
38	10

	Domain	Requested by
23	duckduckgo.com	xml-ads.com duckduckgo.com
6	core.royalads.net	3 redirects tryd.pro ps.popcash.net core.royalads.net
3	ps.popcash.net	2 redirects core.royalads.net
3	go.fastlanes.info	1 redirects go.vultow.icu go.fastlanes.info
2	improving.duckduckgo.com	duckduckgo.com
2	tryd.pro	yltenim.com
2	go.vultow.icu	t.co go.vultow.icu
1	xml-ads.com	core.royalads.net
1	popcash.net	1 redirects
1	yltenim.com	go.fastlanes.info
1	klm.tmediatower.com	1 redirects
1	t.co
38	12

This site contains links to these domains. Also see Links.

Domain
spreadprivacy.com
donttrack.us
twitter.com
reddit.com
duckduckgo.merchmadeeasy.com
help.duckduckgo.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
go.fastlanes.info Let's Encrypt Authority X3	`2020-03-02` - `2020-05-31`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-21` - `2020-10-09`	8 months	crt.sh
*.duckduckgo.com DigiCert SHA2 Secure Server CA	`2019-08-09` - `2020-10-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://duckduckgo.com/
Frame ID: 5AEB9094AD0B3B3F62E9706B5F396C2F
Requests: 38 HTTP requests in this frame

Frame: https://duckduckgo.com/post2.html
Frame ID: F4ADDC9A282B50C504CCEF764D66A855
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/Im6akwtJfG Page URL
http://klm.tmediatower.com/c/3dfbc213b284555a?s=402&d= HTTP 302
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9n... Page URL
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9n... Page URL
https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709 Page URL
https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://go.fastlanes.info/proc.php?6d52cb1dd0c9bd5f20f10d305fd64fc83018f466 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_... Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=fc2439973e652818&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmN... HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftr... HTTP 302
http://popcash.net/world/go/79141/465699 HTTP 301
http://ps.popcash.net/go/79141/465699 Page URL
http://ps.popcash.net/ad/ad?p=79141&w=465699&t=1252bd0e8c9a2bdc&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxh... HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps... HTTP 302
http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fco... HTTP 302
http://xml-ads.com/in.html Page URL
https://duckduckgo.com/ Page URL

Page Statistics

38
Requests

76 %
HTTPS

20 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

428 kB
Transfer

1329 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://spreadprivacy.com/tag/device-privacy-tips/

Search URL Search Domain Scan URL

URL: https://donttrack.us/

Search URL Search Domain Scan URL

URL: https://twitter.com/duckduckgo
Title: Twitter

Search URL Search Domain Scan URL

URL: https://reddit.com/r/duckduckgo
Title: Reddit

Search URL Search Domain Scan URL

URL: https://spreadprivacy.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://duckduckgo.merchmadeeasy.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://help.duckduckgo.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://twitter.com/?status=DuckDuckGo%20is%20my%20search%20engine%20of%20choice.%20%23ComeToTheDuckSide%20-%20we%20have%20privacy.%20https%3A%2F%2Fduckduckgo.com%2F%231
Title: Tweet #ComeToTheDuckSide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/Im6akwtJfG Page URL
http://klm.tmediatower.com/c/3dfbc213b284555a?s=402&d= HTTP 302
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp Page URL
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_final Page URL
https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709 Page URL
https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
https://go.fastlanes.info/proc.php?6d52cb1dd0c9bd5f20f10d305fd64fc83018f466 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415 Page URL
http://tryd.pro/go/216668/456926 Page URL
http://tryd.pro/ad/ad?p=216668&w=456926&t=fc2439973e652818&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4V5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://popcash.net/world/go/79141/465699 HTTP 301
http://ps.popcash.net/go/79141/465699 Page URL
http://ps.popcash.net/ad/ad?p=79141&w=465699&t=1252bd0e8c9a2bdc&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087 Page URL
http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://xml-ads.com/in.html Page URL
https://duckduckgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://klm.tmediatower.com/c/3dfbc213b284555a?s=402&d= HTTP 302
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp

Request Chain 5

https://go.fastlanes.info/proc.php?6d52cb1dd0c9bd5f20f10d305fd64fc83018f466 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415

Request Chain 8

http://tryd.pro/ad/ad?p=216668&w=456926&t=fc2439973e652818&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

Request Chain 9

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4V5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://popcash.net/world/go/79141/465699 HTTP 301
http://ps.popcash.net/go/79141/465699

