www.troyhunt.com Open in urlscan Pro
2606:4700:3030::ac43:ddf5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.gbk12030.cafe24.com/
Effective URL:
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-con...
Submission: On March 03 via manual (March 3rd 2023, 5:59:52 am UTC) from KR — Scanned from DE

Summary HTTP 163 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 22 domains to perform 163 HTTP transactions. The main IP is 2606:4700:3030::ac43:ddf5, located in and belongs to . The main domain is www.troyhunt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.troyhunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	112.175.31.199 112.175.31.199	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	23.35.236.199 23.35.236.199	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:b600:f:9b8:8140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	203.245.1.129 203.245.1.129	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1 13	2606:4700:303... 2606:4700:3030::ac43:ddf5	() ()
3	2a00:1450:400... 2a00:1450:400d:803::200a	() ()
2	2606:4700::68... 2606:4700::6811:180e	() ()
2	2a04:4e42:600... 2a04:4e42:600::485	() ()
1	2a00:1450:400... 2a00:1450:4001:809::2008	() ()
12	146.75.120.157 146.75.120.157	() ()
4	2606:4700::68... 2606:4700::6811:b758	() ()
12	2a00:1450:400... 2a00:1450:4001:827::2003	() ()
8	2a00:1450:400... 2a00:1450:4001:810::200e	() ()
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	() ()
3	199.232.192.134 199.232.192.134	() ()
2	2001:4860:480... 2001:4860:4802:34::36	() ()
2	104.244.42.136 104.244.42.136	() ()
6	2a04:4e42::775 2a04:4e42::775	() ()
31	2600:9000:21f... 2600:9000:21f3:8000:6:8656:f5c0:93a1	() ()
8	151.101.0.134 151.101.0.134	() ()
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:82f::2006	() ()
4	2a00:1450:400... 2a00:1450:4001:82b::200a	() ()
1	2a00:1450:400... 2a00:1450:400d:80a::2004	() ()
1	2a00:1450:400... 2a00:1450:4001:806::2016	() ()
1	2a00:1450:400... 2a00:1450:4001:80e::2001	() ()
2	2a00:1450:400... 2a00:1450:4001:812::2003	() ()
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	() ()
1	2a04:4e42:8d:... 2a04:4e42:8d::159	() ()
11	199.232.194.49 199.232.194.49	() ()
163	32

12 112.175.31.199 (Seoul, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

m.gbk12030.cafe24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.35.236.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-199.deploy.static.akamaitechnologies.com

img.echosting.cafe24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b600:f:9b8:8140:93a1 (United States)

ASN16509 (AMAZON-02, US)

optimizer.poxo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.245.1.129 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

cfa-js.cafe24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3030::ac43:ddf5 (None, ) 1 redirects

ASN- ()

www.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloghelpers.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 146.75.120.157 (None, )

ASN- ()

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b758 (None, )

ASN- ()

troyhunt.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (None, )

ASN- ()

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.134 (None, )

ASN- ()

troyhunt.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (None, )

ASN- ()

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::775 (None, )

ASN- ()

troyhunt.ghost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:9000:21f3:8000:6:8656:f5c0:93a1 (None, )

ASN- ()

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.134 (None, )

ASN- ()

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (None, ) 1 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (None, )

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (None, )

ASN- ()

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (None, )

ASN- ()

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::159 (None, )

ASN- ()

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.232.194.49 (None, )

ASN- ()

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	disquscdn.com c.disquscdn.com a.disquscdn.com	1 MB
27	cafe24.com m.gbk12030.cafe24.com img.echosting.cafe24.com — Cisco Umbrella Rank: 85990 cfa-js.cafe24.com — Cisco Umbrella Rank: 153517	558 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	262 KB
14	twitter.com platform.twitter.com syndication.twitter.com	436 KB
13	troyhunt.com 1 redirects www.troyhunt.com bloghelpers.troyhunt.com	683 KB
11	disqus.com troyhunt.disqus.com disqus.com referrer.disqus.com	136 KB
8	youtube.com www.youtube.com	844 KB
7	googleapis.com fonts.googleapis.com jnn-pa.googleapis.com	33 KB
6	ghost.io troyhunt.ghost.io	2 KB
4	report-uri.com troyhunt.report-uri.com	2 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	4 KB
2	google-analytics.com region1.google-analytics.com	309 B
2	jsdelivr.net cdn.jsdelivr.net	227 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	ytimg.com i.ytimg.com	47 KB
1	google.com www.google.com	14 KB
1	gravatar.com www.gravatar.com	14 KB
1	googletagmanager.com www.googletagmanager.com	80 KB
1	poxo.com optimizer.poxo.com — Cisco Umbrella Rank: 164422	9 KB
1	coinhive.com coinhive.com — Cisco Umbrella Rank: 842520	2 KB
163	22

	Domain	Requested by
31	c.disquscdn.com	troyhunt.disqus.com disqus.com c.disquscdn.com www.troyhunt.com
13	img.echosting.cafe24.com	m.gbk12030.cafe24.com
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
12	platform.twitter.com	www.troyhunt.com platform.twitter.com
12	www.troyhunt.com	1 redirects coinhive.com www.troyhunt.com platform.twitter.com cdn.jsdelivr.net
12	m.gbk12030.cafe24.com	m.gbk12030.cafe24.com
11	a.disquscdn.com	c.disquscdn.com
8	disqus.com	troyhunt.disqus.com c.disquscdn.com
8	www.youtube.com	www.troyhunt.com www.youtube.com
6	troyhunt.ghost.io	cdn.jsdelivr.net
4	jnn-pa.googleapis.com	www.youtube.com
4	troyhunt.report-uri.com	m.gbk12030.cafe24.com
3	fonts.googleapis.com	www.troyhunt.com client
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	syndication.twitter.com	platform.twitter.com www.troyhunt.com
2	region1.google-analytics.com	www.googletagmanager.com
2	troyhunt.disqus.com	www.troyhunt.com troyhunt.disqus.com
2	cdn.jsdelivr.net	www.troyhunt.com
2	cdnjs.cloudflare.com	www.troyhunt.com cdnjs.cloudflare.com
2	cfa-js.cafe24.com	m.gbk12030.cafe24.com
1	referrer.disqus.com
1	pbs.twimg.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	bloghelpers.troyhunt.com	www.troyhunt.com
1	www.gravatar.com	www.troyhunt.com
1	www.googletagmanager.com	www.troyhunt.com
1	optimizer.poxo.com	m.gbk12030.cafe24.com
1	coinhive.com	m.gbk12030.cafe24.com
163	33

This site contains links to these domains. Also see Links.

Domain
www.troyhunt.com

Subject Issuer	Validity	Valid
*.coinhive.com GTS CA 1P5	`2023-01-20` - `2023-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.report-uri.com E1	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
ghost.io R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-07` - `2023-11-08`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: C4EDEE1957FC6880A168C108F71BED95
Requests: 66 HTTP requests in this frame

Frame: http://m.gbk12030.cafe24.com/exec/front/eclog/main/?&rloc=http%3A//m.gbk12030.cafe24.com/&rref=&udim=1600*1200&rserv=elg-db-svcm-049.cafe24.com&cid=CID33ba99a76dfeab2cf17d16fbce7a063c&role_path=MAIN&stype=e&shop_no=1&lang=ko_KR&ver=2&mobile=T&mobile_ver=new
Frame ID: 4437646734427CB51482FA7EB1FA2436
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EhmekYj1pIY
Frame ID: C8D7D6EA39C0FFEFEB8F5080CB35ED5F
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.troyhunt.com
Frame ID: FA9794FF1A6018F14EF3B30B2236477A
Requests: 2 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: E20EE9F6913CBB103A105EA88E24C8DB
Requests: 1 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 1A265B05A70CBB7C07497711B7CEDC06
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Frame ID: 61919CA9C7468A2ABB616E0F570F13E2
Requests: 34 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Frame ID: C7D1CD3E720BF418DD0C62E1ABDE8FA1
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: 9F71177120157FB5399F335B11D9B60B
Requests: 13 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: E00644B160378FFA12FEC257DC54D6A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GBK협회원전용

Page URL History Show full URLs

http://m.gbk12030.cafe24.com/ Page URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... Page URL

Detected technologies

CoinHive (Cryptominer) Expand

Overall confidence: 100%
Detected patterns

coinhive\.com/lib

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

Page Statistics

163
Requests

82 %
HTTPS

74 %
IPv6

22
Domains

33
Subdomains

32
IPs

3
Countries

4463 kB
Transfer

11282 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies
Title: Click here for more information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.gbk12030.cafe24.com/ Page URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

