privsec.dev - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is privsec.dev.
TLS certificate: Issued by R3 on January 17th 2023. Valid for: 3 months.

This is the only time privsec.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
5	2600:1f18:248... 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d		14618 (AMAZON-AES) (AMAZON-AES)
5	1

5 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

privsec.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	privsec.dev privsec.dev	58 KB
5	1

	Domain	Requested by
5	privsec.dev	privsec.dev
5	1

This site contains links to these domains. Also see Links.

Domain
tommytran.io
github.com
git.tommytran.io
matrix.to
twitter.com
creativecommons.org
gohugo.io

Subject Issuer	Validity	Valid
mta-sts.privsec.dev R3	`2023-01-17` - `2023-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://privsec.dev/
Frame ID: BD3104D447B451D98869BD2FFBD3675E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PrivSec - A practical approach to Privacy and Security

Page URL History Show full URLs

http://privsec.dev/ HTTP 307
https://privsec.dev/ Page URL

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

58 kB
Transfer

79 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://tommytran.io/tommy.asc
Title: PGP

Search URL Search Domain Scan URL

URL: https://tommytran.io/tommy.crt
Title: S/MIME

Search URL Search Domain Scan URL

URL: https://github.com/PrivSec-dev

Search URL Search Domain Scan URL

URL: https://git.tommytran.io/privsec-dev

Search URL Search Domain Scan URL

URL: https://matrix.to/#/#privsec:arcticfoxes.net

Search URL Search Domain Scan URL

URL: https://twitter.com/privsec_dev

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-sa/4.0/
Title: CC BY-SA 4.0

Search URL Search Domain Scan URL

URL: https://gohugo.io/
Title: Hugo

Search URL Search Domain Scan URL

URL: https://github.com/Wonderfall/hugo-WonderMod/
Title: WonderMod

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://privsec.dev/ HTTP 307
https://privsec.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
privsec.dev/
Redirect Chain

http://privsec.dev/
https://privsec.dev/

11 KB
5 KB

464ms
153ms

Document
text/html

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://privsec.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

de4cf8e4f1b233bc20fd54546ca2fc92f2ced1a7fd2a888a071d853f6e195d1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
date: Tue, 17 Jan 2023 11:12:17 GMT
etag: "ce9d6978c16038b2d564fbe9281a3f8b-ssl-df"
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
referrer-policy: no-referrer
server: Netlify
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GPZPW1MBWMDVECE29J2G2GKS
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://privsec.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 stylesheet.c5277e43fde8b6dabe803dff75b3c935ba15f1a218d18c0bcbaba3460636ce74.css
privsec.dev/assets/css/ 18 KB
4 KB 123ms
123ms Stylesheet
text/css 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://privsec.dev/assets/css/stylesheet.c5277e43fde8b6dabe803dff75b3c935ba15f1a218d18c0bcbaba3460636ce74.css

Requested by

Host: privsec.dev
URL: https://privsec.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

c5277e43fde8b6dabe803dff75b3c935ba15f1a218d18c0bcbaba3460636ce74

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
Origin: https://privsec.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPZPW1S8WS1MYKP2VGCTPX83
content-security-policy: default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
content-encoding: br
x-content-type-options: nosniff
date: Tue, 17 Jan 2023 09:22:35 GMT
strict-transport-security: max-age=31536000
age: 6582
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
content-length: 4379
x-xss-protection: 0
referrer-policy: no-referrer
server: Netlify
etag: "83f3b96cc482fabc298133b437dcc89c-ssl"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 theme.b20f95bb4da41ef90a2610a557a7000b2649a3f47282ec571676da6fc0427200.js Show response
privsec.dev/assets/js/ 242 B
336 B 251ms
250ms Script
application/javascript 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://privsec.dev/assets/js/theme.b20f95bb4da41ef90a2610a557a7000b2649a3f47282ec571676da6fc0427200.js

Requested by

Host: privsec.dev
URL: https://privsec.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

b20f95bb4da41ef90a2610a557a7000b2649a3f47282ec571676da6fc0427200

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
Origin: https://privsec.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPZPW1S88PKBNG2ZWHQM3AZT
content-security-policy: default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
date: Tue, 17 Jan 2023 09:22:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6582
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
content-length: 242
x-xss-protection: 0
referrer-policy: no-referrer
server: Netlify
etag: "3977373c6385f057c4d54d11d456627e-ssl"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 privsec.png
privsec.dev/ 48 KB
48 KB 125ms
125ms Image
image/png 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privsec.dev/privsec.png

Requested by

Host: privsec.dev
URL: https://privsec.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

343e8d6ebdfb528c029ea822760068594acd26a5f63c29229fdeb4f5b47a3545

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPZPW1SDFD41N59HNXS68552
content-security-policy: default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
date: Tue, 17 Jan 2023 09:22:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6582
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
content-length: 49260
x-xss-protection: 0
referrer-policy: no-referrer
server: Netlify
etag: "13464812dfd80bd5c284efd926eaaaa0-ssl"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=0, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
accept-ranges: bytes

GET
H2 200 papermod.7ea300eda6d3653624a576fbc095ccd8a0c2977756acbe5de4114132a72cc7fa.js Show response
privsec.dev/assets/js/ 2 KB
756 B 124ms
124ms Script
application/javascript 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://privsec.dev/assets/js/papermod.7ea300eda6d3653624a576fbc095ccd8a0c2977756acbe5de4114132a72cc7fa.js

Requested by

Host: privsec.dev
URL: https://privsec.dev/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

7ea300eda6d3653624a576fbc095ccd8a0c2977756acbe5de4114132a72cc7fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
Origin: https://privsec.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GPZPW1SDPJSF14ZPDVYF03V2
content-security-policy: default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
content-encoding: br
x-content-type-options: nosniff
date: Tue, 17 Jan 2023 09:22:35 GMT
strict-transport-security: max-age=31536000
age: 6582
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
content-length: 632
x-xss-protection: 0
referrer-policy: no-referrer
server: Netlify
etag: "597257740492931230eef5b82fa28258-ssl"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), sync-xhr=(), xr-spatial-tracking=()
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| loadPreferredTheme

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

privsec.dev
2600:1f18:2489:8201:99f5:dc6a:9003:ab2d
343e8d6ebdfb528c029ea822760068594acd26a5f63c29229fdeb4f5b47a3545
7ea300eda6d3653624a576fbc095ccd8a0c2977756acbe5de4114132a72cc7fa
b20f95bb4da41ef90a2610a557a7000b2649a3f47282ec571676da6fc0427200
c5277e43fde8b6dabe803dff75b3c935ba15f1a218d18c0bcbaba3460636ce74
de4cf8e4f1b233bc20fd54546ca2fc92f2ced1a7fd2a888a071d853f6e195d1d

privsec.dev Open in urlscan Pro 2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

58 kBTransfer

79 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

privsec.dev Open in urlscan Pro
2600:1f18:2489:8201:99f5:dc6a:9003:ab2d Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

58 kB
Transfer

79 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions