www.positronsecurity.com Open in urlscan Pro
2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/	8 KB 4 KB	562ms 113ms	Document text/html	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 38747495209cf880c50e6776e1ba62cccb3f36358fb625e9a9730b52dc652429 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Content-Type text/html Date Wed, 29 Nov 2023 14:25:47 GMT ETag W/"5f7100bc-21de" Expect-CT max-age=86400, enforce Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Referrer-Policy strict-origin-when-cross-origin Server nginx Strict-Transport-Security max-age=10368000; includeSubDomains Transfer-Encoding chunked X-Content-Type-Options nosniff X-Frame-Options DENY X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	main.css www.positronsecurity.com/css/	13 KB 13 KB	110ms 110ms	Stylesheet text/css	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.positronsecurity.com/css/main.css Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash afd4f922826adccc5c150f394095217c6c0667c9215424219590033b006b27f7 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:47 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 12830 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-321e" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type text/css Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	script.js Show response www.positronsecurity.com/js/	6 KB 6 KB	221ms 109ms	Script application/javascript	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.positronsecurity.com/js/script.js Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 295ba9f8ec7d954106577f724fae32beb1668e15f2897eca794e92e7f78e3fcc Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 5693 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-163d" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type application/javascript Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	positron-security.png www.positronsecurity.com/assets/	18 KB 19 KB	447ms 224ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/positron-security.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 2346c3ac95a39e711154da3dd337c9c8441d7b21104c07523b5f759d12967110 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 18781 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-495d" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	banner-blog.jpg www.positronsecurity.com/assets/	132 KB 133 KB	449ms 226ms	Image image/jpeg	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/banner-blog.jpg Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 013656b007ac2150dd493ac6bcd6b1f7500830dba2b063e99846868ddfcd19fe Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 135011 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-20f63" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/jpeg Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_ssh_override.png www.positronsecurity.com/blog/	15 KB 16 KB	117ms 116ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_ssh_override.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 65b1dc405822189e493ee95b0cc16e922571e439890884dd0f9061087f554445 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 15536 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-3cb0" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_putty_optimal1.png www.positronsecurity.com/blog/	41 KB 42 KB	565ms 224ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_putty_optimal1.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 441d49a2f62facbeea500cd49c4cb0be964d2eadcddc66c8cc3c07e0bffaa9de Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 41984 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-a400" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_putty_optimal2.png www.positronsecurity.com/blog/	33 KB 34 KB	477ms 134ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_putty_optimal2.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash cb318b9c0f4430fc853e22d36de8f94271dc1a83e1607c91f977b31262d02b26 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 33711 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-83af" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_putty_optimal3.png www.positronsecurity.com/blog/	31 KB 31 KB	610ms 267ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_putty_optimal3.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 06823a63fdbf479e76660ce39f1ab56593cd02a9cc1fbd7233ffb73c8c492c97 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 31241 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-7a09" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_ubuntu18_client_unhardened.png www.positronsecurity.com/blog/	242 KB 243 KB	360ms 140ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_ubuntu18_client_unhardened.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 9182875872289bacad53de5da0914fa3a66f7e72fed49832cecb3312bb211c08 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 247866 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-3c83a" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	client_auditing_ubuntu18_client_hardened.png www.positronsecurity.com/blog/	157 KB 157 KB	331ms 116ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/blog/client_auditing_ubuntu18_client_hardened.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 1fbe57add19497e532065da8a12667c580257b3b3d08d3bbba3f09cb9a84c427 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/blog/2020-01-07-ssh-client-auditing-and-hardening/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 160310 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-27236" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	hex.png www.positronsecurity.com/assets/	4 KB 5 KB	329ms 115ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/hex.