163 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
m.gbk12030.cafe24.com/ 52 KB
18 KB 1269ms
473ms Document
text/html 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

ef4353f8bec1d6f56900ac576cf10eba4f8a9c3c3dfca7d85bb76dee451afe5a

Security Headers

Name	Value
Content-Security-Policy	report-to network-errors
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: report-to network-errors
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Mar 2023 05:59:41 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 03 Mar 2023 05:59:41 GMT
NEL: {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.1}
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://js-error-tracer-api.cafe24.com/network-report?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnYmsxMjAzMC5jYWZlMjQuY29tIiwiYXVkIjoianMtZXJyb3ItdHJhY2VyLWFwaS5jYWZlMjQuY29tIiwibWFsbF9pZCI6ImdiazEyMDMwIiwic2hvcF9ubyI6MSwicGF0aF9yb2xlIjoiTUFJTiIsImxhbmd1YWdlX2NvZGUiOiJrb19LUiIsImNvdW50cnlfY29kZSI6IktSIiwib3JpZ2luIjoiaHR0cDpcL1wvbS5nYmsxMjAzMC5jYWZlMjQuY29tIiwiaXNfY29udGFpbmVyIjpmYWxzZSwiaG9zdG5hbWUiOiJ1ZTA1ODUifQ.0AjxXFDnOsZT3rSFTq4hSzjHqyEzTlH72lzPXCkCjyk&source_origin=http%3A%2F%2Fm.gbk12030.cafe24.com"}]}
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
x-cache-valid: YES

GET
H2 200 coinhive.min.js Show response
coinhive.com/lib/ 2 KB
2 KB 878ms
838ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coinhive.com/lib/coinhive.min.js
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 02 Nov 2021 00:44:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"806233d282cfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp56sviJp45TlSGWsUAelF3KTDS2FnDCOtkjuJ%2F2BKV7vpeXW9QDwrMHLkuQke6u1BvbgDQGfNSe7jm%2B1yw%2BQBj0SKWeazcanNkGmC88zv9JfQRWNxA5wz1sq%2BgYCnaoptjLXeLjNRIslVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cf-ray: 7a1fa7a889cb5b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK cid.generate.js Show response
m.gbk12030.cafe24.com/app/Eclog/js/ 2 KB
984 B 250ms
249ms Script
application/x-javascript 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: http://m.gbk12030.cafe24.com/app/Eclog/js/cid.generate.js?vs=cd64c7303da131efa66bc25b0bf5a506
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/
Protocol: HTTP/1.1
Server: 112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: acd0328ce69b5b0585c6299a4716d1c583cb0fda8ec82ccffda73aa79f6cc238

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 22:48:46 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive

GET
H/1.1 200
OK optimizer.php
m.gbk12030.cafe24.com/ind-script/ 9 KB
3 KB 506ms
259ms Stylesheet
text/css 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=nc1LCoAwDIThfXHrOYLeqC3xAU2mpCno7RW8gHQ7zMdPB4RpWY2qYbcoZNzQLTPl1mgzqFOGCHR6h5n-_DmHhtL9hIaEaxB299FoiTfbGPWYCg9S1FBO5ZCi6td_AA&type=css&k=37c9481ac0212340e132f81eba4d1049fee7f18e&t=1635315871

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

f29d8cf4228799bc9356d8dac3d8e109dff23f0d8e4436f495b2281c7cc1625e

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 03 Mar 2023 05:59:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 06:24:31 GMT
Server: openresty
ETag: "a950c2c3d8ee74164d462be8976893152a772867"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Length: 2180
X-XSS-Protection: 1;mode=block
Expires: Sun, 02 Apr 2023 05:59:41 GMT

GET
H/1.1 200
OK optimizer.php
m.gbk12030.cafe24.com/ind-script/ 37 KB
7 KB 507ms
257ms Stylesheet
text/css 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

8e4b654afbf8ad1dc6ba7c45d696e8d081b17e02e048516d384a39f76779f0e8

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 03 Mar 2023 05:59:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2017 08:02:45 GMT
Server: openresty
ETag: "46a07cafe4b2da62d2168a2aebb4e24898784ccd"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Length: 6981
X-XSS-Protection: 1;mode=block
Expires: Sun, 02 Apr 2023 05:59:41 GMT

GET
H/1.1 200
OK optimizer.php Show response
m.gbk12030.cafe24.com/ind-script/ 13 KB
6 KB 259ms
258ms Script
text/javascript 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=08_Iz03VNzQq0i8oyk8vSszVLy8v18_MS-EqTi7KLCjRz0oFY57czDyerGIA&type=js&k=f8c449ff82a3977059c3195db755507c2666c339&t=1625595522

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

e7958839373758bd28ff5decded6caa97be3acf81ebc66cabd1749ddf6755870

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 03 Mar 2023 05:59:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 18:18:42 GMT
Server: openresty
ETag: "4be49088fff7cbeaf3dc182a6ebb53886ddbf037"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Length: 5672
X-XSS-Protection: 1;mode=block
Expires: Sun, 02 Apr 2023 05:59:42 GMT

GET
H/1.1 200
OK ico_bookmark_star.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
1 KB 62ms
6ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ico_bookmark_star.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 059aa0e4fb742a2d328a1d0dd129b5920a5cb2543e162cd86b57093c3ef37b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:29 GMT
Server: AkamaiNetStorage
ETag: "2c78fa30f9146bdf49ec944721ea4e0d:1562036677.979898"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1172

GET
H/1.1 200
OK btn_close.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 66ms
10ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/btn_close.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0b03272ef5f1d131b31cd78d0dc42b7aa4c1c570a52d44db399227670c5958d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "7d5804474dd03337bc8ef1a79b7c4a22:1562036672.191524"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1236

GET
H/1.1 200
OK i18n.php Show response
m.gbk12030.cafe24.com/ind-script/ 1 MB
251 KB 260ms
260ms Script
application/x-javascript 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/i18n.php?lang=ko_KR&domain=front&v=2303021184

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

e653e2eddada1ba29458b4e67ebd397c26bebae398a8b271f041d813d4978236

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: cache
Date: Fri, 03 Mar 2023 05:59:42 GMT
Content-Encoding: gzip
x-hrpcs-ttl: 3600s
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
cache-control: max-age=604800
Connection: keep-alive
x-hrpcs-signal: 1
X-XSS-Protection: 1;mode=block
expires: Fri, 10 Mar 2023 05:59:42 GMT

GET
H/1.1 200
OK optimizer.php Show response
m.gbk12030.cafe24.com/ind-script/ 977 KB
231 KB 289ms
289ms Script
text/javascript 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P_NrvUNMWRV83DtIummCNNIt9HlEjaSKSw_KSRPv1Hcne7bobybokQGFAlmWew-FcDofKajaYXfzks9KDwSf2TeYxcPIKs4eQ0cVvdvMQfsjGxiVyoJrs4e-Evj18_bz5dfPjTCQ-R_QWdDg82CjmhnAtS_J60RI2qDalXQy1rNiWmlRcRHGx-UU-iyaXfyP7__jNea4EfxTdAiJGkgFGRtmYobrtbz5RrO8_X0GEjSE7g0dTLii8l_vTqOA82VhOoGeVOrOu2Zst2-hZa_SncTudwjvnLj0V1QR7UiR9elTpuffUWWAtCLZnkd2ZJotnOVg7xa49hWJj2E4d_QxWqtFKajuPcfosPS6icVri8jIInMtuOSeN2d03-L19I14ZwBkukjwKT-TmTVgmqzqHduOKJGVjBpN4KsOIEZKq2cd99XxLoeFzqxmKWSCTInTzfsgD-seh4AyAHeu2JD059QosIenYuSAY8PHyhaybL5J5RT3o_yHZhQiIDeLRsJYJIZCt1rIYjFB0cjicjW2o2R0F9roPV_fYiQnvbcnD8L9eBv8JDXDWdNcdPaMek7IRmm1fyh9HK3kIKrJRsW9vKMTZ4Dss0aNVuE2--253ntR88wOCV_WsoopQlu33m9fJyDudKhLFfARNEnD2XzLg64ON3EBYTdulmC3C9_TC4CTv8e1mqFE7fPN11GALPVuXZkwgOksS4zfjF02Or-YmzQpks2r4tMr_a8Gw2ICF6njre8JcczWrRr4UZS9R5264NCfh1eHXeSldGsS1lrwWzbSmro5GS4NJkTDMcjuE1qr9dTHOoMnRL4Z_8AV6ZeNigksIDcb1DG5c3Cdx7A6N21KWLSdRzzVruZWmEqrl67hCx4GWz_-JQj2-2U4gUJxWuMCjwhXwux7eYCsSWaxkuecIertqNX19LE9LtFjS2tK4gXaFDb97KJYn5LsUWZSUVE8jLdbT8tqQcwft2CW3nEI6yQYPZb4usEdUq0rmhh5RTvDN0HF8apb9Qd2Ll_YV8vXAdA_5q_C8j2hWeagnu5JTEOnxg8wpfdZABnKNKyxyEGvPGs-XdUpHgR886Q-A3YL9ab-_n0t7NuVdmucU8ZqeZeQ_&type=js&k=7a7fe63e430996115f1900a4f09ce54f5e078485&t=1677542570

