www.troyhunt.com Open in urlscan Pro
2606:4700:3032::6815:2e06 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coinhive.com/
Effective URL:
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-con...
Submission: On January 16 via manual (January 16th 2024, 9:27:56 am UTC) from SI — Scanned from NL

Summary HTTP 118 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 20 domains to perform 118 HTTP transactions. The main IP is 2606:4700:3032::6815:2e06, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.troyhunt.com. The Cisco Umbrella rank of the primary domain is 972344.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time www.troyhunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	2606:4700:303... 2606:4700:3032::6815:2e06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:b658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	104.21.46.6 104.21.46.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
7	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
25	2600:9000:26d... 2600:9000:26db:e200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.131.7 151.101.131.7	54113 (FASTLY) (FASTLY)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:8d:... 2a04:4e42:8d::159	54113 (FASTLY) (FASTLY)
118	29

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3032::6815:2e06 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b658 (United States)

ASN13335 (CLOUDFLARENET, US)

troyhunt.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.46.6 (None, )

ASN13335 (CLOUDFLARENET, US)

bloghelpers.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

troyhunt.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:26db:e200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.131.7 (United States)

ASN54113 (FASTLY, US)

troyhunt.ghost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 5881 a.disquscdn.com — Cisco Umbrella Rank: 16848	479 KB
14	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1527	439 KB
13	troyhunt.com 1 redirects www.troyhunt.com — Cisco Umbrella Rank: 972344 bloghelpers.troyhunt.com	683 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	221 KB
10	disqus.com troyhunt.disqus.com disqus.com — Cisco Umbrella Rank: 1324 referrer.disqus.com — Cisco Umbrella Rank: 8238	123 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	1003 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	43 KB
6	ghost.io troyhunt.ghost.io	2 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	417 B
4	report-uri.com troyhunt.report-uri.com — Cisco Umbrella Rank: 704394	2 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263	1 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	288 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 3687 pbs.twimg.com — Cisco Umbrella Rank: 1242	4 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	323 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	47 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 3947	14 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	89 KB
1	coinhive.com 1 redirects coinhive.com — Cisco Umbrella Rank: 738098	946 B
118	20

	Domain	Requested by
25	c.disquscdn.com	disqus.com c.disquscdn.com www.troyhunt.com
12	platform.twitter.com	www.troyhunt.com platform.twitter.com
12	www.troyhunt.com	1 redirects www.troyhunt.com cdn.jsdelivr.net
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	www.youtube.com	www.troyhunt.com www.youtube.com
7	disqus.com	troyhunt.disqus.com c.disquscdn.com
6	troyhunt.ghost.io	cdn.jsdelivr.net
4	jnn-pa.googleapis.com	www.youtube.com
4	region1.google-analytics.com	www.googletagmanager.com
4	troyhunt.report-uri.com	www.troyhunt.com
3	a.disquscdn.com	www.troyhunt.com c.disquscdn.com
3	cdnjs.cloudflare.com	www.troyhunt.com cdnjs.cloudflare.com
3	fonts.googleapis.com	www.troyhunt.com client
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	syndication.twitter.com	platform.twitter.com www.troyhunt.com
2	troyhunt.disqus.com	www.troyhunt.com troyhunt.disqus.com
2	cdn.jsdelivr.net	www.troyhunt.com
1	pbs.twimg.com	www.troyhunt.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	referrer.disqus.com	www.troyhunt.com
1	www.gravatar.com	www.troyhunt.com
1	bloghelpers.troyhunt.com	www.troyhunt.com
1	www.googletagmanager.com	www.troyhunt.com
1	coinhive.com	1 redirects
118	29

This site contains links to these domains. Also see Links.

Domain
infosec.exchange
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
kolide.com
reddit.com
web.archive.org
coinhive.com
www.zdnet.com
lookedon.com
www.usenix.org
webtruyenonline.com
www.cyber-threat-intelligence.com
aahora.org
en.wikipedia.org
www.netflix.com
www.telerik.com
report-uri.com
developer.mozilla.org
github.com
ndc-security.com
ndcoslo.com
pluralsight.pxf.io
creativecommons.org
ghost.org

Subject Issuer	Validity	Valid
troyhunt.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
report-uri.com E1	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-08-31` - `2024-09-27`	a year	crt.sh
ghost.io R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-11` - `2024-08-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: 6D8896FF579514025852494274EAAD60
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EhmekYj1pIY
Frame ID: 94E3BC58BB4CAAA86EE02DADFCBBD6E1
Requests: 20 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: AA4F86A63C5FE354849FC623AA0FD66C
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Frame ID: 09D98AB5995FB32E514ECC3B11380B6E
Requests: 26 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 3A84242DCC00486D55C5BBF3BD733E5B
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Frame ID: A0DE33664AA9E82D862416A944CDDE8D
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.troyhunt.com
Frame ID: D146A9D4EBF1D57C4B84EAF0EB37C8D4
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 24AE164302C55E41130DA0D21324C44E
Requests: 12 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 2F95E575C772123DC6E7B91FB1FBC356
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Troy Hunt: I Now Own the Coinhive Domain. Here's How I'm Fighting Cryptojacking and Doing Good Things with Content Security Policies.

Page URL History Show full URLs

http://coinhive.com/ HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

118
Requests

99 %
HTTPS

69 %
IPv6

20
Domains

29
Subdomains

29
IPs

5
Countries

3781 kB
Transfer

9660 kB
Size

8
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://infosec.exchange/@troyhunt
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://twitter.com/troyhunt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/troyahunt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/troyhunt

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/troyhuntdotcom

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TroyHunt

Search URL Search Domain Scan URL

URL: https://kolide.com/troyhunt
Title: Sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today!

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/&text=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/&title=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190429040938/https://coinhive.com/
Title: Coinhives's

Search URL Search Domain Scan URL

URL: http://coinhive.com/?ref=troyhunt.com
Title: coinhive.com

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/coinhive-cryptojacking-service-to-shut-down-in-march-2019/?ref=troyhunt.com
Title: And then Coinhive was gone

Search URL Search Domain Scan URL

URL: https://lookedon.com/?ref=troyhunt.com
Title: lookedon.com

Search URL Search Domain Scan URL

URL: https://www.usenix.org/system/files/sec19-bijmans.pdf?ref=troyhunt.com
Title: Inadvertently Making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190430083127/https://coinhive.com/lib/coinhive.min.js
Title: the original Coinhive script

Search URL Search Domain Scan URL

URL: http://webtruyenonline.com/?ref=troyhunt.com
Title: webtruyenonline.com

Search URL Search Domain Scan URL

URL: https://www.cyber-threat-intelligence.com/publications/CCS2019-router.pdf?ref=troyhunt.com
Title: Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for Cryptojacking

Search URL Search Domain Scan URL

URL: http://aahora.org/?ref=troyhunt.com
Title: aahora.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Subrata_Roy?ref=troyhunt.com
Title: Subarta Roy

Search URL Search Domain Scan URL

URL: https://www.netflix.com/au/title/80990073?ref=troyhunt.com
Title: Bad Boy Billionaires

Search URL Search Domain Scan URL

URL: https://www.telerik.com/blogs/understanding-fiddlerscript?ref=troyhunt.com
Title: FiddlerScript

Search URL Search Domain Scan URL

URL: https://report-uri.com/?ref=troyhunt.com
Title: Report URI

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri?ref=troyhunt.com
Title: report-uri is deprecated

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to?ref=troyhunt.com
Title: report-to

Search URL Search Domain Scan URL

URL: https://github.com/troyhunt/Coinhive?ref=troyhunt.com
Title: the code that now runs on coinhive.com is available on GitHub

Search URL Search Domain Scan URL

URL: https://github.com/troyhunt/Coinhive/pull/3?ref=troyhunt.com
Title: a full WASM implementation

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Title: Tweet

Search URL Search Domain Scan URL

URL: https://ndc-security.com/
Title: NDC Security: 8 to 11 Jan, Oslo (Norway)

Search URL Search Domain Scan URL

URL: https://ndcoslo.com/
Title: NDC Oslo: 10 to 14 Jun, Oslo, Norway

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2F

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fbilling.pluralsight.com%2Findividual%2Fcheckout
Title: How about a 10 day free trial?