Request Chain 10

http://ps.popcash.net/ad/ad?p=79141&w=465699&t=1252bd0e8c9a2bdc&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

Request Chain 11

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087

Request Chain 12

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
http://xml-ads.com/in.html

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Im6akwtJfG Show response
t.co/ 365 B
512 B 139ms
139ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/Im6akwtJfG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c51f7c5b739404b36767103bb13d819136fcd6225f6c539f533e13a278d46eef

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /Im6akwtJfG
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 231
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Thu, 02 Apr 2020 18:45:38 GMT
expires: Thu, 02 Apr 2020 18:50:38 GMT
referrer-policy: unsafe-url
server: tsa_o
set-cookie: muc=9055374f-fb65-4b1b-be94-400611b16421; Max-Age=63072000; Expires=Sat, 2 Apr 2022 18:45:38 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: cd1b25df17a9af3b6dfc43a1f349676a
x-response-time: 114
x-xss-protection: 0

GET
H/1.1

200
OK

index Show response
go.vultow.icu/redirect/
Redirect Chain

http://klm.tmediatower.com/c/3dfbc213b284555a?s=402&d=
http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&actio...

608 B
764 B

969ms
31ms

Document
text/html

2a05:d018:244:5200::ab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp
Requested by: Host: t.co
URL: https://t.co/Im6akwtJfG
Protocol: HTTP/1.1
Server: 2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c4a4f45ce9a0903d4f1ebe240a8d7a7f19753dcf54988cf3ea373ab1b4d8883

Request headers

Host: go.vultow.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://t.co/Im6akwtJfG
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://t.co/Im6akwtJfG

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 608
Connection: keep-alive

Redirect headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp
Set-Cookie: unique_2778111=unique_2778111; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e8632d286cec033928267; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly unique_2778111=unique_2778111; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e8632d286cec033928267; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=514098; expires=Sat, 02-May-2020 18:45:38 GMT; Max-Age=2592000; path=/; HttpOnly unique_2778111=unique_2778111; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5e8632d286cec033928267; expires=Fri, 03-Apr-2020 18:45:38 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=514098; expires=Sat, 02-May-2020 18:45:38 GMT; Max-Age=2592000; path=/; HttpOnly tid=qurjb5e8632d286ce5423861888; path=/; HttpOnly
Status: 302 Found

GET
H/1.1 200
OK index Show response
go.vultow.icu/redirect/ 382 B
538 B 32ms
31ms Document
text/html 2a05:d018:244:5200::ab
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_final
Requested by: Host: go.vultow.icu
URL: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp
Protocol: HTTP/1.1
Server: 2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 99722c8c5d74d7b071a12dccf9bf83b687bebf15359750ee8c0ea3b5b087ee9b

Request headers

Host: go.vultow.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_tmp

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 382
Connection: keep-alive

GET
H2 200 / Show response
go.fastlanes.info/ 3 KB
2 KB 362ms
113ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709

Requested by

Host: go.vultow.icu
URL: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_final

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

61850494026292adfc3d0242e101f712b04e03a0b704aaea0cc167e16bed89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: go.fastlanes.info
:scheme: https
:path: /?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_final
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://go.vultow.icu/redirect/index?type=meta&to=aHR0cDovL2dvLnZ1bHRvdy5pY3U%3D&data=aHR0cHM6Ly9nby5mYXN0bGFuZXMuaW5mby8%2FdXRtX21lZGl1bT0wMTJhYTZkZGEyNDFiYjZkOGI1OTY0NzgxZWU3ODc0NzhlNjA1NzA5&action=action_final

Response headers

status: 200
server: nginx
date: Thu, 02 Apr 2020 18:45:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=83aa864411c3a70fd98e9a701a169784; expires=Fri, 02-Apr-2021 18:45:39 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
go.fastlanes.info/ 9 KB
3 KB 136ms
136ms Document
text/html 198.143.165.221
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e

Requested by

Host: go.fastlanes.info
URL: https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

2ac272305bb625a9a1aeb18379c482a3b261e490aaf144f4afdd1ce426e1f34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: go.fastlanes.info
:scheme: https
:path: /?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=83aa864411c3a70fd98e9a701a169784
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://go.fastlanes.info/?utm_medium=012aa6dda241bb6d8b5964781ee787478e605709

Response headers

status: 200
server: nginx
date: Thu, 02 Apr 2020 18:45:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_ Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

https://go.fastlanes.info/proc.php?6d52cb1dd0c9bd5f20f10d305fd64fc83018f466
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415