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

79441c5d950c0382597521922894526dbd9a88ac2da7b1c92f9f15f26b491cf4

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 03 Mar 2023 05:59:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2023 00:02:50 GMT
Server: openresty
ETag: "1aefc54a3fec451347645f35365dd8559fd05291"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Length: 236443
X-XSS-Protection: 1;mode=block
Expires: Sun, 02 Apr 2023 05:59:42 GMT

GET
H/1.1 200
OK optimizer.php Show response
m.gbk12030.cafe24.com/ind-script/ 27 KB
6 KB 259ms
258ms Script
text/javascript 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=nc5BDgIhDEbhA-DWc_yjHsUTDNBAx5YSCwtvLzsTl7N_-fJQTQmUwnR6O0p83e7bY0OfUTiFOlTgmUIm59KgFlkIsn9sDsTdOeFwuPBqlNq8HH7FKXMxann-dJ0y2Kv1Z-XeuZXz9v9vMlVry_sC&type=js&k=e7ebf57d9c6d24ca2c5b57920d43ff26914015ae&t=1505289747&user=T

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

0b16d5f9021cf6aaad6f7057ed38f69f17257202075eebcce8ff9077f91985e5

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 03 Mar 2023 05:59:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2017 08:02:27 GMT
Server: openresty
ETag: "cbfd57a8de48438d74dbf2d9399a22895658f561"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, max-age=2592000
Connection: keep-alive
Content-Length: 5910
X-XSS-Protection: 1;mode=block
Expires: Sun, 02 Apr 2023 05:59:42 GMT

GET
H/1.1 200
OK bg_wish_list.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 2 KB
2 KB 60ms
7ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_wish_list.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1f42c456992943ef45511d4dcccfae3d73505d63a0af225a04e9c6fc8ce4ed57

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "9a3590883fccbddf0b636db53604339e:1562036669.995583"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1710

GET
H/1.1 200
OK bg_recent_list.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 61ms
9ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_recent_list.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3e557d5a4a02b4f9deba9f56dd864369a889c940dd8fc6dc182fb67fec82c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "f9f143cf5c470904f66ddcd63db67976:1562036666.44129"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1442

GET
H/1.1 200
OK bg_order_list.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 60ms
8ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_order_list.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ae68958c97fa00e816c8c185a6aa5167752c21b38965116488920ee5eff4f21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "44e830e5c20ba62c0ee4a5a19697ef59:1562036666.243364"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1434

GET
H/1.1 200
OK bg_snb_1depth_on.gif
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 74ms
9ms Image
image/gif 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_snb_1depth_on.gif
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cbe3aafd5121ea4b41d1dcabc68450897c3db591c4e8b708d85b6b70ac5be327

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "0f57cd3455bdfdd60e40add98f3a9c0b:1562036667.867715"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1404

GET
H/1.1 200
OK bg_snb_1depth.gif
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 38ms
7ms Image
image/gif 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_snb_1depth.gif
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0978b92f5e9a7ae7f605736431e8fe79ce343929223da745b4f7891873b29dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "07a968649e22441167a578c512cb2289:1562036667.555932"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1290

GET
H/1.1 200
OK ico_bookmark.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 2 KB
2 KB 40ms
8ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ico_bookmark.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b0995e124e130de91c006f08a21f30fe22202faae3b448eb11e9e6f69e7a6af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:29 GMT
Server: AkamaiNetStorage
ETag: "f1a1c11d0fe1a1c3e681ba9060cb035c:1562036677.472991"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1699

GET
H/1.1 200
OK btn_category.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
2 KB 9ms
7ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/btn_category.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7487bbc150af25858ba2af0afbe2cac11520e357e633d673ef1d543ba79bd26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "67c719b48fca71bf7ebbfd56779b12f5:1562036671.691386"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1432

GET
H/1.1 200
OK bg_search.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 2 KB
3 KB 12ms
9ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_search.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 95870feeecf745c87609ca5e0bb6d4c60b34a534eb02e8dfb96a72ece70e0719

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "f173a584fe59ef273c692c1d4098a179:1562036666.732996"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2294

GET
H/1.1 200
OK btn_delete.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 2 KB
2 KB 25ms
11ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/btn_delete.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8048f4cf343485f269ba72bd28bfad65913705189e5bccbd4562fe2704892b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "cc759ffe84b630140fb4fe7585a12da8:1562036672.572169"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2238

GET
H/1.1 200
OK btn_basket.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 2 KB
2 KB 11ms
9ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/btn_basket.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 839f15c632853416b409d3dcc04b3260dc0afc6632a2c09d09677f3c57ab102f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "a80434b21eac36ab3c2903b30d5493d8:1562036671.208539"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2074

GET
H/1.1 200
OK bg_top.png
img.echosting.cafe24.com/skin/mobile_ko_KR/layout/ 1 KB
1 KB 12ms
9ms Image
image/png 23.35.236.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.echosting.cafe24.com/skin/mobile_ko_KR/layout/bg_top.png
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=tdNLbgMhDAbgfabbnMPT5gbdJ6rUExhwwBpeGptIvX3Ia5VdQ3aGX_pANkAoiYDs1IRWAW-Wz695N0NtJrKdgqYI4mhyJOwzpGI4EliRXrrWy4h_pSmgKmX3jTnT-tHjLfwLvmsGhe31FFtSKnmkeNsYKVb0nFFppEl20xe0CRTrO9y69vFZfQdtmurYkT3kHox9XRLZ0Z5yewF9_gu34IAn9qj8Uiue8WMpSusP2gU9jb12i8oSSv0NXCtnf9HP&type=css&k=7bc6e4dc634b31f0db9c22d938bba5ad1c3d4bae&t=1505289765&user=T
Protocol: HTTP/1.1
Server: 23.35.236.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d2aefd14cd49d63171bf46d8acab64267dc3e49c67a265a3148ed029874ce675

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 25 Jul 2014 11:04:28 GMT
Server: AkamaiNetStorage
ETag: "c608c7bbd8d8d474b74e1f229ef18f0d:1562036669.167359"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1082

GET
H/1.1 200
OK index.js Show response
optimizer.poxo.com/web-vitals/ 8 KB
9 KB 45ms
7ms Script
application/javascript 2600:9000:20eb:b600:f:9b8:8140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://optimizer.poxo.com/web-vitals/index.js
Requested by: Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:b600:f:9b8:8140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8c2cd379ea39237db240c627a94b622919b5aac8cc8d3c8c448c46d3a6869a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 22:47:51 GMT
Via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 25930
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8254
Last-Modified: Thu, 03 Nov 2022 08:33:21 GMT
Server: AmazonS3
ETag: "8e7a9c96ad491896290fb2249924c56d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Accept-Ranges: bytes
X-Amz-Cf-Id: 5UXZKMvZCESW38w-mDHBE8tA2sZKmSmZ5tq03GzbZMURiN13di4j4w==

GET
H/1.1 200
OK SubCategory Show response
m.gbk12030.cafe24.com/exec/front/Product/ 4 KB
4 KB 269ms
269ms XHR
application/json 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/exec/front/Product/SubCategory

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P_NrvUNMWRV83DtIummCNNIt9HlEjaSKSw_KSRPv1Hcne7bobybokQGFAlmWew-FcDofKajaYXfzks9KDwSf2TeYxcPIKs4eQ0cVvdvMQfsjGxiVyoJrs4e-Evj18_bz5dfPjTCQ-R_QWdDg82CjmhnAtS_J60RI2qDalXQy1rNiWmlRcRHGx-UU-iyaXfyP7__jNea4EfxTdAiJGkgFGRtmYobrtbz5RrO8_X0GEjSE7g0dTLii8l_vTqOA82VhOoGeVOrOu2Zst2-hZa_SncTudwjvnLj0V1QR7UiR9elTpuffUWWAtCLZnkd2ZJotnOVg7xa49hWJj2E4d_QxWqtFKajuPcfosPS6icVri8jIInMtuOSeN2d03-L19I14ZwBkukjwKT-TmTVgmqzqHduOKJGVjBpN4KsOIEZKq2cd99XxLoeFzqxmKWSCTInTzfsgD-seh4AyAHeu2JD059QosIenYuSAY8PHyhaybL5J5RT3o_yHZhQiIDeLRsJYJIZCt1rIYjFB0cjicjW2o2R0F9roPV_fYiQnvbcnD8L9eBv8JDXDWdNcdPaMek7IRmm1fyh9HK3kIKrJRsW9vKMTZ4Dss0aNVuE2--253ntR88wOCV_WsoopQlu33m9fJyDudKhLFfARNEnD2XzLg64ON3EBYTdulmC3C9_TC4CTv8e1mqFE7fPN11GALPVuXZkwgOksS4zfjF02Or-YmzQpks2r4tMr_a8Gw2ICF6njre8JcczWrRr4UZS9R5264NCfh1eHXeSldGsS1lrwWzbSmro5GS4NJkTDMcjuE1qr9dTHOoMnRL4Z_8AV6ZeNigksIDcb1DG5c3Cdx7A6N21KWLSdRzzVruZWmEqrl67hCx4GWz_-JQj2-2U4gUJxWuMCjwhXwux7eYCsSWaxkuecIertqNX19LE9LtFjS2tK4gXaFDb97KJYn5LsUWZSUVE8jLdbT8tqQcwft2CW3nEI6yQYPZb4usEdUq0rmhh5RTvDN0HF8apb9Qd2Ll_YV8vXAdA_5q_C8j2hWeagnu5JTEOnxg8wpfdZABnKNKyxyEGvPGs-XdUpHgR886Q-A3YL9ab-_n0t7NuVdmucU8ZqeZeQ_&type=js&k=7a7fe63e430996115f1900a4f09ce54f5e078485&t=1677542570