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fowasp-top10-aspdotnet-application-security-risks
Title: OWASP Top 10 Web Application Security Risks for ASP.NET

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fhttps-every-developer-must-know
Title: What Every Developer Must Know About HTTPS

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fhack-yourself-first
Title: Hack Yourself First: How to go on the Cyber-Offense

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Finformation-security-big-picture
Title: The Information Security Big Picture

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-social-engineering
Title: Ethical Hacking: Social Engineering

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fmodernizing-websites-microsoft-azure
Title: Modernizing Your Websites with Azure Platform as a Service

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fbrowser-security-headers
Title: Introduction to Browser Security Headers

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-sql-injection
Title: Ethical Hacking: SQL Injection

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fweb-security-owasp-top10-big-picture
Title: Web Security and the OWASP Top 10: The Big Picture

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-web-applications
Title: Ethical Hacking: Hacking Web Applications

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/
Title: Creative Commons Attribution 4.0 International License

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Ghost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coinhive.com/ HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Redirect Chain

http://coinhive.com/
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

62 KB
20 KB

50ms
49ms

Document
text/html

2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59ee2bf7b4ade5d9768fb05d0ad8fba191ab2d2451827345f553aa4c40592336

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io .google-analytics.com .privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com .privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 846553064ba77745-AMS
content-encoding: br
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 09:27:44 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: cbfe2096-d636-4c63-b7b5-651aa9d83e3b cbfe2096-d636-4c63-b7b5-651aa9d83e3b
x-served-by: cache-ams21079-AMS
x-timer: S1704098418.902206,VS0,VE0
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

age: 5882772
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 84655305db137745-AMS
content-length: 0
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
date: Tue, 16 Jan 2024 09:27:44 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
location: /i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 301 Moved Permanently
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 4486b26d-d9ca-4b11-a832-5bf2b78ce987 4486b26d-d9ca-4b11-a832-5bf2b78ce987
x-served-by: cache-ams21040-AMS
x-timer: S1699514493.873697,VS0,VE1
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

GET
H2 200 main.min.css
www.troyhunt.com/assets/css/ 26 KB
7 KB 134ms
134ms Stylesheet
text/css 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/assets/css/main.min.css?v=5f9a9e396c

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777cce45fc6263382451ea803a5d8f90ec653bc12c38631c85c44a4e54d00aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 3304558
content-encoding: br
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: e225bd1e-dcd2-452b-88d0-773c639406de, e225bd1e-dcd2-452b-88d0-773c639406de
x-served-by: cache-ams21057-AMS
last-modified: Sat, 09 Dec 2023 03:15:30 GMT
server: cloudflare
x-timer: S1702092706.136699,VS0,VE1
etag: W/"68a3-18c4c92ad0f"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfyoLg2nMlIoS8h7rkuF31qJy0V5ZF%2BcEQMHB3E4uun1hzABRy6IRS81GcMZKEUV%2F%2Bq9wQXNEVQStsYOPa2U9pUP95zgJYH%2BKKVGxwFtjBhgd9bCKAxj%2BucGBXZM8DCXSmoUYWK19d8ksMQJpDQP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 846553069c177745-AMS
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 918ms
526ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40dcfd85aac0653dc78d4e5ab8c0391de20fa68282b34bcf8d76bb27312854ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 09:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 09:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 09:27:44 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 68ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3994603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m0E5E%2FHyimQSGues4Pg8sc1q0hyoBCVxAnwzrVP1H2WtJvrWZ3MR%2FSs9q9aF5rsETVSAHAGh2W8hJmdAZsSl2nEY3EHx8FSBmrW%2FwS1arZO1ohdtOEiA59Co9IzsMxluUfSW8n1gaYBSBITjU93akzt"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84655306de8c8fda-FRA
expires: Sun, 05 Jan 2025 09:27:44 GMT

GET
H2 200 portal.min.js Show response
cdn.jsdelivr.net/ghost/portal@~2.36/umd/ 1 MB
258 KB 595ms
313ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/portal@~2.36/umd/portal.min.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

905294f5d28180922d1b5cb1e5c46c01157ef38b6d69c17ceb3b46ca0ccab863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26445
x-jsd-version: 2.36.5
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1096bd-DvZjCw7RhYu/N7+ZNWVG9tOZ04k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0gavX94gYRVkxgIH4odYzUJWtu3TMe3GX5fZ8RiBSGdcjEoh5x8QxF0wSFXDwFRpyn4PU5WnlF4bC%2F9E0JK%2Fz9PndMLEEySE8tv51ez%2BsnX2G7RzPXavf3%2B%2BBBtdW49aeZFckcvQQACZ7XFF%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cf-ray: 846553085df59ba1-FRA

GET
H2 200 sodo-search.min.js Show response
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ 197 KB
66 KB 316ms
35ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11165
x-jsd-version: 1.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230102-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6tKlRB0ICeQdiL5yG1OqEdO40iHlf%2B9oTBo9FQ6ivpYPi4qhtNOjdu1CWkVG0QrKsE823QVvdtyHUyReCTkr1sLuRhQOgFVyGeUtHlL28pYjDN6zi%2BvwV3zKiPcTRVQuxTEWkA05pXg0c0DRtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cf-ray: 846553085df49ba1-FRA

GET
H2 200 cards.min.js Show response
www.troyhunt.com/public/ 7 KB
2 KB 172ms
172ms Script
application/javascript 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.js?v=5f9a9e396c

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 3304558
content-encoding: br
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: 115a8de1-69bb-4853-a515-a4c60419feb6, 115a8de1-69bb-4853-a515-a4c60419feb6
x-served-by: cache-ams21054-AMS
server: cloudflare
x-timer: S1702092706.138950,VS0,VE1
etag: W/"431228c753b74a6958600d170f921e6d"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw7Ud1qyyaSfnnS%2BxezfvA828dC8u%2B5NzRRlrO9yaYtnD4xceZLnrjbBirh0LXN0oXmStK8SoWlyxFrMvsvlD1tW%2FCpn2rJW4RR5oGu8nl%2FfPoTtPwvS%2B0fGCIpVQgeE3ZlxCV6vFDhwHVzg9AZR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 84655306ac207745-AMS
x-cache-hits: 1

GET
H2 200 cards.min.css
www.troyhunt.com/public/ 39 KB
7 KB 112ms
112ms Stylesheet
text/css 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.css?v=5f9a9e396c

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54682e379031e7d89b632f95f6ce239060db2a9d7fce9f92638dc4a8cbd1ae41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 3304558
content-encoding: br
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: ff29d889-8c44-4ccd-bd9f-2236b51b78cb, ff29d889-8c44-4ccd-bd9f-2236b51b78cb
x-served-by: cache-ams21078-AMS
server: cloudflare
x-timer: S1702092706.138496,VS0,VE1
etag: W/"d3c677de6b672445cc6386191937cf9b"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8oj6vGYjjDTVgkqGzK3tiiPdZY2mMmApuP1mzccpFeI8S%2BKOXdfKxKVWgC1%2B6jL4zZGaSTCG4e0Qv5EOeI1ZVZjvOiO3Pid%2BpIzccan%2FGhm3KvJfrFqedqtVAv%2F%2BLzzPiyg393%2FUabQNz20qfmP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 846553069c197745-AMS
x-cache-hits: 1

GET
H2 200 member-attribution.min.js Show response
www.troyhunt.com/public/ 2 KB
1 KB 173ms
173ms Script
application/javascript 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/member-attribution.min.js?v=5f9a9e396c

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 3304558
content-encoding: br
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: e0231911-f32c-4a52-a09e-bb8d5337adb2, e0231911-f32c-4a52-a09e-bb8d5337adb2
x-served-by: cache-ams21082-AMS
server: cloudflare
x-timer: S1702092706.139935,VS0,VE1
etag: W/"909b42c515ee6c2aece5a3f270049f98"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJcsGkSry1doZdEMIpHhZRKfsM59HpwWeex1aQdNoWWgePX8w984Vqg82ek9sfqyEnF3kX95QaY1cYdqZFLsdIfT20YsSfbK5FZgjbr51Z%2FOABzgwsccIo0M6He8SvIZ1arte6b0EcfiL%2FekmkeM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 84655306ac227745-AMS
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 436ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4cd11bca23b2d8779377a9ace0c9e3927670045d7f51cfda42ef9536903288e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 09:27:44 GMT

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ 0
594 B 319ms
261ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 84655306fde65c74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 335ms
285ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:44 GMT
Content-Encoding: gzip
Age: 1109
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (amb/6BC2)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 Logo-2.svg
www.troyhunt.com/content/images/2017/11/ 4 KB
2 KB 149ms
149ms Image
image/svg+xml 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2017/11/Logo-2.svg