4 KB
4 KB

154ms
91ms

Document
text/html

104.24.121.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415
Requested by: Host: go.fastlanes.info
URL: https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.121.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4f9d3effedd4258de97194601c68471c26780616e3348b5823ef6a14dc8432

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://go.fastlanes.info/?utm_term=6811187368280720098&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e#

Response headers

status: 200
date: Thu, 02 Apr 2020 18:45:40 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dc69ad7bc33ef0ce338c48addd854d0411585853140; expires=Sat, 02-May-20 18:45:40 GMT; path=/; domain=.yltenim.com; HttpOnly; SameSite=Lax TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=979180ef89b6c5702e7bcb5e0a614891_1585853140.3509; domain=yltenim.com; path=/; expires=Sun, 31-Mar-2030 18:45:40 UTC b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1585853140.3538; domain=yltenim.com; path=/; expires=Sun, 31-Mar-2030 18:45:40 UTC vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UlFrcXNKZHFwOXBpMWRsczQydURlakgyK3VZdDNhVVhZeFhtVy9sMUJsMw%3D%3D; domain=yltenim.com; path=/; expires=Sun, 31-Mar-2030 18:45:40 UTC 979180ef89b6c5702e7bcb5e0a614891_1585853140.3509_ck=N3hQZmdab3cweW53akh4UnJQSEhNREtMZk9YOWtBaEdJZy95RTdSRi9rb1RUd0VQRWZOSHFETEZvQWNBSUZmQi9LVS9sNDVWNVdsWWlzVThLWWV0TkZQTEZMWjZMZkdNMHk3YkZKOHp5ZGFKeldWNUROckJKaDRJVDBRam5sQjlBNDk2a2J1VmtWN01ndzF6WVY0dS96aGd1R1d3K1ZVMThIOStFNm1ZUmUvdFFXcEY2VkhHdDJvOGQ2OVBxKytSQzFxMVdvRUJsQzhjaG1IUU9ZMVdLVHVlN0NDenliajVVYmo3dnRCOVgxN2FtaEVHZzhvQzNaaUR4TmVzWm9ObndHdU91bFJ3ckcxY0prbUhsYjIrRTVsL05vZ0ZRMVVoU3pDRHpDV2NnbU5lcW0ySGVaekU3YWpRc3JJSW1pUkF5NHYwM0tMRi9pUGdkVDIrNkNzMWxYVEhrblNJTDdObmhCL3Jtdk1seWRySUlQZ0JoUTByZEdHbXRCK2ZIeHpnOFh3YW5DNjBVUys2eDh1dzVtNmhtaUFWK3pOS0NNeWlWbU5GTlhPdkFsd0V6UGRNcWUrb3V6WGJFT2FtWlpKSWltTVkrMUpKcXliYzMxbFFWQVZvR1preWhZYTVaVlV1a0haQ2hUaGl6MStIUWRLbXZCbzArbmd5UDBUZXRiOE5YODFyRndXUEFiRkM2T09WdFdkWDRVZ0VEQ2tQR2dVRk5yTXBXZ0lsZGNkZXkwTENnUW8va1BuWnU1VVF5SlhHcDYrakRjK2VuRVVHVkFyWk80T2s4cjRZYUdxaVNKR3VPQjI1THJ1a0pnVDVBNDRNbWtSVVBLcVFQYjh3MlB2NW44c1BVTnNzamNubTEzU0xVbDZ3YnRkdk5sa3RTeUkvV1Rvb2kxOVBVcWVXSkFMWGJsb2ZwYjcyS0NKSGxCdTlsMXhaWmVJN1dMbFlUSld6RU9BbjMyQng1UDg4bnNadnRoQ1d6UEdKa0o5c0xrbFdmSWFvU0JWdXJ6cE05OUFRUVBCT2tDZnovVkxlRG9QUzNmeE8zaHdldUZvUUtTQUFVckxiVkpXV0lIZE5wckZ3b05hdTlla0kvWURZalc3Z2lrMk1TUXVGRmxMVmhMNm9hRU5sejJibzJkZnB2ajVtTS9NV21YMVRkeUd3a0RkdjZHT05nMzF3RUJxb1JsdHFRaXVDbHJnQzUvUHlVOGtUb3djL2xJVnBjOVg1VVdNTVNmMG9NWXBzMnF6MktncFJydmVncnRpVjRnY2MyRlAwRmc1Z0JaVkg2cFFGUVlGUUd5MkZSWmtYZVRvNDdlTGl1MzBWQ3UrWHZYbW5tTmE3ZTJLemdqMnVsVWxXcVgrdUFtMGl1VklQNlBmUkdiWStGYVBnUWJyeE9CVEFTb2ROV0RDaGRxSzdIcThxYTZNWEkvNDZaM0VpckNOdkhyUHdJekRMN1pLNXNoZUQ2aGZnbHlESUkrQWFCUEVSSFdMbmF5NU5kMzZ3Z0FTQ25kd3ozajNzeThpeW5Wcm1lUzNLbkQ5aGhxSGFOcjdKdkFqRjZkd3hYa0lDdEtXZjJYd2xoOVMvR1NqQXpHMD0%3D; domain=yltenim.com; path=/; expires=Sun, 31-Mar-2030 18:45:40 UTC f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=ejdWUURQSEZJN2JVbVQ2cWVqUEhBMnBJYzZMQlM1YTd3ZUI2MlFCWnE2dHdBNmpJNnpyek5mZm9IUi9vdnhxQnpCZWZOd2F5Rlozc3A5WFpRYUhzbktJV2ZOZXBqekRrbVJ5OFRHN0VOMjA9; domain=yltenim.com; path=/; expires=Thu, 02-Apr-2020 19:50:40 UTC SERVERID=sfc54; path=/
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57dcb54f0d05d8c1-AMS