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

990101125c71ca0f33c451ef1286d20fda038afc5e050c3b1c5b917b75552fd8

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://m.gbk12030.cafe24.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 03 Mar 2023 05:59:43 GMT
Server: openresty
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/json; charset=utf-8
x-cache-valid: YES
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 3641
X-XSS-Protection: 1;mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
m.gbk12030.cafe24.com/exec/front/eclog/main/ Frame 4437 0
1 KB 284ms
284ms Document
text/html 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/exec/front/eclog/main/?&rloc=http%3A//m.gbk12030.cafe24.com/&rref=&udim=1600*1200&rserv=elg-db-svcm-049.cafe24.com&cid=CID33ba99a76dfeab2cf17d16fbce7a063c&role_path=MAIN&stype=e&shop_no=1&lang=ko_KR&ver=2&mobile=T&mobile_ver=new

Requested by

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: http://m.gbk12030.cafe24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Mar 2023 05:59:43 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 03 Mar 2023 05:59:43 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Server: openresty
X-XSS-Protection: 1;mode=block
x-cache-valid: YES

GET
H/1.1 200
OK cfa.js Show response
cfa-js.cafe24.com/ 7 KB
3 KB 1043ms
251ms Script
application/javascript 203.245.1.129
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://cfa-js.cafe24.com/cfa.js?v=1677823184353

Requested by

Protocol

HTTP/1.1

Server

203.245.1.129 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

b48e1fc2b92c43ccf6022ca829caecb35f1ef2d6919c92366098b7d13c0d5940

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:45 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 02:04:18 GMT
Server: openresty
X-REQID: e5d4003b8da662ef47a616e0a3ddabac
etag: W/"63f2d522-1c05"
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/javascript
X-Via: egor-ceskrkt2-pps0006
Connection: keep-alive
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK async Show response
m.gbk12030.cafe24.com/exec/front/manage/ 62 B
1 KB 274ms
274ms XHR
application/json 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/exec/front/manage/async?module=BasketProduct,Wishcount,MyLikeProductCount&path_role=MAIN

Requested by

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

94b73cb575f112729a5b5c1aa19d1ceb320247f0064359496e6ff09966b492a3

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://m.gbk12030.cafe24.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 05:59:43 GMT
Last-Modified: Fri, 03 Mar 2023 05:59:43 GMT
Server: openresty
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/json; charset=utf-8
x-cache-valid: YES
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 62
X-XSS-Protection: 1;mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK async Show response
m.gbk12030.cafe24.com/exec/front/manage/ 22 B
857 B 267ms
267ms XHR
application/json 112.175.31.199
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://m.gbk12030.cafe24.com/exec/front/manage/async?module=BasketProduct

Requested by

Protocol

HTTP/1.1

Server

112.175.31.199 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

09d6750e3904c7220f0714cd026541a6727a42c3fed2e275769cfa88de8abf5a

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer: http://m.gbk12030.cafe24.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 05:59:44 GMT
Last-Modified: Fri, 03 Mar 2023 05:59:44 GMT
Server: openresty
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/json; charset=utf-8
x-cache-valid: YES
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 22
X-XSS-Protection: 1;mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cfa.html Show response
cfa-js.cafe24.com/ 0
418 B 254ms
253ms Script
text/html 203.245.1.129
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

http://cfa-js.cafe24.com/cfa.html?uid=gbk12030&sno=1&stype=e&type=conn&CUK45=CFAE_CUK45.gbk12030_1.NWBN1Y7.1677823185399&CID=CFAE_CID.gbk12030_1.NWBN1Y7.1677823185399&LC=&CUK1Y=CFAE_CUK1Y.gbk12030_1.NWBN1Y7.1677823185399&new_visit=T&path_role=MAIN&mem_id=&udim=1600*1200&t=1677823185399&uref=&url=http://m.gbk12030.cafe24.com/

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

HTTP/1.1

Server

203.245.1.129 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://m.gbk12030.cafe24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:45 GMT
last-modified: Wed, 23 Mar 2022 00:45:57 GMT
Server: openresty
X-REQID: b9507e06aa56073de5dcf93ac6f9dcd3
etag: "623a6dc5-0"
access-control-allow-methods: GET, POST, OPTIONS
Content-Type: text/html
access-control-allow-origin: *
X-Via: egor-ceskrkt2-pps0006
Connection: keep-alive
accept-ranges: bytes
Content-Length: 0
X-XSS-Protection: 1;mode=block

GET
H2

200

Primary Request / Show response
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Redirect Chain

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

62 KB
20 KB

36ms
36ms

Document
text/html

2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Requested by

Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f438a595dfc2c92e830a125fcc3fc2bdc7254550da42d478c1419471a3d6de82

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io .google-analytics.com .privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com .privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer: http://m.gbk12030.cafe24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 7a1fa7d5ea049136-FRA
content-encoding: br
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 05:59:49 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-content-type-options: nosniff
x-request-id: 11ee3a582c75d6309c1c6938ca5ff61a 11ee3a582c75d6309c1c6938ca5ff61a
x-served-by: cache-ams12757-AMS, cache-hhn-etou8220021-HHN
x-timer: S1677774577.064983,VS0,VE3
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

age: 7654437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 7a1fa7d5b9d29136-FRA
content-length: 0
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
date: Fri, 03 Mar 2023 05:59:49 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
location: /i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 301 Moved Permanently
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 13, 1
x-content-type-options: nosniff
x-request-id: a477b71568ac0e3e4da646094e462fe7 a477b71568ac0e3e4da646094e462fe7
x-served-by: cache-ams12736-AMS, cache-fra-eddf8230030-FRA
x-timer: S1670168753.517525,VS0,VE1
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

GET
H3 200 main.min.css
www.troyhunt.com/assets/css/ 26 KB
8 KB 20ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/assets/css/main.min.css?v=a08465fbfb

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb5c6e45e7598de4a59628e62a87656f8fd23005f905d54d0cb2bd4133228eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 48603
content-encoding: br
x-cache: MISS, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: e95776f1478c4148015afe14878e497f, e95776f1478c4148015afe14878e497f
x-served-by: cache-ams12739-AMS, cache-hhn-etou8220077-HHN
last-modified: Tue, 15 Nov 2022 16:31:26 GMT
server: cloudflare
x-timer: S1677774586.051963,VS0,VE2
etag: W/"6865-1847c219426"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LfqEJgozLa%2FU2KtzTJ2Iuodc81q25D5yqCHOmViuxramVod2q1vSE%2Friig5o3wpKZhrsPmYjaF0RgVXCDAvuuNiTs%2BZ8GV4APVtdXL7sqPasaxaGGPdja1Zw92esQoyvCGsqlUw0Y7ansLcMdJC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 7a1fa7d629eb3617-FRA
x-cache-hits: 0, 1

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 189ms
72ms Stylesheet
text/css 2a00:1450:400d:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

fcdefaf5c3f143b4a31cd7b499fdbcce2c73411684bd15d57c0d5f956567cb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 05:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 05:59:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 05:59:49 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 51ms
19ms Stylesheet
text/css 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 615558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P94CeGLrF0BJ%2Fi6JP6i3pdHq91XgTJc77mTwsBJZYAi7mpJMk5bQHibQOBfd73eBpKmOmRK8Ir107ANBYbQ%2BF41F1xf3vYfcMGNocKliBNIswmMreTBoMjvLMLpkGNxGUFEJPzMVUxg2kH47IHpe9Ai3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a1fa7d65f979bfa-FRA
expires: Wed, 21 Feb 2024 05:59:49 GMT

GET
H2 200 portal.min.js Show response
cdn.jsdelivr.net/ghost/portal@~2.25/umd/ 507 KB
134 KB 43ms
19ms Script
application/javascript 2a04:4e42:600::485

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/portal@~2.25/umd/portal.min.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 -, , ASN (),

Reverse DNS

Software

Resource Hash

cd1ca2837ba03995ac49cfc3438105b29a5057d65e79b5a36bbbd45bc3807966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 05:59:49 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 20173
x-jsd-version: 2.25.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 137146
x-served-by: cache-fra-eddf8230111-FRA, cache-hhn-etou8220035-HHN
x-jsd-version-type: version
etag: W/"7eda5-qk4HwyHtAWQ8LUOsfpuSTv91c7k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sodo-search.min.js Show response
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ 278 KB
93 KB 30ms
7ms Script
application/javascript 2a04:4e42:600::485