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 5983786
content-encoding: br
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: 1accf4dd-f5d0-4eec-8311-534d4f2db367, 1accf4dd-f5d0-4eec-8311-534d4f2db367
x-served-by: cache-ams21061-AMS
last-modified: Wed, 01 Nov 2017 08:13:50 GMT
server: cloudflare
x-timer: S1699413479.805637,VS0,VE1
etag: W/"ff3-15f76a4c508"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mH45JgLpVUkb1T2pfqQF%2Fhnnk0YhGzOSwk3V1hkc4cBNXZ1xJGrnmAfbmfXN3MaK24faVSUlSWbKycw6fXkGrPFZ7Y%2Ft8GLr5QQgtwjqpkX%2FZ3iaFuRw8myPyym4mcSPTiladz%2BaQFjDHK15%2FPB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 84655306cc6b7745-AMS
x-cache-hits: 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 526ms
495ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B895JNTH7Z&gtm=45je41a0v896774953&_p=1705397265338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1199440928.1705397265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705397265&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 09:27:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 524ms
496ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH977CGYFX&gtm=45je41a0v896774953&_p=1705397265338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1199440928.1705397265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705397265&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1856
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 09:27:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v23/ 45 KB
45 KB 388ms
26ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:08:40 GMT
x-content-type-options: nosniff
age: 55145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46448
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:26:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:08:40 GMT

GET
H2 200 EhmekYj1pIY Show response
www.youtube.com/embed/ Frame 94E3 92 KB
41 KB 238ms
106ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EhmekYj1pIY

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

179d3f9d43e553da66541fda65e979c6c228d1b500cbd6e8ffc3e9d904e50a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 09:27:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 BlogData Show response
bloghelpers.troyhunt.com/api/ 435 B
910 B 409ms
42ms XHR
application/json 104.21.46.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloghelpers.troyhunt.com/api/BlogData

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.46.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a92c93b171f1e547f1a67b7a2e55c7ed85add4bf07a08db2753bc3cfde96073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2004
content-encoding: br
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:2126186f-f3a8-4540-9c69-e6eb72430007
last-modified: Tue, 16 Jan 2024 08:54:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLqhNezR85oQgs3%2BO%2BBLKh0B1bcou1yEtnIv7HWfzmzWnkQLBdIVEt1gPaRoTtgFA8lzQbeDFZsgQ8UER92irzT3kbA7jb%2B6aLwkuTMaWTxWbKsVf9NZZKnsZSBjqPiyL%2Fmr0MpXjjJvDv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public, max-age=14400
cf-ray: 8465530efa39049c-CDG

GET
H/1.1 200
OK embed.js Show response
troyhunt.disqus.com/ 79 KB
26 KB 204ms
160ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/embed.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

224ed23d02681084d43eb4789e1b4002a0cfca6fd6d8e01d7d6c2eff424c4b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:45 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
server: openresty
Age: 0
Vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
x-service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 26123

GET
H2 200 2021-03-29_17-11-30.png
www.troyhunt.com/content/images/2021/03/ 384 KB
385 KB 39ms
38ms Image
image/png 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/2021-03-29_17-11-30.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 4242092
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
content-length: 392979
ghost-fastly: true
x-request-id: 615ad7f4-87a8-4ea1-8ade-e6dd6c8381c3, 615ad7f4-87a8-4ea1-8ade-e6dd6c8381c3
x-served-by: cache-ams21021-AMS
last-modified: Mon, 29 Mar 2021 08:02:26 GMT
server: cloudflare
x-timer: S1701155174.573386,VS0,VE2
etag: W/"5ff13-1787d016583"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cQm3VqmdbF8MvM0ynt7wDcrrRyJ7gUCj8CohOAZZzdCO7QJtOKMorxEqRj5lowsaD06mH7z5V0QI9tKf3ZlarRdJyp0xCLoNviX%2Fse7lYJ6H5OuTHNxagvs988y20f7FAZMQ0DkcmGqXB%2F9awDT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8465530cbda77745-AMS
ghost-cache: MISS
x-cache-hits: 1

GET
H2 200 c5531bfb7d76cdaa370c7baf6053288d
www.gravatar.com/avatar/ 14 KB
14 KB 7069ms
13ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Tue, 16 Jan 2024 09:27:52 GMT
last-modified: Thu, 09 Dec 2021 09:20:52 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c5531bfb7d76cdaa370c7baf6053288d.jpeg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x>; rel="canonical"
content-length: 14191
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 09:32:52 GMT

GET
H2 200 0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
fonts.gstatic.com/s/vollkorn/v23/ 46 KB
46 KB 402ms
55ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v23/0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

2df946dc6164389d5f6ac664b55c3a56d2b3f6bdd96c814b7ac6f661a2d47cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:46:01 GMT
x-content-type-options: nosniff
age: 315704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47472
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 17:46:01 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
153 KB 26ms
26ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4000935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy2%2B%2BaFdNdIT0vvm9d1LnP2VJC2kkqEOnRPfd6uAiO4VRZEu2ZPyXdQZzWipYlXUi%2Fn6XiHoJYCmOtV7QMHnQRxZNpEKLHrGmXhDWGG3ia8Wm6OciaGzb55iySftt%2FvvlLIEERsiSWNmpgxqmCS9tJqH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8465530cbadc8fda-FRA
expires: Sun, 05 Jan 2025 09:27:45 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 115 KB
115 KB 330ms
330ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c3ab2a571e46e9ab17a9ee0937e10a682119267da20315bb3247f42cd30196a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2348024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 117372
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-1ca7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBwAHVWNUCbWVS%2BVdN0LQ3vSzsOy2MUW0fn3aomo9YSxdSnU6cZLoLt3bYHA2uTY6LieZ6p38wuqDgTUD3pw9TFcUOB2c0Z7wY4eXZfUXNIm5H7VOeUA2v9tppRE8gHyEQkKnNVFLggIimHMMAq2g2Xr"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8465530cbadd8fda-FRA
expires: Sun, 05 Jan 2025 09:27:45 GMT

GET
H2 200 image-60.png
www.troyhunt.com/content/images/2021/03/ 24 KB
25 KB 2873ms
2873ms Image
image/png 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-60.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 4261469
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
content-length: 24853
ghost-fastly: true
x-request-id: 112fc109-dbe3-4bfd-87fb-3c55fabf3752, 112fc109-dbe3-4bfd-87fb-3c55fabf3752
x-served-by: cache-ams21073-AMS
last-modified: Wed, 31 Mar 2021 02:18:38 GMT
server: cloudflare
x-timer: S1701135797.923529,VS0,VE1
etag: W/"6115-17886135c00"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2pZqTXH821uayqTEQGUQM2Xvy6x76sQkGflw91K40ob86RT%2FfKn%2BWikkRiHDgAmPiaScF2Hs%2F%2BZ%2BDdVHIRkvoGnQ3eoEM4aHkxMivhFg%2BWouZpJ4I%2ByAHZjxVJyyBEyzehmH3GzhuZPD2PdBivx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8465530ceded7745-AMS
ghost-cache: MISS
x-cache-hits: 1

GET
H2 200 image-61.png
www.troyhunt.com/content/images/2021/03/ 22 KB
22 KB 2873ms
2873ms Image
image/png 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-61.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 5618041
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
content-length: 22256
ghost-fastly: true
x-request-id: b457677c-a492-4136-a57a-a65a15011512, b457677c-a492-4136-a57a-a65a15011512
x-served-by: cache-ams21024-AMS
last-modified: Wed, 31 Mar 2021 02:19:10 GMT
server: cloudflare
x-timer: S1699779224.127712,VS0,VE0
etag: W/"56f0-1788613d7be"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o938dGObdcIkWkPW7mdDfylVnHbaQKudZvrtJLMibbeIVgfXHbg1Ea1bN0liAFs1xwpUSnbQ0oKRdTa1Mh8yxh4cDNNfehVL2Kw1LSXRYzlIcovtAq8kjDzsftpt9CmigD4Nu504EkOmHr4WNI5L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8465530cedef7745-AMS
ghost-cache: MISS
x-cache-hits: 2

GET
H2 200 image-62.png
www.troyhunt.com/content/images/size/w1000/2021/03/ 208 KB
209 KB 2874ms
2873ms Image
image/png 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/size/w1000/2021/03/image-62.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 5812393
x-cache: HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400
content-length: 213055
ghost-fastly: true
x-request-id: d36986ee-d7d8-4917-8251-e0bf1cdead88, d36986ee-d7d8-4917-8251-e0bf1cdead88
x-served-by: cache-ams21059-AMS
last-modified: Wed, 31 Mar 2021 02:27:19 GMT
server: cloudflare
x-timer: S1699584873.742182,VS0,VE2
etag: W/"3403f-178861b4cef"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYI%2FnWLj5H5WUN%2Bu35PudphDhmipL38p3d4HlaJN4IjbxL4aueBfVbezhqAjBelQHtYG6eyejhzWfk5eiZ4CGoK%2B8E8DpUmS69hN0%2BueYcmbtVz%2Fc8JVs5VvK%2FKffhZfMRzMXBRnYoEhqywYZvBt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8465530cedf27745-AMS
ghost-cache: MISS
x-cache-hits: 1