Redirect headers

status: 302
server: nginx
date: Thu, 02 Apr 2020 18:45:40 GMT
content-type: text/html; charset=UTF-8
location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET 456926
tryd.pro/go/216668/ 0
0

GET
H/1.1 200
OK 456926
tryd.pro/go/216668/ 466 B
518 B 214ms
201ms Document
text/html 54.236.172.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://tryd.pro/go/216668/456926
Requested by: Host: yltenim.com
URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6811187368280720098&ext1=5415
Protocol: HTTP/1.1
Server: 54.236.172.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-172-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: tryd.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://yltenim.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/

Response headers

Date: Thu, 02 Apr 2020 18:45:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1

200
OK

Cookie set / Show response
core.royalads.net/click/
Redirect Chain

http://tryd.pro/ad/ad?p=216668&w=456926&t=fc2439973e652818&r=aHR0cHMlM0ElMkYlMkZ5bHRlbmltLmNvbSUyRg==&vw=1600&vh=1200
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

950 B
871 B

60ms
45ms

Document
text/html

151.80.221.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Requested by: Host: tryd.pro
URL: http://tryd.pro/go/216668/456926
Protocol: HTTP/1.1
Server: 151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS: core.royalads.net
Software: nginx /
Resource Hash: 0580275f14c6a1ede9b0341c801b6de8645821da485be973aa26d6e6fd520925

Request headers

Host: core.royalads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://tryd.pro/go/216668/456926
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tryd.pro/go/216668/456926

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Set-Cookie: cflag=114;Domain=core.royalads.net;Path=/
Content-Encoding: gzip

Redirect headers

Date: Thu, 02 Apr 2020 18:45:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 115
Connection: keep-alive
Server: nginx
Location: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

GET
H/1.1

200
OK

465699 Show response
ps.popcash.net/go/79141/
Redirect Chain

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926&ref=http%3A%2F%2Ftryd.pro%2Fgo%2F216668%2F456926&scrw=1600&scrh=1200&nlc=yDD7Po4V5nz7FSPs&ven=&ver=&p=falsexundefin...
http://popcash.net/world/go/79141/465699
http://ps.popcash.net/go/79141/465699

469 B
520 B

213ms
199ms

Document
text/html

34.230.174.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://ps.popcash.net/go/79141/465699
Requested by: Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926
Protocol: HTTP/1.1
Server: 34.230.174.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-174-59.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5cd0ba5f4e565d8750503988c7911af7a16b07f339fd9e3a423eb99631b2987c

Request headers

Host: ps.popcash.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://core.royalads.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=d50969f4427e06d6a2d62f6c884d332191585853141
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=456926

Response headers

Date: Thu, 02 Apr 2020 18:45:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Thu, 02 Apr 2020 18:45:41 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Set-Cookie: __cfduid=d50969f4427e06d6a2d62f6c884d332191585853141; expires=Sat, 02-May-20 18:45:41 GMT; path=/; domain=.popcash.net; HttpOnly; SameSite=Lax
Location: http://ps.popcash.net/go/79141/465699
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 57dcb555d96f3250-FRA

