Riddle me this, Batman. Recently I’ve found that duckduckgo.com is unreachable from this PC running Manjaro XFCE. This is true for all 3 browsers on this machine. It is still reachable on my downstairs Windoze 7 machine.
Try nslookup duckduckgo.com and ping duckduckgo.com.
nslookup has apparently been replaced with dnslookup, and I can’t figure out how to call it. 
It seems duckduckgo.com doesn’t respond to pings.
man dig
dig also seems to have gone the way of the dodo.
That appears to be the case. The site is working for me though (KDE but that shouldn’t make a difference).
Have you tried resetting your router? I’ve had weird issues like this in the past.
Does it give you back an IP address?
Just bounced my router. No joy.
= ping duckduckgo.com
PING duckduckgo.com (79.125.108.55) 56(84) bytes of data.
So DNS resolution seemingly works. Please run ip -br route and ip route get 79.125.108.55 and ip -br addr and then traceroute 79.125.108.55 and sudo iptables -L.
= ip -br route
default via 192.168.3.3 dev enp1s0 proto dhcp metric 100
192.168.0.0/16 dev enp1s0 proto kernel scope link src 192.168.3.243 metric 100
= ip route get 79.125.108.55
79.125.108.55 via 192.168.3.3 dev enp1s0 src 192.168.3.243 uid 1001
cache
= ip -br addr
lo UNKNOWN 127.0.0.1/8 ::1/128
enp5s0 DOWN
enp1s0 UP 192.168.3.243/16 fe80::cc24:780a:5bbf:f173/64
= mtr --report 79.125.108.55
Start: 2020-09-12T20:38:01+0200
HOST: phaedrus Loss% Snt Last Avg Best Wrst StDev
1.|-- fritz.box 0.0% 10 8.6 8.2 0.6 9.2 2.7
2.|-- 10.140.43.226 0.0% 10 9.0 9.1 8.8 9.4 0.2
3.|-- 138.187.18.74 0.0% 10 8.7 9.0 8.7 9.5 0.3
4.|-- 172.16.22.205 0.0% 10 12.7 12.3 8.8 17.4 2.7
5.|-- 212.101.3.173 0.0% 10 9.9 10.1 9.9 10.9 0.3
6.|-- d11sol-bbm02-x-0-0-21.sol 0.0% 10 9.6 17.4 9.4 86.2 24.2
7.|-- iwbbas-bbm02-x-0-0-3.soln 0.0% 10 10.2 10.5 10.0 13.5 1.1
8.|-- iwbbas-bbr02-et-0-0-2.4.s 0.0% 10 10.1 13.5 9.3 47.7 12.0
9.|-- ixnzrh-bbr02-ve9.solnet.c 0.0% 10 11.2 10.9 10.5 11.4 0.3
10.|-- as16509.swissix.ch 0.0% 10 10.9 14.7 10.7 40.1 9.4
11.|-- 52.93.42.106 0.0% 10 12.2 13.0 11.7 16.1 1.4
12.|-- 52.93.42.109 0.0% 10 10.8 11.5 10.8 12.3 0.6
13.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
I get a different IP address: 52.142.124.215
Try accessing the site using that i.e. https://52.142.124.215 (you may have to add a certificate exception).
I get a different one as well, but that’s hardly surprising.
[nx-74205:/dev/pts/3][/home/aragorn]
[20:40:32][aragorn] > pacman -Qo dig
/usr/bin/dig is owned by bind 9.16.6-1
[nx-74205:/dev/pts/3][/home/aragorn]
[20:40:45][aragorn] >
Please try curl -v https://lite.duckduckgo.com >/dev/null.
You have asked Pale Moon to connect securely to 52.142.124.215, but we can’t confirm that your connection is secure.
That’s expected… hmmm… so it works, at least to some degree.
= curl -v https://lite.duckduckgo.com >/dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:–:-- --:–:-- --:–:-- 0* Trying 40.114.177.156:443…
- Connected to lite.duckduckgo.com (40.114.177.156) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
} [5 bytes data] - TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data] - TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data] - TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data] - TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2787 bytes data] - TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data] - TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data] - TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data] - TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data] - SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
- ALPN, server accepted to use h2
- Server certificate:
- subject: C=US; ST=Pennsylvania; L=Paoli; O=Duck Duck Go, Inc.; CN=*.duckduckgo.com
- start date: Aug 9 00:00:00 2019 GMT
- expire date: Oct 30 12:00:00 2020 GMT
- subjectAltName: host “lite.duckduckgo.com” matched cert’s “*.duckduckgo.com”
- issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
- SSL certificate verify ok.
- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data] - Using Stream ID: 1 (easy handle 0x555b7068e920)
} [5 bytes data]
GET / HTTP/2
Host: lite.duckduckgo.com
user-agent: curl/7.72.0
accept: /
{ [5 bytes data]
- TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data] - TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data] - old SSL session ID is stale, removing
{ [5 bytes data] - Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
} [5 bytes data]
< HTTP/2 302
< server: nginx
< date: Sat, 12 Sep 2020 18:43:59 GMT
< content-type: text/html
< content-length: 138
< location: DuckDuckGo
< strict-transport-security: max-age=0
< x-frame-options: SAMEORIGIN
< content-security-policy: default-src https: blob: data: ‘unsafe-inline’ ‘unsafe-eval’; frame-ancestors ‘self’
< x-xss-protection: 1;mode=block
< x-content-type-options: nosniff
< referrer-policy: origin
< expect-ct: max-age=0
< expires: Sun, 12 Sep 2021 18:43:59 GMT
< cache-control: max-age=31536000
< x-duckduckgo-locale: en_US
<
{ [138 bytes data]
100 138 100 138 0 0 846 0 --:–:-- --:–:-- --:–:-- 846 - Connection #0 to host lite.duckduckgo.com left intact
That pretty much seems to work as expected. What do browsers show when you try to open it?