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame AA4F 0
263 B 27ms
26ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 8465530e0c095c74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK recommendations.js Show response
troyhunt.disqus.com/ 64 KB
22 KB 122ms
121ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/recommendations.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

96f5ef2ba23f6bf380fca8d48092d5c27712226229dac7871eea7d64149e54f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:45 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
content-type: application/javascript; charset=utf-8
cache-control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
x-service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21371

GET
H2 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 94E3 358 KB
47 KB 132ms
132ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 06:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 06:39:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94E3 15 KB
15 KB 127ms
71ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 100555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94E3 15 KB
16 KB 76ms
20ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 1111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 09D9 104 KB
19 KB 154ms
121ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2acd89e68dc69d3510d1c9ce21fa8992b19c89fabb843f44f81981c67d7a411c

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17752
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 16 Jan 2024 09:27:45 GMT
ETag: W/"lounge:view:8455005378.e5449c64484ff5988aee3ab05be143ca.2"
Last-Modified: Sun, 14 Jan 2024 21:50:17 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 3A84 0
240 B 27ms
26ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 09:27:45 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 8465530edce45c74-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/ Frame 94E3 52 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f93fb524540430d76d47433c0426f8ce0d0a6f12d10c54fd2a0299114039980e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 336133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16421
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 12:05:32 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 94E3 323 KB
97 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 05:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Jan 2025 05:25:56 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/ Frame 94E3 2 MB
770 KB 213ms
213ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10684e81a8ec7702fc0c83e7abc260cb3de59cf48493e4d45a8b06509f7aa21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787944
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 03:35:20 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame A0DE 5 KB
3 KB 136ms
113ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

adf44520a8da29354745c4af1dd981c82895b534d5443d09b7cf38c26c6efba4

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2365
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 16 Jan 2024 09:27:45 GMT
Last-Modified: Wed, 02 Nov 2022 08:14:26 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 lounge.load.cb3f36bfade5c758ef967a494d077f95.js Show response
c.disquscdn.com/next/embed/ Frame 09D9 1 KB
1 KB 573ms
322ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.cb3f36bfade5c758ef967a494d077f95.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

76e2eb5e5e17ae7c75ded230b7e5f8d0c7c0e1ae63e9014f7bb9e58617dc852f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 04 Jan 2024 17:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1006071
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 630
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 04 Jan 2024 17:51:50 GMT
server: nginx
etag: "6596f036-276"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 59TPOcULCLTKex3Giu56k8J0mfFq0bQ95AaeDAoausCy7ma4zcOJiw==
expires: Fri, 03 Jan 2025 17:59:55 GMT

GET
H2 200 recommendations.load.951a38b2848de5e250e80346106bc490.js Show response
c.disquscdn.com/next/recommendations/ Frame A0DE 923 B
1 KB 466ms
323ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.951a38b2848de5e250e80346106bc490.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

59e3774d3b30422dd735c7dba618d86de1069cd77ebfc4a784548fdfbfcb226a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 18 Dec 2023 17:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 2476737
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 449
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 18 Dec 2023 16:49:31 GMT
server: nginx
etag: "6580781b-1c1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: XfSW5ZYceyc1dR5H_3F9Tg-rPrTOYf2sG-EdQ2ko2b6ENwi0LE9bmQ==
expires: Tue, 17 Dec 2024 17:28:49 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame D146 319 KB
104 KB 22ms
22ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.troyhunt.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3081950
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jan 2024 09:27:46 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB1)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js Show response
c.disquscdn.com/next/embed/ Frame 09D9 280 KB
93 KB 334ms
137ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cb3f36bfade5c758ef967a494d077f95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a12ed1612f455158732f858b4cf1395777f2a53584d46bf9cd8530ed9f53e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 18 Dec 2023 17:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 2476742
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94199
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 18 Dec 2023 16:49:31 GMT
server: nginx
etag: "6580781b-16ff7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 6NaBAIhlSpRwfYxymOvaUabo0bm3407QnLRRDPeqmOSABDZRSMkeLQ==
expires: Tue, 17 Dec 2024 17:28:44 GMT

GET
H2 200 common.bundle.946a10c95150e29f6221320c88b3a429.js Show response
c.disquscdn.com/next/recommendations/ Frame A0DE 262 KB
87 KB 776ms
579ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.951a38b2848de5e250e80346106bc490.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4b45fc782ab0fa351474257093b4ae68442a4adfebc35b23aaa72f2c74d147a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 18 Dec 2023 17:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 2476737
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88874
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 18 Dec 2023 16:49:31 GMT
server: nginx
etag: "6580781b-15b2a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: MoFtL_4SuNSUKmhvyhQmThwg4jhr3vocnR1zlSRpaWwNNdEyHygFiQ==
expires: Tue, 17 Dec 2024 17:28:49 GMT

GET
H3 204 /
www.troyhunt.com/members/api/member/ 0
0 127ms
126ms Fetch 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/members/api/member/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.36/umd/portal.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io .google-analytics.com .privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com .privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:46 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"default","max_age":10886400}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
x-cache: HIT
status: 204 No Content
alt-svc: h3=":443"; ma=86400
ghost-fastly: true
x-request-id: b7b0506b-8f72-49fb-9884-99589bd4f544, b7b0506b-8f72-49fb-9884-99589bd4f544
x-served-by: cache-ams21039-AMS
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-timer: S1705397267.672972,VS0,VE1
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
vary: Cookie, Accept-Encoding
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-origin: *
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-cache: MISS
cf-ray: 8465531488b66621-AMS
x-cache-hits: 1

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/settings/ Frame 0
0 363ms
15ms Preflight 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 63660
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.75
date: Tue, 16 Jan 2024 09:27:47 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-request-id: 7f7b4961-5b2b-4fbe-895b-aa1f24d868cc 7f7b4961-5b2b-4fbe-895b-aa1f24d868cc
x-served-by: cache-ams21065-AMS
x-timer: S1705397267.111113,VS0,VE1

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/tiers/ Frame 0
0 362ms
14ms Preflight 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 63660
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.75
date: Tue, 16 Jan 2024 09:27:47 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-request-id: a56b20e8-16a1-4e94-a318-f51a31aaf9ad a56b20e8-16a1-4e94-a318-f51a31aaf9ad
x-served-by: cache-ams21065-AMS
x-timer: S1705397267.111172,VS0,VE1

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/newsletters/ Frame 0
0 363ms
15ms Preflight 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 48695
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.75
date: Tue, 16 Jan 2024 09:27:47 GMT
ghost-age: 14965
ghost-cache: HIT
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-request-id: 7bb93ac1-6f4b-4719-805a-0c00d754890a 0fdab26d-80ed-4010-9891-10bd40e88197
x-served-by: cache-ams21065-AMS
x-timer: S1705397267.111151,VS0,VE1

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/settings/ 2 KB
1 KB 17ms
17ms Fetch
application/json 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.36/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 6553fd98aab64150e957f36452302d8421cce0f303dfd1f7d4bd712a65ecc9cd

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63672
x-cache: HIT
status: 200 OK
content-version: v5.75
alt-svc: clear
content-length: 887
ghost-fastly: true
x-request-id: a908b327-9474-483c-8e57-32eeeea22296, a908b327-9474-483c-8e57-32eeeea22296
x-served-by: cache-ams21065-AMS
server: openresty
x-timer: S1705397267.127226,VS0,VE4
etag: W/"828-TnhXAsWR26bEqrZA7Ts2woXYLCg"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/tiers/ 685 B
672 B 16ms
15ms Fetch
application/json 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.36/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 27673
date: Tue, 16 Jan 2024 09:27:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 35999
x-cache: HIT
status: 200 OK
content-version: v5.75
alt-svc: clear
content-length: 356
ghost-fastly: true
x-request-id: 2a0aa63e-2437-4d0e-b542-d163b903677b, d20dec26-3826-4213-bc5f-590e8693180e
x-served-by: cache-ams21065-AMS
server: openresty
x-timer: S1705397267.126599,VS0,VE2
etag: W/"2ad-LRIzvm1aa+pB2kd9cIdE7oaGJYk"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/newsletters/ 604 B
631 B 15ms
14ms Fetch
application/json 151.101.131.7
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.36/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.7 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Tue, 16 Jan 2024 09:27:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 63672
x-cache: HIT
status: 200 OK
content-version: v5.75
alt-svc: clear
content-length: 434
ghost-fastly: true
x-request-id: 3462f8b3-dae1-4553-8eb8-c3f4bf6c1344, 3462f8b3-dae1-4553-8eb8-c3f4bf6c1344
x-served-by: cache-ams21065-AMS
server: openresty
x-timer: S1705397267.127225,VS0,VE1
etag: W/"25c-a8NOwjERtiFH3rCqN/X+kdBpfho"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lounge.f7ae30d42a8946a9460cc262732d4da8.css
c.disquscdn.com/next/embed/styles/ Frame 09D9 233 KB
33 KB 451ms
451ms Stylesheet
text/css 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f17fa1d863ade20f6e8af77a09d3ea79b694c4cea7a50f11aa2d65b5d4755d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 18 Dec 2023 17:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 2476742
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33312
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 18 Dec 2023 16:49:31 GMT
server: nginx
etag: "6580781b-8220"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: x7avOFwMFENVEXJ5vYVgnV4xOzjzxbiQa1vPE0ojr8rEs4Wv9nzgjw==
expires: Tue, 17 Dec 2024 17:28:45 GMT