GET
H/1.1

200
OK

Cookie set / Show response
core.royalads.net/click/
Redirect Chain

http://ps.popcash.net/ad/ad?p=79141&w=465699&t=1252bd0e8c9a2bdc&r=aHR0cCUzQSUyRiUyRmNvcmUucm95YWxhZHMubmV0JTJG&vw=1600&vh=1200
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

955 B
875 B

32ms
32ms

Document
text/html

151.80.221.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Requested by: Host: ps.popcash.net
URL: http://ps.popcash.net/go/79141/465699
Protocol: HTTP/1.1
Server: 151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS: core.royalads.net
Software: nginx /
Resource Hash: 213362e58412164512353025c176b190a59a812dedde280f264f6183df43dc0e

Request headers

Host: core.royalads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ps.popcash.net/go/79141/465699
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: cflag=114; hash=a1aa5442-3642-4f90-b546-45394218c6e6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ps.popcash.net/go/79141/465699

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Set-Cookie: cflag=214;Domain=core.royalads.net;Path=/
Content-Encoding: gzip

Redirect headers

Date: Thu, 02 Apr 2020 18:45:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 115
Connection: keep-alive
Server: nginx
Location: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

GET
H/1.1

200
OK

Cookie set / Show response
core.royalads.net/click/
Redirect Chain

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexun...
http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087

943 B
859 B

33ms
32ms

Document
text/html

151.80.221.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
Requested by: Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699
Protocol: HTTP/1.1
Server: 151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS: core.royalads.net
Software: nginx /
Resource Hash: e54e053245bfe15679b1c54030586067044214db1d19cf01d7f85fa58b75278c

Request headers

Host: core.royalads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://core.royalads.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: hash=a1aa5442-3642-4f90-b546-45394218c6e6; cflag=214
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=465699

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Set-Cookie: cflag=214;Domain=core.royalads.net;Path=/
Content-Encoding: gzip

Redirect headers

Date: Thu, 02 Apr 2020 18:45:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 115
Connection: keep-alive
Server: nginx
Location: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087

GET
H/1.1

200
OK

in.html Show response
xml-ads.com/
Redirect Chain

http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087&ref=http%3A%2F%2Fcore.royalads.net%2F&scrw=1600&scrh=1200&nlc=eY4MwQCg5nz7FSPs&ven=&ver=&p=falsexundefined&iif=0
http://xml-ads.com/in.html

1 KB
793 B

38ms
24ms

Document
text/html

188.164.249.105
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://xml-ads.com/in.html
Requested by: Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087
Protocol: HTTP/1.1
Server: 188.164.249.105 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1ea881f51822534735bd2d19cd14b615ad8ca6659252ea5ee2178d8143173364

Request headers

Host: xml-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://core.royalads.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=488087

Response headers

Server: nginx
Date: Thu, 02 Apr 2020 18:43:48 GMT
Content-Type: text/html text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 02 Apr 2020 18:45:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://xml-ads.com/in.html
Cache-Control: no-cache

GET
H2 200 Primary Request / Show response
duckduckgo.com/ 5 KB
2 KB 120ms
39ms Document
text/html 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/

Requested by

Host: xml-ads.com
URL: http://xml-ads.com/in.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d74611bf34c3e526736df7c542e69138c02d8c2a9c810afa7cd1c07a9299d906

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: duckduckgo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://xml-ads.com/in.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://xml-ads.com/in.html

Response headers

status: 200
server: nginx
date: Thu, 02 Apr 2020 18:45:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
etag: W/"5e862c85-1531"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: origin
expect-ct: max-age=0
expires: Thu, 02 Apr 2020 18:45:41 GMT
cache-control: no-cache
content-encoding: br

GET
H2 200 s1884.css
duckduckgo.com/ 187 KB
37 KB 42ms
40ms Stylesheet
text/css 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/s1884.css

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e56c43aab1676f22c26489a254913030463d827bb77c93ad57bbfea7e05f330c

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 37558
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 02 Apr 2020 18:18:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e862c70-92b6"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 o1884.css
duckduckgo.com/ 20 KB
4 KB 69ms
68ms Stylesheet
text/css 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/o1884.css

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

25a02847dffab3be997a5c6042ab8fb79be41f3acb224aae63d910de96341003

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 3689
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 02 Apr 2020 18:18:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e862c70-e69"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 l113.js Show response
duckduckgo.com/lib/ 155 KB
52 KB 90ms
88ms Script
application/x-javascript 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/lib/l113.js