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash fb607c2e6094aecfa3193a51efee197e2857d1b44190a1270c93c14f49e714a5 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 4415 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-113f" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	arrow-bullet.png www.positronsecurity.com/assets/	185 B 1 KB	332ms 117ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/arrow-bullet.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 0007fb0475094c686fc6d43bb4d1e5c80c9119566e8ccffffd24a7ad598e49ce Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 185 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-b9" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	mail-icon.png www.positronsecurity.com/assets/	555 B 1 KB	111ms 111ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/mail-icon.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 50f7ceb09a92483c6c2ee667fad92899b986d85db816275b9765eaa8912f2309 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 555 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-22b" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	phone-icon.png www.positronsecurity.com/assets/	716 B 2 KB	110ms 110ms	Image image/png	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.positronsecurity.com/assets/phone-icon.png Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 50fa2fc7b55a71132c9da1fe2f03319f7608200df272edde6ec4cce4f69d41c8 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.positronsecurity.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 716 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-2cc" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type image/png Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	AlegreyaSC.woff2 www.positronsecurity.com/assets/	24 KB 25 KB	228ms 225ms	Font application/octet-stream	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.positronsecurity.com/assets/AlegreyaSC.woff2 Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e30f26b285643ce40d3716c2ed19aac5ac9ccf244806180613a894c04f223ffc Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.positronsecurity.com/css/main.css Origin https://www.positronsecurity.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 24896 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-6140" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type application/octet-stream Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes
GET H/1.1	200 OK	ConcielianBreak.ttf www.positronsecurity.com/assets/	43 KB 44 KB	231ms 115ms	Font application/octet-stream	2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.positronsecurity.com/assets/ConcielianBreak.ttf Requested by Host: www.positronsecurity.com URL: https://www.positronsecurity.com/css/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash 53f388725dfa4559cf15892128a592496c488a66818d1e89ca769a4cfad53166 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.positronsecurity.com/css/main.css Origin https://www.positronsecurity.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Wed, 29 Nov 2023 14:25:48 GMT Strict-Transport-Security max-age=10368000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy default-src 'self'; img-src 'self' https://user-images.githubusercontent.com Connection keep-alive Content-Length 44356 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Sun, 27 Sep 2020 21:14:36 GMT Server nginx ETag "5f7100bc-ad44" Expect-CT max-age=86400, enforce X-Frame-Options DENY Content-Type application/octet-stream Feature-Policy autoplay 'none'; camera 'none'; fullscreen 'none'; geolocation 'none'; microphone 'none'; payment 'none'; speaker 'none'; usb 'none' Permissions-Policy autoplay=(), fullscreen=(), geolocation=(), camera=(), microphone=(), payment=(), usb=(), web-share=() Accept-Ranges bytes

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| slideShowTimeout object| timeout function| nextClick function| updateSlides function| hideElement function| menuClick function| menuHighlight function| showElement function| setInnerHTML function| validateContact object| lis_item object| link

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, fullscreen, geolocation, microphone, payment, usb. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self' https://user-images.githubusercontent.com
Strict-Transport-Security	max-age=10368000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.positronsecurity.com
2600:1f18:420a:b500:bc4:c9c6:1d6:e3e4
0007fb0475094c686fc6d43bb4d1e5c80c9119566e8ccffffd24a7ad598e49ce
013656b007ac2150dd493ac6bcd6b1f7500830dba2b063e99846868ddfcd19fe
06823a63fdbf479e76660ce39f1ab56593cd02a9cc1fbd7233ffb73c8c492c97
1fbe57add19497e532065da8a12667c580257b3b3d08d3bbba3f09cb9a84c427
2346c3ac95a39e711154da3dd337c9c8441d7b21104c07523b5f759d12967110
295ba9f8ec7d954106577f724fae32beb1668e15f2897eca794e92e7f78e3fcc
38747495209cf880c50e6776e1ba62cccb3f36358fb625e9a9730b52dc652429
441d49a2f62facbeea500cd49c4cb0be964d2eadcddc66c8cc3c07e0bffaa9de
50f7ceb09a92483c6c2ee667fad92899b986d85db816275b9765eaa8912f2309
50fa2fc7b55a71132c9da1fe2f03319f7608200df272edde6ec4cce4f69d41c8
53f388725dfa4559cf15892128a592496c488a66818d1e89ca769a4cfad53166
65b1dc405822189e493ee95b0cc16e922571e439890884dd0f9061087f554445
9182875872289bacad53de5da0914fa3a66f7e72fed49832cecb3312bb211c08
afd4f922826adccc5c150f394095217c6c0667c9215424219590033b006b27f7
cb318b9c0f4430fc853e22d36de8f94271dc1a83e1607c91f977b31262d02b26
e30f26b285643ce40d3716c2ed19aac5ac9ccf244806180613a894c04f223ffc
fb607c2e6094aecfa3193a51efee197e2857d1b44190a1270c93c14f49e714a5