GET
H2 200 lounge.bundle.2f86b371c469b373967566d21bc76e78.js Show response
c.disquscdn.com/next/embed/ Frame 09D9 513 KB
129 KB 1038ms
1038ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.2f86b371c469b373967566d21bc76e78.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

343cc2ae21bbaf76ed55ccd75441f693b5ed63a18f1d2ce7bf4195ef0d8a7b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 04 Jan 2024 17:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1006071
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 131052
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 04 Jan 2024 17:51:50 GMT
server: nginx
etag: "6596f036-1ffec"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: e6TuHKi_6n0zQwSVFck_v8qHBmwjPwPtBYk4shSHijmXH-4MrxMSUQ==
expires: Fri, 03 Jan 2025 17:59:56 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 09D9 19 KB
19 KB 13ms
13ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba7cfaa35518965e2f5f4e3bc541237723e1150f030b2e4c17504a996542c89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:47 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 30
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 19314
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame A0DE 14 KB
3 KB 1002ms
1002ms Stylesheet
text/css 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 08 Oct 2023 22:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 8591627
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2968
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 03 Oct 2023 15:33:15 GMT
server: nginx
etag: "651c343b-b98"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 3mlKxCZD62m-K4hFsJ6pd9htR1GjXU4qOpDLbEmDpvN1iGMwSaBALA==
expires: Mon, 07 Oct 2024 22:54:00 GMT

GET
H2 200 recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js Show response
c.disquscdn.com/next/recommendations/ Frame A0DE 66 KB
21 KB 1085ms
1085ms Script
application/javascript 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.b1d305f840327c58f4ac9b236b8cd735.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

47d4cc8f41a50c8835c9f83a13ab174866b9f82a24ea590b854574a6773a071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 31 Oct 2023 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 6636409
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20373
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 31 Oct 2023 13:53:35 GMT
server: nginx
etag: "654106df-4f95"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: oRIJ6rcLGQZneV57Tc5g7l8cihpmJM258ZtgAnyL96kchwLV_O_Z0w==
expires: Wed, 30 Oct 2024 14:00:58 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame A0DE 19 KB
19 KB 17ms
17ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba7cfaa35518965e2f5f4e3bc541237723e1150f030b2e4c17504a996542c89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:47 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 30
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 19314
X-XSS-Protection: 1; mode=block

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D146 869 B
658 B 173ms
127ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b1f1db5c4ca9d145238836faf703029dd71b79d3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.troyhunt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 16 Jan 2024 09:27:48 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 16 Jan 2024 09:27:48 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a7f9f2035ed10292
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 80c06f09958b12837e9e0c4ae4b705996f34cd1793b29400be4918d54f8d0f81
content-length: 337

GET
H/1.1 200
OK tweet.d7aeb21a88e025d2ea5f5431a103f586.js Show response
platform.twitter.com/js/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B76) /
Resource Hash: b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:48 GMT
Content-Encoding: gzip
Age: 3081977
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2725
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (amb/6B76)
Etag: "1836187c57e3f0873abebe6985a39f5a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 09D9 3 KB
4 KB 123ms
123ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.38c5aabc45d4259965d7e2fa23a41f7b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

da947c3537229e7588c2c6e1f0a43e1809b0ff033a19f8de7e6b2f16b447c805

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:48 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3159
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 09D9 11 KB
970 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 09:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 09:22:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 09:27:48 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 3 KB
3 KB 577ms
576ms Image
image/gif 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 20 Aug 2023 12:05:10 GMT
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 12864158
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 02 Aug 2023 23:18:56 GMT
server: nginx
etag: "64cae460-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hxzp3DdTzks0EooLXCvD3jSWZJTrIsQYkKnuHYK6aoAIVjnhhBtpBw==
expires: Mon, 19 Aug 2024 12:05:10 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 840 B
1 KB 577ms
577ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 21 Sep 2023 03:03:24 GMT
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 10131863
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 20 Sep 2023 10:55:06 GMT
server: nginx
etag: "650acf8a-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mMlBpksP6oMQgngr3mWtGFbN95HpI5PEHdV-oeqlFzeG7lG67Mt37Q==
expires: Fri, 20 Sep 2024 03:03:24 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 891 B
1 KB 578ms
577ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 12 May 2023 01:14:12 GMT
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 21543216
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 09 May 2023 18:32:30 GMT
server: nginx
etag: "645a91be-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HSXGwFvn9NyK-a5upgdwBRZz2dzgTRtR_oW8kbDjXVM9UBXHbLzccA==
expires: Sat, 11 May 2024 01:14:12 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 605 B
1 KB 578ms
578ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 14 Sep 2023 03:57:58 GMT
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 10733390
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 13 Sep 2023 20:48:30 GMT
server: nginx
etag: "6502201e-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5gglnOEmiVT48Xs2bstgE_su2EhrunrtMHTu_2HhFxWU_oqho1OeBQ==
expires: Fri, 13 Sep 2024 03:57:58 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 2 KB
2 KB 579ms
579ms Image
image/png 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 24 Jul 2023 12:53:27 GMT
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 15194061
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 12 Jul 2023 14:04:56 GMT
server: nginx
etag: "64aeb308-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: U-xmWxvFT9cDwiyIkCNMqCxjEQYYOOCBaQkMCPo5BLVY0UJganiilw==
expires: Tue, 23 Jul 2024 12:53:27 GMT

GET
H2 200 icons.79e576f9489bae308388e5b8e250aa86.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 09D9 8 KB
9 KB 376ms
375ms Font
application/octet-stream 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 06 Dec 2023 19:49:42 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 3505086
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 8216
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 06 Dec 2023 19:40:12 GMT
server: nginx
etag: "6570ce1c-2018"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uNJO4P7AU0V0Uk1SfoF7M7uz7hDPv6Q-zErDYrLGNUay3W1tVOccXA==
expires: Thu, 05 Dec 2024 19:49:42 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1702943467/images/ Frame 09D9 2 KB
2 KB 50ms
13ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1702943467/images/noavatar92.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:48 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: AMS58-P4
age: 2392833
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: gQcLXmeyOSHfAq9mY2zcnLHv4pZ9K3h_nQceo3Y2iCVcLvZn8EKE-w==
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 16:47:15 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1702943467/images/ Frame 09D9 2 KB
2 KB 13ms
13ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1702943467/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.2f86b371c469b373967566d21bc76e78.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:48 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: AMS58-P4
age: 2392833
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: gQcLXmeyOSHfAq9mY2zcnLHv4pZ9K3h_nQceo3Y2iCVcLvZn8EKE-w==
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 16:47:15 GMT

GET
H2 200 like.855606fb4e3a7a6448e6c782f3f54e5a.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 2 KB
2 KB 296ms
296ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/like.855606fb4e3a7a6448e6c782f3f54e5a.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 25 Jul 2023 16:20:59 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 15095209
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1655
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 24 Jul 2023 13:43:23 GMT
server: nginx
etag: "64be7ffb-677"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Q28ZbpdLgxDfWMe0ROy_6v9-xOjbSXmA5H9FlrhTHGo6skp-ZN34Sg==
expires: Wed, 24 Jul 2024 16:20:59 GMT