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cbf634d16f01aa151b30182aa76aab58d0a56cb57c3bb0796f601deae5b1609f

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 52917
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Wed, 06 Mar 2019 20:15:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5c802a69-ceb5"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 duckduckgo14.js Show response
duckduckgo.com/locale/en_US/ 505 B
719 B 98ms
97ms Script
application/x-javascript 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/locale/en_US/duckduckgo14.js

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

790f083d45a4a716dbec546771888883690e58379526146fc429cf310df9a49f

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 282
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Mon, 10 Jun 2019 17:43:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5cfe96c6-11a"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 u435.js Show response
duckduckgo.com/util/ 78 KB
26 KB 98ms
97ms Script
application/x-javascript 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/util/u435.js

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

baa33cf35053f1b2d6efc7645ae88e87da9b1b3e5b868a40872a2670b3909c8a

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 25913
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 02 Apr 2020 18:18:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e862c70-6539"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 d2772.js Show response
duckduckgo.com/ 548 KB
115 KB 98ms
97ms Script
application/x-javascript 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/d2772.js

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7aefb49cdf9743b2f82dcaef7ad14fd848539cf2ed60c93c59b3515598768717

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, Accept-Encoding
content-length: 117430
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 02 Apr 2020 18:18:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5e862c70-1cab6"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: max-age=31536000
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 ProximaNova-Reg-webfont.woff
duckduckgo.com/font/ 23 KB
24 KB 38ms
38ms Font
application/font-woff 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/font/ProximaNova-Reg-webfont.woff

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cb7723d2b3fec88ad5f70163043929a20c70391b1ad31b3fac279e438fd42e2d

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
Origin: https://duckduckgo.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd1-5ce0"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 logo_homepage.normal.v108.svg
duckduckgo.com/assets/ 5 KB
2 KB 39ms
38ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/logo_homepage.normal.v108.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

2cf6e05e04f305de66708f94f05a3f65ce113334451551cfccfa3c417cdddac9

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Wed, 06 Feb 2019 19:44:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c5b3933-1296"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 ProximaNova-Sbold-webfont.woff
duckduckgo.com/font/ 23 KB
24 KB 41ms
40ms Font
application/font-woff 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/font/ProximaNova-Sbold-webfont.woff

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9f7bceacd7105ae099827e515c7f4562b9d33898dba2cd000664fe62d7031b4a

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
Origin: https://duckduckgo.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd1-5d5c"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05ea6357028f2a0cbb71d3b59e64bb54ccd3b87f01e548b8146448422eb98080

Request headers

Origin: https://duckduckgo.com
Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 post2.html Show response
duckduckgo.com/ Frame F4AD 540 B
675 B 38ms
37ms Document
text/html 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/post2.html

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/d2772.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4aa4e6c44b36c12b6b0f694ea744b4fcfb64d5f5e7d88ca393ca766d5affe38b

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: duckduckgo.com
:scheme: https
:path: /post2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://duckduckgo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://duckduckgo.com/

Response headers

status: 200
server: nginx
date: Thu, 02 Apr 2020 18:45:42 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 21 Sep 2018 07:37:53 GMT
vary: Accept-Encoding
etag: W/"5ba49fd1-21c"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: origin
expect-ct: max-age=0
expires: Fri, 03 Apr 2020 18:45:42 GMT
cache-control: max-age=86400
x-duckduckgo-locale: en_US
content-encoding: br

GET
H2 200 logo_homepage_mobile.normal.v108.unoptimized.svg
duckduckgo.com/assets/ 10 KB
4 KB 40ms
40ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/logo_homepage_mobile.normal.v108.unoptimized.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8af5ecc83adcd30d52a675ef657ea48ea05803aa2c9f15ebc506cf2955636ac5

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Tue, 05 Mar 2019 19:26:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c7ecd54-289d"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 install_arrow.svg
duckduckgo.com/assets/ 1 KB
950 B 41ms
40ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/install_arrow.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0a75a8519cc22927259de5ea9f0e7facafc61c722332441ff7e459ee9d7b93a4

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fcf-4ea"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 ProximaNova-ExtraBold-webfont.woff
duckduckgo.com/font/ 27 KB
27 KB 40ms
40ms Font
application/font-woff 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://duckduckgo.com/font/ProximaNova-ExtraBold-webfont.woff

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/lib/l113.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