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 -, , ASN (),

Reverse DNS

Software

Resource Hash

de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Mar 2023 05:59:49 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 34726
x-jsd-version: 1.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94417
x-served-by: cache-fra-eddf8230139-FRA, cache-hhn-etou8220035-HHN
x-jsd-version-type: version
etag: W/"45786-t0fHZvCLfu76erNfK1qyBRpBWbw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 cards.min.js Show response
www.troyhunt.com/public/ 7 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.js?v=a08465fbfb

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 48603
content-encoding: br
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 376047fc379757b0cc71082a498a9d65, 376047fc379757b0cc71082a498a9d65
x-served-by: cache-ams21066-AMS, cache-hhn-etou8220074-HHN
server: cloudflare
x-timer: S1677774586.074249,VS0,VE2
etag: W/"9e5964261251e02cc1d6dfb44e28481f"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydp3bXWn3H4WzKE3GP1rQtHPFR%2Ft2CR55U4HC6AdREQXhMObjBtgVD7a%2FHkduH9KVVTNcX1fUaohz0JQC0WJhMa56QJrB018zL5%2B9ahmAPjb1RJBvERUOoCjkiMwySC0KS3J2lFgIH%2Fahwm2lDEW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 7a1fa7d639f83617-FRA
x-cache-hits: 1, 1

GET
H3 200 cards.min.css
www.troyhunt.com/public/ 25 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.css?v=a08465fbfb

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 48603
content-encoding: br
x-cache: MISS, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 069f3061f942887ad9f4fe0901a4212b, 069f3061f942887ad9f4fe0901a4212b
x-served-by: cache-ams21026-AMS, cache-fra-eddf8230139-FRA
server: cloudflare
x-timer: S1677774586.054096,VS0,VE1
etag: W/"b9318467f6388557fe2bae29d33a119e"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo7p31lj5hEV7DxZcMpInNv%2FQNC2mp8%2FSjUICFqqKvsnen%2F27jFfmqxvp%2BLSGB71bkJxWAFUbO6%2FpLlyTwDurLw6ZB7Ysoj%2FdRKxNWkX4y6xTIoyDjHaJI47r17vEjoDT1N9JGTOYMNSEfNuWQwW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 7a1fa7d629ee3617-FRA
x-cache-hits: 0, 1

GET
H3 200 member-attribution.min.js Show response
www.troyhunt.com/public/ 2 KB
1 KB 22ms
20ms Script
application/javascript 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/member-attribution.min.js?v=a08465fbfb

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 48603
content-encoding: br
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 9128fbd5cdb170942098cb9573326712, 9128fbd5cdb170942098cb9573326712
x-served-by: cache-ams21073-AMS, cache-hhn-etou8220044-HHN
server: cloudflare
x-timer: S1677774586.090677,VS0,VE1
etag: W/"909b42c515ee6c2aece5a3f270049f98"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlAEgTSmO%2Fl1YWRBzqwY3CtrKYKV%2F3ifWdSf6O9yTY%2BQo8YdHoMT2RK4n9tqY1EWnnmQcNkJ7EipNAFZeryBkEWDj52jkIi7R17EKa%2Fpga1kJHubsoqS46Ho7JiV%2Fr%2BuswnNcW0uz9Hulil5365j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 7a1fa7d639fa3617-FRA
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 145ms
58ms Script
application/javascript 2a00:1450:4001:809::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e0e4638456858c1b85a8e5752ea30ae15237207e8a1a65f18e3ac872b1037fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 05:59:49 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 33ms
7ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27630
x-served-by: cache-iad-kcgs7200031-IAD, cache-hhn-etou8220033-HHN
last-modified: Tue, 24 Jan 2023 21:41:51 GMT
etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H3 200 Logo-2.svg
www.troyhunt.com/content/images/2017/11/ 4 KB
3 KB 25ms
24ms Image
image/svg+xml 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2017/11/Logo-2.svg

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 2594619
content-encoding: br
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 6c903cdd8a3858eb2b6487b75ec8f707, 6c903cdd8a3858eb2b6487b75ec8f707
x-served-by: cache-ams21028-AMS, cache-hhn-etou8220083-HHN
last-modified: Wed, 01 Nov 2017 08:13:50 GMT
server: cloudflare
x-timer: S1675228570.302414,VS0,VE1
etag: W/"ff3-15f76a4c508"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScNbPUudZQBB9TYPTZyO3uDkd%2BDmS%2FmW3w7k6DJxdjCbWjGLeddHKSLUU1C67r4xLV1sTaXUxvnJEAJDX2n50oO9fdQVMMl60aLeErF6DMDIDt2UazdmKLtowQZOiubhfmHp5G%2BCNT5ZOfnu35M7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 7a1fa7d639fb3617-FRA
x-cache-hits: 4, 1

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ 0
614 B 86ms
33ms Other
text/plain 2606:4700::6811:b758

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b758 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 7a1fa7d688f8928d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v21/ 43 KB
43 KB 169ms
83ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0yb9GDoxxrvAnPhYGxkpaE0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

37916b0c48fadfceebfbfb1777c42d5454209ccad3cf78db4a5565b32b53453e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:21:12 GMT
x-content-type-options: nosniff
age: 56317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44004
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:35:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:21:12 GMT

GET
H2 200 EhmekYj1pIY Show response
www.youtube.com/embed/ Frame C8D7 68 KB
29 KB 192ms
81ms Document
text/html 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EhmekYj1pIY

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

0036190ebb7173eeb20e3063b887fdd435da873ab3b208ac11f120501cbd982b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 05:59:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2021-03-29_17-11-30.png
www.troyhunt.com/content/images/2021/03/ 384 KB
385 KB 18ms
18ms Image
image/png 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/2021-03-29_17-11-30.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 2594619
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 392979
ghost-fastly: true
x-request-id: cb62830bd7d67853bb84c118cc1badd0, cb62830bd7d67853bb84c118cc1badd0
x-served-by: cache-ams12731-AMS, cache-fra-eddf8230044-FRA
last-modified: Mon, 29 Mar 2021 08:02:26 GMT
server: cloudflare
x-timer: S1675228571.552316,VS0,VE1
etag: W/"5ff13-1787d016583"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmFkF4CBfFlFvuWvIx4TQbJCuvACpKuqUHNkh4F5yJ9WHlprqeQg%2F3xppofDWhED9eK1z0ege1fOc1zoxPGaMklnR91jFk76w1ISRx7Rhl02B7AOYrTWsgw%2BKiakJ5HBD1SNc%2B6QUN4IPELHae7Q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a1fa7d77b483617-FRA
ghost-cache: MISS
x-cache-hits: 65, 1

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 20ms
19ms Font
application/octet-stream 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 223688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSk8F6v9rXcg4G6aHpfnLZmxOMCl3qduzcAWbcIAl9kiQKSBCD8EuGdcO1Xn0fciO0NyDdaXt54%2FeWZWSN%2F1eh4i6BSqLgmiNGy3e%2FG0FW%2BsQGKJOpc5pub5fw4OwyDP8k89f40qxaNEFRj%2FHL%2BqF91J"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a1fa7d7789d9bfa-FRA
expires: Wed, 21 Feb 2024 05:59:49 GMT

GET
H2 200 0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
fonts.gstatic.com/s/vollkorn/v21/ 44 KB
44 KB 106ms
39ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b6bcb438bde380c06e723584e069f13e39d3dc90771e4f7c1a8acfe7cb1821fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 04:24:31 GMT
x-content-type-options: nosniff
age: 178518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44716
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:39:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 04:24:31 GMT

GET
H2 200 c5531bfb7d76cdaa370c7baf6053288d
www.gravatar.com/avatar/ 14 KB
14 KB 33ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Fri, 03 Mar 2023 05:59:49 GMT
last-modified: Thu, 09 Dec 2021 09:20:52 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c5531bfb7d76cdaa370c7baf6053288d.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x>; rel="canonical"
content-length: 14191
expires: Fri, 03 Mar 2023 06:04:49 GMT

GET
H3 200 image-60.png
www.troyhunt.com/content/images/2021/03/ 24 KB
25 KB 21ms
20ms Image
image/png 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-60.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 2594619
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24853
ghost-fastly: true
x-request-id: ffba851f9fa245a0c7f1a34005c09ef4, ffba851f9fa245a0c7f1a34005c09ef4
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230120-FRA
last-modified: Wed, 31 Mar 2021 02:18:38 GMT
server: cloudflare
x-timer: S1675228571.979924,VS0,VE1
etag: W/"6115-17886135c00"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABbhLd0yzYg6X4TFNgbGTaJhnN90eN082mRb%2BNH4RF4C1C8ckhX%2B4mvU%2FkN052Wb3GRhIkh3hOYQuDBYHq8%2Fh%2F8nGrLnUk1DxqCM2ci6eQMdk3KRCRtgABnqCbnGCFx0s3n%2FxH6VPXbBMqa34ak3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a1fa7d7bb803617-FRA
ghost-cache: MISS
x-cache-hits: 8, 1