GET
H2 200 dislike.612d8ba98928c381e4c789c1b309cda1.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 2 KB
2 KB 322ms
322ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/dislike.612d8ba98928c381e4c789c1b309cda1.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 26 Jul 2023 21:11:15 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 14991393
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1796
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Jul 2023 16:31:55 GMT
server: nginx
etag: "64c14a7b-704"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fgsXJAGyk0veQX-mRCno7u7CjMszWTBTKGnhGgvwasJFunuWr2n5kg==
expires: Thu, 25 Jul 2024 21:11:15 GMT

GET
H2 200 follow-v2.411b1215980cdde315e43cc006cfbea6.svg
c.disquscdn.com/next/embed/assets/img/ Frame 09D9 2 KB
2 KB 322ms
322ms Image
image/svg+xml 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/follow-v2.411b1215980cdde315e43cc006cfbea6.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.f7ae30d42a8946a9460cc262732d4da8.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 19 Dec 2023 07:01:08 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P3
age: 2428000
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1557
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 18 Dec 2023 16:49:31 GMT
server: nginx
etag: "6580781b-615"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3UQmR1mxGuPcVlI1epkmnVjwjUzVZtPgHXbEnUj7TUMKg9bE5RejrQ==
expires: Wed, 18 Dec 2024 07:01:08 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 09D9 43 B
339 B 132ms
103ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1578&event=init_embed&thread=8455005378&forum=troyhunt&forum_id=621325&imp=4vdeqdm4v9b10&thread_slug=using_the_coinhive_domain_to_fight_cryptojacking_and_do_good_things_with_content_security_policies&user_type=anon&referrer=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&theme=next&dnt=0&tracking_enabled=0&experiment=prebidbidisrequired_hidden&variant=active&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
x-xss-protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1702943467/images/ Frame 09D9 2 KB
2 KB 14ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1702943467/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.2f86b371c469b373967566d21bc76e78.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:48 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: AMS58-P4
age: 2392833
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: gQcLXmeyOSHfAq9mY2zcnLHv4pZ9K3h_nQceo3Y2iCVcLvZn8EKE-w==
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 16:47:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09D9 15 KB
16 KB 19ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:10:29 GMT
x-content-type-options: nosniff
age: 346640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 09:10:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09D9 15 KB
15 KB 20ms
20ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 17:28:03 GMT
x-content-type-options: nosniff
age: 57586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 17:28:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09D9 16 KB
16 KB 21ms
21ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 1055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:10:14 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09D9 17 KB
17 KB 21ms
21ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 12:16:48 GMT
x-content-type-options: nosniff
age: 76261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 12:16:48 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09D9 17 KB
17 KB 19ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:02 GMT
x-content-type-options: nosniff
age: 322007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:01:02 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 94E3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

27ms
27ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55223da5accdc98e0030f3fbc3e50b1bc98edeaaa72616247c61a349b844e98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 09:27:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 94E3 29 B
495 B 667ms
580ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:17:12 GMT
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 09:32:12 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 81ms
28ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 09:27:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 94E3 87 KB
40 KB 85ms
84ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ffe887ea11230a1aa6ebeab8457d5cf06f859b89413892fa1ec64f9b17dbe8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 09:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40760
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/ Frame 94E3 117 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9e0a0ad2fa39c74ef6825bcd98e8c7b5803210ea37ba87397036f15ba703ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33866
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 00:10:53 GMT

GET
H2 200 Ds_pDKslpu-iWcXddHrDyyVH9ulM38tH3FG5TexbKIk.js Show response
www.google.com/js/th/ Frame 94E3 51 KB
20 KB 202ms
132ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Ds_pDKslpu-iWcXddHrDyyVH9ulM38tH3FG5TexbKIk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ecfe90cab25a6efa259c5dd747ac3cb2547f6e94cdfcb47dc51b94dec5b2889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19790
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:27:10 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/EhmekYj1pIY/ Frame 94E3 47 KB
47 KB 80ms
23ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EhmekYj1pIY/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:47:39 GMT
x-content-type-options: nosniff
age: 2410
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47972
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 16 Jan 2024 10:47:39 GMT

GET
DATA 200
OK truncated
/ Frame 94E3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZRcPOzgN3Ux4zn0H2kE9JF1s0X1Es_1QQa1LYZndw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 94E3 3 KB
3 KB 329ms
282ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZRcPOzgN3Ux4zn0H2kE9JF1s0X1Es_1QQa1LYZndw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 06:29:59 GMT
x-content-type-options: nosniff
age: 10670
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: fife
etag: "v452"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Jan 2024 06:29:59 GMT

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 24AE 345 B
917 B 15ms
15ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 24
Cache-Control: public, max-age=1800
Content-Length: 345
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jan 2024 09:27:49 GMT
Etag: "f6d70a110dacf784d914a7bbb2a7d61b"
Last-Modified: Sat, 07 Oct 2023 22:50:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B77)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK embed.runtime.30e39e232aef74d6b314.js Show response
platform.twitter.com/embed/ Frame 24AE 9 KB
5 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA8) /
Resource Hash: 54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 4231
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BA8)
Etag: "a94f2c8e562dd94ba8264b04299bbc31+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9449.143d97ea3ade6f4824dc.js Show response
platform.twitter.com/embed/ Frame 24AE 488 KB
160 KB 376ms
15ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 162768
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B79)
Etag: "a096d4d712d8664b5f72fc16777f624e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.61c9a11318b778002223.js Show response
platform.twitter.com/embed/ Frame 24AE 33 KB
14 KB 386ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.61c9a11318b778002223.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 14004
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B7E)
Etag: "72cf5b19f8c06f163ed659346b6c0234+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame A0DE 3 KB
4 KB 14ms
13ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

da947c3537229e7588c2c6e1f0a43e1809b0ff033a19f8de7e6b2f16b447c805

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3159
X-XSS-Protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 94E3 4 KB
2 KB 390ms
40ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 09:27:49 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A0DE 11 KB
874 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 09:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 07:36:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 09:27:49 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame A0DE 7 KB
7 KB 14ms
14ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=troyhunt&thread=url%3Ahttps%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.946a10c95150e29f6221320c88b3a429.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e1d73d030ccbac5462b09e694c44744a2ae54152b0bf952df8fa04bf7b42c9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 1092
X-Frame-Options: SAMEORIGIN
Vary: Origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 6790
X-XSS-Protection: 1; mode=block

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 10 KB
11 KB 185ms
184ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F08%2FSplash-Template.jpg&key=Agehf0KDZmJndPHN5ZfaJA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9c3c976a28a11164f275b3d727657e6256828f963e087f1b1fb1d7a744bfec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 01 Jan 2024 16:57:59 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1268990
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10277
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDz9hYO7qiZBCzvQpR%2BkpwyWDWL1eyFxm%2FfrDjgW0eOvsZjmB9ZbbA5NkryImw0QxuZhcLnnuVAhXHhEaZqJzTiK9UJrpAhbnIdx8TEVCpM8xMqiXBUYMoNzMzGQ3%2FsglLw2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: 8iZRvm735Hyx4owKY7lP5dxmv9zGTYCkTQS3VLqMSGehhzQgtWkJrA==
expires: Wed, 31 Jan 2024 16:57:59 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 10 KB
11 KB 186ms
185ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F07%2FSplash-Template-2.jpg&key=ntn3h_lsA0yu6TDW6Fu0Ig&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