896b497f10122e21ca02e140b34686b071db787208127ed31f2930882821b174

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
Origin: https://duckduckgo.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd1-6c20"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 atbhi_brave_v215-2
improving.duckduckgo.com/t/ 43 B
482 B 71ms
67ms Image
image/gif 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://improving.duckduckgo.com/t/atbhi_brave_v215-2?7204340&va=_&atbva=_&l=en_US&p=mac

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=0
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/atb/
content-length: 43
x-xss-protection: 1;mode=block
x-duckduckgo-locale: en_US
referrer-policy: origin
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Thu, 02 Apr 2020 18:45:41 GMT

GET
H2 200 background.svg
duckduckgo.com/assets/home/landing/ 40 KB
15 KB 44ms
40ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/home/landing/background.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4944cb60de5b53ac1e702014cff3e763363a198c59e8fe82acc671c3db480c45

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Wed, 18 Dec 2019 19:27:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dfa7db9-9ff1"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 background-small.svg
duckduckgo.com/assets/home/landing/ 21 KB
8 KB 45ms
41ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/home/landing/background-small.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5b51b14292512ccd55491bcb904510264a7d29e4ef1b26bce1eec9cbd08320e5

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Wed, 18 Dec 2019 19:27:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dfa7db9-52ca"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 background-dark.svg
duckduckgo.com/assets/home/landing/ 42 KB
16 KB 48ms
44ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/home/landing/background-dark.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bc3d24b1b341a013fab48df369ca74633e8b23403f4389bcc141926606a304ff

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 19 Dec 2019 19:01:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dfbc91e-a733"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 background-small-dark.svg
duckduckgo.com/assets/home/landing/ 35 KB
14 KB 67ms
63ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/home/landing/background-small-dark.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

67ca6b86633dfdff95a4ad329cb9b97ad4b9aa7ff5277a6ac5fe99347b5965c9

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Thu, 19 Dec 2019 19:01:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dfbc91e-8c24"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 arrow.svg
duckduckgo.com/assets/onboarding/ 427 B
668 B 68ms
64ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/onboarding/arrow.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

60afde70046cf7bb977d3e650f5d059266548d15e4c5d5329bab88ee0e45f482

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd0-1ab"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 1-monster-v2--pre-animation.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 22 KB
8 KB 68ms
65ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/onboarding/bathroomguy/1-monster-v2--pre-animation.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

37cf726bf0e8c66e42e7aca3fb431030c6bdf05ce2acc6b89f79f1550196dc04

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd0-57cf"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 2-ghost-v2.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 15 KB
6 KB 69ms
65ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/onboarding/bathroomguy/2-ghost-v2.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

25c1b9804ee113bf441e25850924795e510944af3776b0d427ba1e54d67e9489

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd0-3c63"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 3-bathtub-v2--pre-animation.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 14 KB
6 KB 69ms
66ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/onboarding/bathroomguy/3-bathtub-v2--pre-animation.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b89e632378315023226521fecaf0941ed9844bbf95b0d94fb9668dd53fd53581

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd0-39f1"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 4-alpinist-v2.svg
duckduckgo.com/assets/onboarding/bathroomguy/ 22 KB
8 KB 69ms
66ms Image
image/svg+xml 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duckduckgo.com/assets/onboarding/bathroomguy/4-alpinist-v2.svg

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e40d43051c3fe2a697f8a19a83461e65ebc7ddec273e3cbc8f953ffbe30ee3df

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1;mode=block
referrer-policy: origin
last-modified: Fri, 21 Sep 2018 07:37:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ba49fd0-5912"
expect-ct: max-age=0
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: max-age=31536000, public
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Fri, 02 Apr 2021 18:45:42 GMT

GET
H2 200 hi
improving.duckduckgo.com/t/ 43 B
482 B 69ms
67ms Image
image/gif 52.213.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://improving.duckduckgo.com/t/hi?688506&b=brave&atbi=true&ei=true&i=false&d=d&l=en_US&p=mac&atb=v215-2&va=_&atbva=_

Requested by

Host: duckduckgo.com
URL: https://duckduckgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.213.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-95-108.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://duckduckgo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:45:42 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=0
x-duckduckgo-moreinfo: See https://help.duckduckgo.com/duckduckgo-help-pages/privacy/atb/
content-length: 43
x-xss-protection: 1;mode=block
x-duckduckgo-locale: en_US
referrer-policy: origin
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
content-security-policy: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
expires: Thu, 02 Apr 2020 18:45:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tryd.pro
URL: http://tryd.pro/go/216668/456926?

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

core.royalads.net
duckduckgo.com
go.fastlanes.info
go.vultow.icu
improving.duckduckgo.com
klm.tmediatower.com
popcash.net
ps.popcash.net
t.co
tryd.pro
xml-ads.com
yltenim.com
tryd.pro
104.24.121.206
104.244.42.133
151.80.221.9
188.164.249.105
198.143.165.221
2606:4700:20::681a:3bc
2a05:d018:244:5200::ab
34.230.174.59
52.213.95.108
54.236.172.182
0580275f14c6a1ede9b0341c801b6de8645821da485be973aa26d6e6fd520925
05ea6357028f2a0cbb71d3b59e64bb54ccd3b87f01e548b8146448422eb98080
0a75a8519cc22927259de5ea9f0e7facafc61c722332441ff7e459ee9d7b93a4
1ea881f51822534735bd2d19cd14b615ad8ca6659252ea5ee2178d8143173364
213362e58412164512353025c176b190a59a812dedde280f264f6183df43dc0e
25a02847dffab3be997a5c6042ab8fb79be41f3acb224aae63d910de96341003
25c1b9804ee113bf441e25850924795e510944af3776b0d427ba1e54d67e9489
2ac272305bb625a9a1aeb18379c482a3b261e490aaf144f4afdd1ce426e1f34b
2c4a4f45ce9a0903d4f1ebe240a8d7a7f19753dcf54988cf3ea373ab1b4d8883
2cf6e05e04f305de66708f94f05a3f65ce113334451551cfccfa3c417cdddac9
37cf726bf0e8c66e42e7aca3fb431030c6bdf05ce2acc6b89f79f1550196dc04
4944cb60de5b53ac1e702014cff3e763363a198c59e8fe82acc671c3db480c45
4aa4e6c44b36c12b6b0f694ea744b4fcfb64d5f5e7d88ca393ca766d5affe38b
5b51b14292512ccd55491bcb904510264a7d29e4ef1b26bce1eec9cbd08320e5
5cd0ba5f4e565d8750503988c7911af7a16b07f339fd9e3a423eb99631b2987c
60afde70046cf7bb977d3e650f5d059266548d15e4c5d5329bab88ee0e45f482
61850494026292adfc3d0242e101f712b04e03a0b704aaea0cc167e16bed89e5
67ca6b86633dfdff95a4ad329cb9b97ad4b9aa7ff5277a6ac5fe99347b5965c9
790f083d45a4a716dbec546771888883690e58379526146fc429cf310df9a49f
7aefb49cdf9743b2f82dcaef7ad14fd848539cf2ed60c93c59b3515598768717
896b497f10122e21ca02e140b34686b071db787208127ed31f2930882821b174
8af5ecc83adcd30d52a675ef657ea48ea05803aa2c9f15ebc506cf2955636ac5
8f4f9d3effedd4258de97194601c68471c26780616e3348b5823ef6a14dc8432
99722c8c5d74d7b071a12dccf9bf83b687bebf15359750ee8c0ea3b5b087ee9b
9f7bceacd7105ae099827e515c7f4562b9d33898dba2cd000664fe62d7031b4a
b89e632378315023226521fecaf0941ed9844bbf95b0d94fb9668dd53fd53581
baa33cf35053f1b2d6efc7645ae88e87da9b1b3e5b868a40872a2670b3909c8a
bc3d24b1b341a013fab48df369ca74633e8b23403f4389bcc141926606a304ff
c51f7c5b739404b36767103bb13d819136fcd6225f6c539f533e13a278d46eef
cb7723d2b3fec88ad5f70163043929a20c70391b1ad31b3fac279e438fd42e2d
cbf634d16f01aa151b30182aa76aab58d0a56cb57c3bb0796f601deae5b1609f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d74611bf34c3e526736df7c542e69138c02d8c2a9c810afa7cd1c07a9299d906
e40d43051c3fe2a697f8a19a83461e65ebc7ddec273e3cbc8f953ffbe30ee3df
e54e053245bfe15679b1c54030586067044214db1d19cf01d7f85fa58b75278c
e56c43aab1676f22c26489a254913030463d827bb77c93ad57bbfea7e05f330c

duckduckgo.com Open in urlscan Pro 52.213.95.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

38 Requests

76 %HTTPS

20 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

428 kBTransfer

1329 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

duckduckgo.com Open in urlscan Pro
52.213.95.108 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

76 %
HTTPS

20 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

428 kB
Transfer

1329 kB
Size

0
Cookies

38 HTTP transactions
1 data transactions