GET
H3 200 image-61.png
www.troyhunt.com/content/images/2021/03/ 22 KB
22 KB 20ms
19ms Image
image/png 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-61.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 2594619
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22256
ghost-fastly: true
x-request-id: 9693b79f1ff1bb4afed44650972a09f9, 9693b79f1ff1bb4afed44650972a09f9
x-served-by: cache-ams12781-AMS, cache-hhn-etou8220077-HHN
last-modified: Wed, 31 Mar 2021 02:19:10 GMT
server: cloudflare
x-timer: S1675228571.982860,VS0,VE1
etag: W/"56f0-1788613d7be"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf2aVQCqsozpg8RpiCAixmj8NIJ3WCNsgKc5YFv0SUDWss2ZNFRL5WEhSw%2FehmLKMoYB8NShW%2BhR1TxhquBIIPv%2Fs2l447W8XMjtz6EYkA3Dj8fl%2FESc3MyuUAQvGnKH4FXCCluAnqpXT9%2FNyGlT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a1fa7d7bb823617-FRA
ghost-cache: MISS
x-cache-hits: 62, 1

GET
H3 200 image-62.png
www.troyhunt.com/content/images/size/w1000/2021/03/ 208 KB
209 KB 22ms
21ms Image
image/png 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/size/w1000/2021/03/image-62.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 2594619
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 213055
ghost-fastly: true
x-request-id: 53e287275e8348732e8237bcf5c97d96, 53e287275e8348732e8237bcf5c97d96
x-served-by: cache-ams12750-AMS, cache-fra-eddf8230033-FRA
last-modified: Wed, 31 Mar 2021 02:27:19 GMT
server: cloudflare
x-timer: S1675228571.986883,VS0,VE1
etag: W/"3403f-178861b4cef"
vary: Cookie, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BhveXXC8HgLBWOW3pAFGevdpf4Xg3j3qOoIF9H65qmxpaUIMuG2rJtbXCBwISzkEehABO42N3%2BLAfvnpSU2S2kw8oujTQB2ojo4di1hK5iUquMgoKjahTaKm56iJ%2FRTcAN2XlFDkeS7PHyhGlL%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7a1fa7d7bb833617-FRA
ghost-cache: MISS
x-cache-hits: 64, 1

GET
H2 200 BlogData Show response
bloghelpers.troyhunt.com/api/ 626 B
964 B 72ms
18ms XHR
application/json 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://bloghelpers.troyhunt.com/api/BlogData

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

57204c0dc9f9806cc5fb4b75d11da4a6db5691d8db0bfd602aa008fe98057680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2544
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Mar 2023 05:17:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaTPsL%2B6f6yT2fVMd3bCGoz%2BV2JStfICx0WBoWfqcpm4DD4xi0xD33gS6ILLvWj96a%2Fr3TtyBlXCag5P4rEFhgD%2F6SiQhsOp0AsF0qdzuWlwoys%2FTU4LRcf2Gme6ggPcABF%2BB1OWEptfGaoMJz6HkomrN62wg3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7a1fa7d80e4f92a1-FRA

GET
H/1.1 200
OK embed.js Show response
troyhunt.disqus.com/ 78 KB
26 KB 52ms
7ms Script
application/javascript 199.232.192.134

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/embed.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

5a2744b805079e23c29aae5ed86c370139952cebb806d27045a7b3d05b543f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:49 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 10
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25638

GET
H3 204 /
www.troyhunt.com/members/api/member/ 0
0 24ms
24ms Fetch 2606:4700:3030::ac43:ddf5

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/members/api/member/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.25/umd/portal.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io .google-analytics.com .privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com .privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:49 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: BYPASS
nel: {"report_to":"default","max_age":10886400}
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
x-cache: HIT, HIT
status: 204 No Content
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: ed209deb93bdf0da8ea00bc708509a07, ed209deb93bdf0da8ea00bc708509a07
x-served-by: cache-ams12733-AMS, cache-hhn-etou8220020-HHN
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-timer: S1677823190.786940,VS0,VE0
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
vary: Cookie, Accept-Encoding
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-origin: *
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-cache: MISS
cf-ray: 7a1fa7d81bd83617-FRA
x-cache-hits: 5, 14

GET
H2 200 widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame FA97 320 KB
103 KB 7ms
6ms Document
text/html 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.troyhunt.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105435
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 05:59:49 GMT
etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified: Tue, 24 Jan 2023 21:41:13 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100116-IAD, cache-hhn-etou8220033-HHN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 86ms
22ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B895JNTH7Z&gtm=45je3310&_p=1079396447&cid=1312176829.1677823190&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677823189&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dr=http%3A%2F%2Fm.gbk12030.cafe24.com%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 05:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 85ms
22ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MH977CGYFX&gtm=45je3310&_p=1079396447&cid=1312176829.1677823190&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677823189&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dr=http%3A%2F%2Fm.gbk12030.cafe24.com%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 05:59:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/7862ca1f/ Frame C8D7 398 KB
51 KB 46ms
43ms Stylesheet
text/css 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

819caf20a98b59edf79abbb9c625bdd6d9d57f52fce7821a7cb041574be96b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 04:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52267
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Mar 2024 04:11:22 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/ Frame C8D7 347 KB
109 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f609d7686d219cc85b7d25028a520f24adf63c99be3242c0ba295060a2ff9eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111137
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Mar 2024 05:43:38 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame C8D7 2 MB
608 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4b1b7fd9deafc45cfc3db423df5859c6fbdf7a4d36baddf2612c82f81d56232f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 622096
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 16:08:50 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7862ca1f/fetch-polyfill.vflset/ Frame C8D7 9 KB
3 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Mar 2024 05:50:09 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame FA97 663 B
603 B 172ms
124ms Fetch
application/json 104.244.42.136

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0cfa418748cab094e611bef0185322728c76bda7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.troyhunt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 117
date: Fri, 03 Mar 2023 05:59:49 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 03 Mar 2023 05:59:50 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 25eaf2d618ccfe04
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d90ea230816ff9c80570fdec2c91f725712b779d46caae47018e419301ac1cc9
content-length: 284

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/settings/ 2 KB
1 KB 9ms
7ms Fetch
application/json 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.25/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 04f31fbc01805d3084ba14788bfaa1d4e4c6c14ec95c8e38b5a817b732ccca49

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9060
x-cache: MISS, HIT
status: 200 OK
content-version: v5.36
alt-svc: clear
content-length: 800
ghost-fastly: true
x-request-id: 87d844c33731a63de11f59a583a07f44, 87d844c33731a63de11f59a583a07f44
x-served-by: cache-ams21078-AMS, cache-hhn-etou8220044-HHN
server: openresty
x-timer: S1677823190.048598,VS0,VE0
etag: W/"728-22tKviDWGhLLqnjbSyccunco5qk"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0, 88

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/tiers/ 685 B
635 B 11ms
9ms Fetch
application/json 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.25/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9060
x-cache: MISS, HIT
status: 200 OK
content-version: v5.36
alt-svc: clear
content-length: 361
ghost-fastly: true
x-request-id: 8860dc91c11de64ec895a529f9e09f40, 8860dc91c11de64ec895a529f9e09f40
x-served-by: cache-ams21080-AMS, cache-hhn-etou8220044-HHN
server: openresty
x-timer: S1677823190.048598,VS0,VE0
etag: W/"2ad-LRIzvm1aa+pB2kd9cIdE7oaGJYk"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0, 5

GET
H2 200 / Show response
troyhunt.ghost.io/ghost/api/content/newsletters/ 604 B
620 B 11ms
10ms Fetch
application/json 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.25/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9060
x-cache: MISS, HIT
status: 200 OK
content-version: v5.36
alt-svc: clear
content-length: 434
ghost-fastly: true
x-request-id: 4e797330a2fb8508a4c25d743d7c7a3c, 4e797330a2fb8508a4c25d743d7c7a3c
x-served-by: cache-ams12770-AMS, cache-hhn-etou8220044-HHN
server: openresty
x-timer: S1677823190.048588,VS0,VE0
etag: W/"25c-a8NOwjERtiFH3rCqN/X+kdBpfho"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0, 5

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/settings/ Frame 0
0 80ms
4ms Preflight 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 9060
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.36
date: Fri, 03 Mar 2023 05:59:50 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 5
x-request-id: 86f1fd3d9c31cdf1fd3313dc4146b077 86f1fd3d9c31cdf1fd3313dc4146b077
x-served-by: cache-ams21070-AMS, cache-hhn-etou8220044-HHN
x-timer: S1677823190.034730,VS0,VE0