739301ce4ec601c701ebf4767ad009a395801f679677754545820b605fd3c9ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 01 Jan 2024 16:50:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1269421
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9938
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qecRQzgKB%2BDH6o%2FB8rI%2FQxgGoBQIl0wdJAPI4uqsi6N9YR5kmo2bVfUJ9xVoESQKDMopcdilAQwmk9a%2Bms5beMIql6tLf3KkV5TSIrtK3jW0wq9Jpp1gc6JgrPTMmi97hEX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: DQlfwNhEcA-Dp7P17i4xUXTeOvfi5_9FGi8Xs7LobqmkmawSF1p7Jg==
expires: Wed, 31 Jan 2024 16:50:47 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 5 KB
5 KB 186ms
186ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F08%2FHIBP-Banner-1.jpg&key=RL3wTiCCoq1nYXUpv0nPOA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cae571bcf2b273f8db403d76a304d4b509323358964351360ae5fe2db73525d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 01 Jan 2024 16:37:30 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1658132
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 4622
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gt5JnNmIfgl8bE0Yorrzyx2n%2FDD3uCSuwdLqBG5564fpLvY18Zgght6b8cDKxYQywQJS9zVqfm5tB8kRqL587Lh3YU0iFQrUDkhblQ%2BMtE2Xkb8shlKYlkYXALK7J4i0MHsk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: kDR2gTDXbOlQAdARleu6l3Fu2Y2qpuBUPLIA89IkAUw7v1XFXrqjUg==
expires: Wed, 31 Jan 2024 16:37:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 12 KB
13 KB 237ms
237ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2024%2F01%2FSplash-Template%401x_1-2.jpg&key=JzeyeRGcuh07eEtB2c5tPw&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a977010e4d109f7fd709597c1971cf130ef4f0f072b2aedaadfc67cab85f5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 08 Jan 2024 12:01:33 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 779096
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12464
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwGbjOx%2BqJzu74wDy5SmuUIVPWdXzkhHxJDZjfaRh8k8kscUNruLrDsRFnjH%2F4kYcNT9%2FKjVWcIVeDpcH%2BBFIExgNnJKzLZ%2BiqSif9O9k1Kb5xW7ZPiIxq32JLO0KFc0f7IY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: 8gbCVwqUH1PobNYbxjcKTsMN_KqSV6VQDZbSUyMX_V3P5LMywgjv2Q==
expires: Wed, 07 Feb 2024 12:01:33 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 10 KB
10 KB 290ms
289ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2Fsize%2Fw1200%2F2023%2F12%2Fp0FZ6iLmYtAhd.jpg&key=uGGBchDDB2quIZs3eNTT1Q&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1f7f2e51d7040ef50458cc4c4f02eef265d9f3586639e542c9e650f06b7e08ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 31 Dec 2023 16:25:03 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1443992
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9824
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuEqsIKr2B3BaCpNO2jNgIek88BU7sx0nA6XLaoN99GjUCFV34Q7CYYN9Z63OUcHpdpUI2Pa4qllFvkaJFt4%2BWe9rhulaoMfDkgC0lLltWwSuDjzAR%2BS2edDUVGhlyDkUwCo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: Z0w4JCQhBRSpCQchFweYrhg7iTgD5IJYBRIuAseox7Y-k5fEM0vLSg==
expires: Tue, 30 Jan 2024 16:25:03 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 9 KB
9 KB 322ms
321ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F09%2FSplash-Template-4.jpg&key=sdYGTS-9TL4j0QhEsC7qkw&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

46a86e935a64aeb9c906e2120ad1e67e0fc25b074983d172ede7b7ccbff5f062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 26 Dec 2023 03:39:29 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1835300
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8741
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lkKV4l%2FKlBHZFL8%2BxiAaZTNhM0J2mHP5Q%2FrlcGx2pez2u7VDSUSE7iS8F%2Fuxz5sm0ilSUY9Oy4BKX1rRdtqBYazt2DZhy0QNaUarQr15Lqtykavfp%2BCWV9O1NwwADTbGo3g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: kLl7xTjX29OQdp--e16g1AfHIgj3rgk6qW-_WaD4_SgyI4ksgQizPQ==
expires: Thu, 25 Jan 2024 03:39:29 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 8 KB
9 KB 324ms
324ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2017%2F01%2F1.jpg&key=Uss5NTIDlGZJAerUZXOuUg&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c2997b8373faeb8d57692bb9c01f4fa136fa654bca61548ae03070a0c6ad89d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 01 Jan 2024 16:37:30 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1855628
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 8630
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj5OhGYoutjNmDKH967QZBt2b%2FwPKeno4rdwABzUniICf6aGkkHaRynwTe3lZFYuiOJJhJknHXn7wCrQCDEgNsewtt2ogqEassIHX14T9EUs4K%2BkaSZgudtC9YRoqNzfFpRl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: 0RNnmgTVX38aTEW9_y8TyONPXFqHUTDofM57tADKXeTuBq9g505DjQ==
expires: Wed, 31 Jan 2024 16:37:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame A0DE 10 KB
11 KB 323ms
323ms Image
image/jpeg 2600:9000:26db:e200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F09%2FSplash-Template-3.jpg&key=z814x0DnuR2LYZECl6JapA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

43a5ef5b29b432f468d033afb64e87d26b4f4a2f15abe54ffae9c8ed70fd2750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 01 Jan 2024 16:38:01 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-P3
age: 1270188
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10418
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gS8Z%2BVRxLgAdOzAPY%2BHzdll1KJZja9wF5E9EDgGm1l0RF5IQ581reUgzvAOJGNMg0mUGV0yzv%2B9oPHL8JchwZaTcOPFWnmgFeBedh0ROEZyBIwHvfnMn9B3rvaKk%2F1wIlsNstBGG26NWUg5Wr3F7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: t3_0lDZgDDc188tbWtREFO3pRxHFASIRNvZQj3LiPwNtG5BGcSy5iA==
expires: Wed, 31 Jan 2024 16:38:01 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 94E3 90 B
134 B 31ms
31ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60b29624328bf9dbe1fe771638aba16b6a6777af19719dc29dfb7eef5851d7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 16 Jan 2024 09:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 16 Jan 2024 09:27:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 94E3 50 KB
15 KB 21ms
21ms Script
text/javascript 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 16 Jan 2024 14:14:38 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 94E3 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qusnTw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 24AE 19 KB
7 KB 16ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3029891
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6789
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B7F)
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js Show response
platform.twitter.com/embed/ Frame 24AE 4 KB
2 KB 16ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.3605b847d2e4afc15c0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA8) /
Resource Hash: dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1583
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BA8)
Etag: "11ef2c964d5d614da8c769c495a8855b+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js Show response
platform.twitter.com/embed/ Frame 24AE 35 KB
12 KB 14ms
14ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 11289
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6B9B)
Etag: "df117930505b95292615fd76b0e9369c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.9203.97b040640e3b329435c9.js Show response
platform.twitter.com/embed/ Frame 24AE 267 KB
82 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.9203.97b040640e3b329435c9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC6) /
Resource Hash: 1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 83738
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BC6)
Etag: "691b9586fce0d937b25fcf4f3130bc97+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.af3480c242f6c21a47e5.js Show response
platform.twitter.com/embed/ Frame 24AE 88 KB
21 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.af3480c242f6c21a47e5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.30e39e232aef74d6b314.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB9) /
Resource Hash: 37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=b1f1db5c4ca9d145238836faf703029dd71b79d3&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 09:27:49 GMT
Content-Encoding: gzip
Age: 3081978
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 20752
Last-Modified: Sat, 07 Oct 2023 22:50:34 GMT
Server: ECS (amb/6BB9)
Etag: "984e7cbd45e0ff91dc7b610ed59f333d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B895JNTH7Z&gtm=45je41a0v896774953&_p=1705397265338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1199440928.1705397265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705397265&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=scroll&epn.percent_scrolled=90&_et=9&tfd=6864
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 09:27:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 266ms
266ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH977CGYFX&gtm=45je41a0v896774953&_p=1705397265338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1199440928.1705397265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705397265&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6865
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 09:27:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 24AE 2 KB
1 KB 74ms
33ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1040634067018895360&lang=en&token=2it8xujvgub&uxouhk=dug8rzas7o6j&tmh2gh=26b5nb8at5wj&ubhxof=1f8844w75au3h&pt1yer=9m98u86on2s5&87z817=59q5w8tytkov&8btrtb=tfyh8dbmf3bl&ucriw7=1dn8kdtjzohin

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.9449.143d97ea3ade6f4824dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhd/35AA) / Express

Resource Hash

6796f7db7d122f04d63c0bffa7a4e69847257d68cee8ff23ed30ca8bbc67b54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 45
x-powered-by: Express
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 930
x-response-time: 147
last-modified: Tue, 16 Jan 2024 09:27:05 GMT
server: ECS (lhd/35AA)
etag: W/"8fd-A927ScUOZyyEXPzEmhXk1nz6RC0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 93c371621a3695d9
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: bd5cf2877bb341c8be1f5f460e7d6d8141bfad03b0b68b35a1713eb9c2c784fc
accept-ranges: bytes
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 24AE 43 B
150 B 125ms
125ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1705397270792%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22troyhunt%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22troyhunt%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222423e1d6feef8%3A1696717678980%22%2C%22item_ids%22%3A%5B%221040634067018895360%22%5D%2C%22item_details%22%3A%7B%221040634067018895360%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 16 Jan 2024 09:27:50 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 16 Jan 2024 09:27:50 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 962accdf0a06d644
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 80c06f09958b12837e9e0c4ae4b705996f34cd1793b29400be4918d54f8d0f81
content-length: 43

GET
H2 200 RxIZwxXx_normal.jpg
pbs.twimg.com/profile_images/824723579602403330/ Frame 24AE 2 KB
2 KB 79ms
27ms Image
image/jpeg 2a04:4e42:8d::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/824723579602403330/RxIZwxXx_normal.jpg

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Tue, 16 Jan 2024 09:27:50 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2035
x-served-by: cache-lhr7343-LHR, cache-fra-eddf8230137-FRA, cache-tw-ZZZ1
last-modified: Thu, 26 Jan 2017 20:57:58 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 0b3ea0efebf02be0
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 2F95 0
616 B 41ms
41ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 09:27:51 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 8465533008051976-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 94E3 28 B
54 B 35ms
34ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705397271158
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EhmekYj1pIY
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: CgtWSjZCa0k3MS1TWSiRmJmtBjIKCgJOTBIEEgAgSQ%3D%3D
X-YouTube-Ad-Signals: dt=1705397266271&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C930%2C480&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 16 Jan 2024 09:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 16 Jan 2024 09:27:51 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coinhive.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 9e8cb613e3f62a6ed8089584fcaf119324905ad19d8378a0be1a35f0477c8196
.troyhunt.com/	1970-01-21 03:19:17	Name: _ga Value: GA1.1.1199440928.1705397265
.troyhunt.com/	1970-01-21 03:19:17	Name: _ga_B895JNTH7Z Value: GS1.1.1705397265.1.0.1705397265.0.0.0
.troyhunt.com/	1970-01-21 03:19:17	Name: _ga_MH977CGYFX Value: GS1.1.1705397265.1.0.1705397265.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: IzvQuzq14qE
.youtube.com/	1970-01-20 22:02:29	Name: VISITOR_INFO1_LIVE Value: VJ6BkI71-SY
disqus.com/	1970-01-20 17:43:19	Name: __jid Value: 4vdeqci3r7i698
.disqus.com/	1970-01-21 02:28:53	Name: disqus_unique Value: 4vdeqdh139agal

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/embed.js(Line 48) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/embed.js(Line 48) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/embed.js(Line 48) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/recommendations.js(Line 35) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/recommendations.js(Line 35) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://troyhunt.disqus.com/recommendations.js(Line 35) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io .google-analytics.com .privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com .privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
bloghelpers.troyhunt.com
c.disquscdn.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdnjs.cloudflare.com
coinhive.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
region1.google-analytics.com
static.doubleclick.net
syndication.twitter.com
troyhunt.disqus.com
troyhunt.ghost.io
troyhunt.report-uri.com
www.google.com
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
www.troyhunt.com
www.youtube.com
yt3.ggpht.com
104.21.46.6
104.244.42.8
142.250.184.227
142.250.186.67
151.101.128.134
151.101.131.7
199.232.192.134
199.232.194.49
2001:4860:4802:32::36
2600:9000:26db:e200:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:3032::6815:2e06
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6811:b658
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2016
2a04:4e42:8d::159
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::3
93.184.220.66
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605
0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad
0ecfe90cab25a6efa259c5dd747ac3cb2547f6e94cdfcb47dc51b94dec5b2889
10684e81a8ec7702fc0c83e7abc260cb3de59cf48493e4d45a8b06509f7aa21e
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
179d3f9d43e553da66541fda65e979c6c228d1b500cbd6e8ffc3e9d904e50a84
1c009f307e70e03237797c7e3bbcc29fb1e683086cd36fe298cecdd8457921cf
1f7f2e51d7040ef50458cc4c4f02eef265d9f3586639e542c9e650f06b7e08ea
224ed23d02681084d43eb4789e1b4002a0cfca6fd6d8e01d7d6c2eff424c4b24
2acd89e68dc69d3510d1c9ce21fa8992b19c89fabb843f44f81981c67d7a411c
2df946dc6164389d5f6ac664b55c3a56d2b3f6bdd96c814b7ac6f661a2d47cec
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
343cc2ae21bbaf76ed55ccd75441f693b5ed63a18f1d2ce7bf4195ef0d8a7b63
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37442f83b7b4a4b95f0bf937cc8a545b218593f4d37f9176ab91374ba36894f3
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40dcfd85aac0653dc78d4e5ab8c0391de20fa68282b34bcf8d76bb27312854ad
43a5ef5b29b432f468d033afb64e87d26b4f4a2f15abe54ffae9c8ed70fd2750
46a86e935a64aeb9c906e2120ad1e67e0fc25b074983d172ede7b7ccbff5f062
47d4cc8f41a50c8835c9f83a13ab174866b9f82a24ea590b854574a6773a071a
4a92c93b171f1e547f1a67b7a2e55c7ed85add4bf07a08db2753bc3cfde96073
4b45fc782ab0fa351474257093b4ae68442a4adfebc35b23aaa72f2c74d147a9
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4dbc45bd7ed8caf2aeeae8de34e519d874987d5285c79b5b4a93a1d670a929c4
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0
54682e379031e7d89b632f95f6ce239060db2a9d7fce9f92638dc4a8cbd1ae41
54e0bff3b45c5a11d6cbc7173c2bc1f95ed306d1dc968edd966ce6747c2ab6a8
55223da5accdc98e0030f3fbc3e50b1bc98edeaaa72616247c61a349b844e98f
55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5
59e3774d3b30422dd735c7dba618d86de1069cd77ebfc4a784548fdfbfcb226a
59ee2bf7b4ade5d9768fb05d0ad8fba191ab2d2451827345f553aa4c40592336
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
60b29624328bf9dbe1fe771638aba16b6a6777af19719dc29dfb7eef5851d7d2
6553fd98aab64150e957f36452302d8421cce0f303dfd1f7d4bd712a65ecc9cd
6796f7db7d122f04d63c0bffa7a4e69847257d68cee8ff23ed30ca8bbc67b54b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
739301ce4ec601c701ebf4767ad009a395801f679677754545820b605fd3c9ad
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
76e2eb5e5e17ae7c75ded230b7e5f8d0c7c0e1ae63e9014f7bb9e58617dc852f
777cce45fc6263382451ea803a5d8f90ec653bc12c38631c85c44a4e54d00aa9
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
7c39b484830fe9d9a4ab6386523a55932b2798d53eda0256828c1c7019f30db5
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687
8ffe887ea11230a1aa6ebeab8457d5cf06f859b89413892fa1ec64f9b17dbe8f
905294f5d28180922d1b5cb1e5c46c01157ef38b6d69c17ceb3b46ca0ccab863
96f5ef2ba23f6bf380fca8d48092d5c27712226229dac7871eea7d64149e54f5
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9c3ab2a571e46e9ab17a9ee0937e10a682119267da20315bb3247f42cd30196a
9c3c976a28a11164f275b3d727657e6256828f963e087f1b1fb1d7a744bfec47
a12ed1612f455158732f858b4cf1395777f2a53584d46bf9cd8530ed9f53e4df
a293e1e62926607a91fac1e70be95cff6b357be1162f8425a4ed1aba339e186d
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a977010e4d109f7fd709597c1971cf130ef4f0f072b2aedaadfc67cab85f5855
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad59b3c437a380375b4205e22d9bf50856690b094d2fa425ae90971f5b58758e
ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5
adf44520a8da29354745c4af1dd981c82895b534d5443d09b7cf38c26c6efba4
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520
b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322
b9e0a0ad2fa39c74ef6825bcd98e8c7b5803210ea37ba87397036f15ba703ea0
ba7cfaa35518965e2f5f4e3bc541237723e1150f030b2e4c17504a996542c89a
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c2997b8373faeb8d57692bb9c01f4fa136fa654bca61548ae03070a0c6ad89d2
c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069
caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791
cae571bcf2b273f8db403d76a304d4b509323358964351360ae5fe2db73525d8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4cd11bca23b2d8779377a9ace0c9e3927670045d7f51cfda42ef9536903288e
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
da947c3537229e7588c2c6e1f0a43e1809b0ff033a19f8de7e6b2f16b447c805
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dd59c3bc5375338336d621772a3e26ecf1f58c7253cc5e3dcf802047173a84b0
e1d73d030ccbac5462b09e694c44744a2ae54152b0bf952df8fa04bf7b42c9c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f17fa1d863ade20f6e8af77a09d3ea79b694c4cea7a50f11aa2d65b5d4755d4b
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62
f93fb524540430d76d47433c0426f8ce0d0a6f12d10c54fd2a0299114039980e

www.troyhunt.com Open in urlscan Pro 2606:4700:3032::6815:2e06 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

99 %HTTPS

69 %IPv6

20 Domains

29 Subdomains

29 IPs

5 Countries

3781 kBTransfer

9660 kBSize

8 Cookies

45 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.troyhunt.com Open in urlscan Pro
2606:4700:3032::6815:2e06 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

99 %
HTTPS

69 %
IPv6

20
Domains

29
Subdomains

29
IPs

5
Countries

3781 kB
Transfer

9660 kB
Size

8
Cookies

118 HTTP transactions
1 data transactions