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/tiers/ Frame 0
0 79ms
3ms Preflight 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 9060
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.36
date: Fri, 03 Mar 2023 05:59:50 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 5
x-request-id: a0c8739dc8ce52a983f56927720b4074 a0c8739dc8ce52a983f56927720b4074
x-served-by: cache-ams21037-AMS, cache-hhn-etou8220044-HHN
x-timer: S1677823190.034712,VS0,VE0

OPTIONS
H2 204 /
troyhunt.ghost.io/ghost/api/content/newsletters/ Frame 0
0 80ms
5ms Preflight 2a04:4e42::775

General

Check archive.org

Show headers Download Go to

Full URL: https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.troyhunt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 9060
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.36
date: Fri, 03 Mar 2023 05:59:50 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 5
x-request-id: 6b94054dfbb3396183dc545ce4af6889 6b94054dfbb3396183dc545ce4af6889
x-served-by: cache-ams12732-AMS, cache-hhn-etou8220044-HHN
x-timer: S1677823190.034708,VS0,VE0

GET
H2 200 lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ 0
33 KB 91ms
11ms Other
text/css 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 15 Feb 2023 19:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1334997
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33270
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 15 Feb 2023 18:40:44 GMT
server: nginx
etag: "63ed272c-81f6"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: tkY5cmMzMvV5BqIRoRwhp8IDozkQuICpY2aubtTiDKo08bZmxWBCyw==
expires: Thu, 15 Feb 2024 19:09:53 GMT

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
c.disquscdn.com/next/embed/ 0
93 KB 99ms
20ms Other
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 3759255
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: eP_YkSYQ39fBAeNg5cMrid8gLcfbt28COOrqy-W7QSPPOHi-UCDDIQ==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 lounge.bundle.944405f46b741461538725b083516e4d.js
c.disquscdn.com/next/embed/ 0
127 KB 110ms
31ms Other
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 23 Feb 2023 19:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 643563
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129739
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 23 Feb 2023 18:52:58 GMT
server: nginx
etag: "63f7b60a-1facb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: Lg8v6F4VWOeeJzkBgy5UxRqxGiEOeyud7n3fcZeJ_0TDqqVwLREb6A==
expires: Fri, 23 Feb 2024 19:13:47 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 59ms
22ms Other
application/javascript 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17150
X-XSS-Protection: 1; mode=block

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame E20E 0
238 B 25ms
24ms Other
text/plain 2606:4700::6811:b758

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b758 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Mar 2023 05:59:49 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 7a1fa7d95bcd928d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK recommendations.js Show response
troyhunt.disqus.com/ 64 KB
22 KB 11ms
10ms Script
application/javascript 199.232.192.134

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/recommendations.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

c27ae5c16a666df9869db651a64f1965653b98ee0580b09c0fe3aa6c4cf4bfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:49 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 9
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21344

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C8D7 15 KB
15 KB 49ms
41ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 207703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 20:18:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C8D7 15 KB
15 KB 50ms
43ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 72297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 09:54:53 GMT

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 67ms
39ms Other
text/css 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 13 Jan 2023 01:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4251087
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-ba2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: _p2cRRSPXN8gr5AlK4EPxrmsXJnB33r_8zPlezNqylAwVuFjNUwlzw==
expires: Sat, 13 Jan 2024 01:08:23 GMT

GET
H2 200 common.bundle.ee9c33b24a56672a5987fadb46fbba34.js
c.disquscdn.com/next/recommendations/ 0
87 KB 68ms
40ms Other
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 08 Jan 2023 01:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4682059
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88876
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-15b2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 34QOrQ3F1bwe9dlaVBssNEfCisj-wMH0uV45_bfuK8mZV2R7EJSGww==
expires: Mon, 08 Jan 2024 01:25:31 GMT

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js
c.disquscdn.com/next/recommendations/ 0
20 KB 76ms
48ms Other
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1938113
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: RCozwQic5qqX6DgHBw6Fy1AWPZjgDmnGDTkl286r7yU-T5NTVhMaDw==
expires: Thu, 08 Feb 2024 19:37:57 GMT

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 1A26 0
636 B 19ms
18ms Other
text/plain 2606:4700::6811:b758

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b758 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 7a1fa7d9badc2be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 6191 104 KB
19 KB 118ms
118ms Document
text/html 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

96ec83b325fa97fb32db5af9568250db1ee54f23fd804b140410c0aa99c59f38

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 1
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17764
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 03 Mar 2023 05:59:50 GMT
ETag: W/"lounge:view:8455005378.1cc42daa69e5fd1ad2b2183302bafabc.2"
Last-Modified: Sat, 18 Feb 2023 21:34:52 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame C7D1 5 KB
3 KB 24ms
10ms Document
text/html 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

da6c87dbafdbf96c8d0334dfe2926cd65eb4d0e7f73c4901206f2804f20ce33e

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2366
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 03 Mar 2023 05:59:50 GMT
Last-Modified: Wed, 02 Nov 2022 08:14:26 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 tweet.b81b6d7af2d75db873cff6099e4f433a.js Show response
platform.twitter.com/js/ 8 KB
3 KB 7ms
6ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 21:41:06 GMT
etag: "09ec5707a836b9e4f4427dcddd1d0c64+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 2700
x-served-by: cache-iad-kcgs7200062-IAD, cache-hhn-etou8220033-HHN

POST enforce
troyhunt.report-uri.com/r/d/csp/ Frame 9F71 0
0

GET
H2 200 Tweet.html Show response
platform.twitter.com/embed/ Frame 9F71 345 B
348 B 7ms
7ms Document
text/html 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39eb44ceb97856aa7d75eb001503f5134c749e8b1b040e6eea2a481a24d3ced1

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=1800
content-encoding: gzip
content-length: 215
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 05:59:50 GMT
etag: "98c46fc1e48a4704532b5d356709a280+gzip"
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000162-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 recommendations.load.eae384b350ceffb6029a893a061f19bd.js Show response
c.disquscdn.com/next/recommendations/ Frame C7D1 923 B
1 KB 53ms
36ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.eae384b350ceffb6029a893a061f19bd.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b00752a14f31593e5642ea377b95698ca657c635e26674356aac76594d1863ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1938113
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 449
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-1c1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: avuYzGc-uT3I-SbcdTYUpCdAU7-CTRTXo3iA9ApBwbHcxj3d32KQgA==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H2 200 embed.runtime.a110836279ed520f33a4.js Show response
platform.twitter.com/embed/ Frame 9F71 9 KB
4 KB 28ms
27ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a00fe368ff53a50927b767ebe0a41e203c3bb17fbd1e1f62371d59916796b445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "8687dcb7a487c9de4f1a0953755d4072+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 4252
x-served-by: cache-iad-kjyo7100174-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 embed.7796.1cc3f324e058b5b670fb.js Show response
platform.twitter.com/embed/ Frame 9F71 538 KB
174 KB 33ms
32ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.7796.1cc3f324e058b5b670fb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00bc6177508556408233fa48ab00edf3070843c5e8da19d36fcf74cddb8daaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "e812296088ce599788d6c42c10600d3a+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 177793
x-served-by: cache-iad-kcgs7200046-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 embed.Tweet.7f17548897c743060730.js Show response
platform.twitter.com/embed/ Frame 9F71 18 KB
7 KB 7ms
7ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7f17548897c743060730.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e2542749079861030b3a41a5c049a05a5fdf61ac6c56c9a35c93852d4729658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "1593019ef0286d02fa5e255aa0add0ff+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 6965
x-served-by: cache-iad-kiad7000124-IAD, cache-hhn-etou8220033-HHN

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C8D7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

43ms
43ms

XHR
application/json

2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c5727f48a720719716d602c65194a5e797ef38638a7cca4a6d74101008c427fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Mar 2023 05:59:50 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C8D7 29 B
495 B 131ms
36ms Script
text/javascript 2a00:1450:4001:82f::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:52:46 GMT
x-content-type-options: nosniff
age: 424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 06:07:46 GMT

GET
H2 200 lounge.load.94f22ba62af084852428f342c37a2a17.js Show response
c.disquscdn.com/next/embed/ Frame 6191 958 B
1 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.94f22ba62af084852428f342c37a2a17.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

835522a8bd6be0919bf3b579e711e1291a16ab2b3a50371827bba7580ccc2d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 23 Feb 2023 19:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 643562
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 496
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 23 Feb 2023 18:52:58 GMT
server: nginx
etag: "63f7b60a-1f0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: zC-zclxb0i0gsQKrQTAda72mNhSqr2gRvBOtUlDPAMu5o91d17Up8A==
expires: Fri, 23 Feb 2024 19:13:47 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 123ms
43ms Preflight
text/html 2a00:1450:4001:82b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 03 Mar 2023 05:59:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C8D7 66 KB
30 KB 52ms
51ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6f9bc2b9b91659a7ae867da36236e83433f3ef540f4412e6fab0bd267ff86798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30927
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame C8D7 116 KB
36 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a924aaedff33edf135742da7a868f61982fff698a5d2ed55c1d661db0a3824db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36489
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 16:08:50 GMT

GET
H2 200 KEsbNnzLb741hatNhwIyj19PIhcdml8rYMMyNCragbA.js Show response
www.google.com/js/th/ Frame C8D7 36 KB
14 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:80a::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/KEsbNnzLb741hatNhwIyj19PIhcdml8rYMMyNCragbA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

284b1b367ccb6fbe3585ab4d8702328f5f4f22171d9a5f2b60c332342ada81b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14296
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 05:46:32 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/EhmekYj1pIY/ Frame C8D7 47 KB
47 KB 131ms
36ms Image
image/webp 2a00:1450:4001:806::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EhmekYj1pIY/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 04:40:13 GMT
x-content-type-options: nosniff
age: 4777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47972
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Mar 2023 06:40:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/ Frame C8D7 27 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

73b90835985cc1b0e1b1c7bc34fe5860f19c28d5315ef03b96eb20521ef61644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:08:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8593
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 01:18:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 16:08:50 GMT

GET
DATA 200
OK truncated
/ Frame C8D7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJWqmZ8ThH-ghaqXz84husqe6nH64Yz9q7Hx26EuSA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C8D7 3 KB
3 KB 144ms
35ms Image
image/jpeg 2a00:1450:4001:80e::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJWqmZ8ThH-ghaqXz84husqe6nH64Yz9q7Hx26EuSA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:53:33 GMT
x-content-type-options: nosniff
age: 377
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: fife
etag: "v452"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Feb 2023 18:58:00 GMT

GET
H2 200 common.bundle.ee9c33b24a56672a5987fadb46fbba34.js Show response
c.disquscdn.com/next/recommendations/ Frame C7D1 262 KB
87 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.eae384b350ceffb6029a893a061f19bd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b246d8ebe3eb6d7b265009bfd8f1aec3f1547302a9d18a227a9f4e7371eaf657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 08 Jan 2023 01:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4682059
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88876
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-15b2c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: _K7mhiRnUbuIwPFHhOsVAP5WxZfnOQFIynT9SP4iR64NwRemkd333g==
expires: Mon, 08 Jan 2024 01:25:31 GMT

GET
H2 200 embed.749.467388cca0b3fe9c3291.js Show response
platform.twitter.com/embed/ Frame 9F71 19 KB
7 KB 8ms
6ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 6789
x-served-by: cache-iad-kiad7000093-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js Show response
platform.twitter.com/embed/ Frame 9F71 4 KB
2 KB 9ms
7ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "9b4625539e420d3aa9e7164c41134250+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 1519
x-served-by: cache-iad-kiad7000119-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 embed.ondemand.horizon-web.i18n.en-js.366839868b444ace3ab1.js Show response
platform.twitter.com/embed/ Frame 9F71 36 KB
11 KB 9ms
8ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.366839868b444ace3ab1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be84fd6d1e48863b7445ddd6ba71d7be42cffad8aa1e92b02617ab4b034e1e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "88412b75b52a72cf61d03fd69420da53+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 11413
x-served-by: cache-iad-kcgs7200171-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js Show response
c.disquscdn.com/next/embed/ Frame 6191 280 KB
93 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.94f22ba62af084852428f342c37a2a17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 17:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 3759255
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94186
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 18 Jan 2023 17:40:51 GMT
server: nginx
etag: "63c82f23-16fea"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 3WU7I3fWkD1MusFW34q1LVc6YgK35sIwQv5WuqBQCSqA9PTqHIcJMA==
expires: Thu, 18 Jan 2024 17:45:34 GMT

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame C7D1 14 KB
3 KB 7ms
7ms Stylesheet
text/css 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 13 Jan 2023 01:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4251087
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-ba2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: l2W4o4er7ggabKMGQGiZBn5kNDddKlwGSJ9F3vNCMsa6apyYjm2SOQ==
expires: Sat, 13 Jan 2024 01:08:23 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C8D7 4 KB
2 KB 153ms
60ms Script
text/javascript 2a00:1450:4001:812::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 05:59:50 GMT

GET
H2 200 embed.2212.2867b50b9f519594e1b9.js Show response
platform.twitter.com/embed/ Frame 9F71 257 KB
79 KB 8ms
7ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.2212.2867b50b9f519594e1b9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a0dd7217bd1f7080b9c7449b7c4ca2506984fcc535c48c93a8512733d055e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "221354d09450b588c2699f4d762c7e52+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 80338
x-served-by: cache-iad-kjyo7100036-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 embed.ondemand.Tweet.3ee268c5742f1ee77f97.js Show response
platform.twitter.com/embed/ Frame 9F71 82 KB
19 KB 7ms
7ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.3ee268c5742f1ee77f97.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.a110836279ed520f33a4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58de940d3fcfaf38ff160a77cf35dbda649068ff686357e184908c217a80bc6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=0cfa418748cab094e611bef0185322728c76bda7&siteScreenName=troyhunt&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 00:13:40 GMT
etag: "3aa5a40a542b268d3dd753ba35681fe0+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 18968
x-served-by: cache-iad-kcgs7200072-IAD, cache-hhn-etou8220033-HHN

GET
H2 200 recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js Show response
c.disquscdn.com/next/recommendations/ Frame C7D1 65 KB
20 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.bb3216316047d5c61d9dafa6240fbf39.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 08 Feb 2023 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1938113
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20326
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 08 Feb 2023 19:27:34 GMT
server: nginx
etag: "63e3f7a6-4f66"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: NhnWpXGqmrKxt56hFmtoCP9qdoqvD1c6emEqYHXiWgSCNGalpHAzAA==
expires: Thu, 08 Feb 2024 19:37:57 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame C7D1 17 KB
17 KB 15ms
15ms Script
application/javascript 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b2c03debf23bfea7a6f71bad2142bd51370fbb38b704842d809b966bec5cec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17150
X-XSS-Protection: 1; mode=block

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C8D7 90 B
134 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7862ca1f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

76a541717f54d068725b2d50983a5523d4a3675e56b5b8322e5f067006d97c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:82b::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 03 Mar 2023 05:59:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame C8D7 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iM2dsw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ Frame 6191 233 KB
33 KB 8ms
8ms Stylesheet
text/css 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 15 Feb 2023 19:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1334997
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33270
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 15 Feb 2023 18:40:44 GMT
server: nginx
etag: "63ed272c-81f6"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: AVbYqVurhCJDsWYo0QU0ZjZjrm9BuQo2T1c-ZlD3J1EZSlA0e_Q5vw==
expires: Thu, 15 Feb 2024 19:09:53 GMT

GET
H2 200 lounge.bundle.944405f46b741461538725b083516e4d.js Show response
c.disquscdn.com/next/embed/ Frame 6191 507 KB
127 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

35425c6bfcc9cb97073ad120ef2ff24bacb8feede52fa5e505f8c40a067195fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 23 Feb 2023 19:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 643563
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129739
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 23 Feb 2023 18:52:58 GMT
server: nginx
etag: "63f7b60a-1facb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: ZRtPUuRoTaAg-1jg3kYeQ-mKlwK42astuFRBkuNLO5GBT7JOc5Jaaw==
expires: Fri, 23 Feb 2024 19:13:47 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 6191 17 KB
17 KB 7ms
7ms Script
application/javascript 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

b2c03debf23bfea7a6f71bad2142bd51370fbb38b704842d809b966bec5cec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17150
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame C7D1 3 KB
4 KB 7ms
7ms XHR
application/json 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1c3b8001697eba74828346d67a9a8f6ee115cc6376c9b05d4dd9a17ed3ced117

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 3
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3159
X-XSS-Protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame C8D7 50 KB
15 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:812::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 03 Mar 2023 12:49:58 GMT

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 9F71 2 KB
2 KB 69ms
19ms XHR
application/json 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1040634067018895360&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.7796.1cc3f324e058b5b670fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (lhb/631F) / Express

Resource Hash

b0153785b4f39dc26f258acacec371f1dea291d402d7f002c89cb18044ebe7e6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 05:59:50 GMT
strict-transport-security: max-age=631138519
age: 1
x-powered-by: Express
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 935
x-xss-protection: 0
x-response-time: 142
last-modified: Fri, 03 Mar 2023 05:59:49 GMT
server: ECS (lhb/631F)
etag: W/"91d-iDdRl83vaPimDapOwTtfn63KE9o"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 2fcc48539245e1cf
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: e61b0d093f696cc5068c4bfb08f03e064f7e82a645ae2045c76b48270bb7cee6
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-tw-cdn: VZ, VZ, VZ
access-contol-allow-origin: platform.twitter.com

GET
H2 200 css2
fonts.googleapis.com/ Frame C7D1 11 KB
936 B 74ms
74ms Stylesheet
text/css 2a00:1450:400d:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 05:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 05:22:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 05:59:50 GMT

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame C7D1 7 KB
7 KB 8ms
8ms XHR
application/json 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=troyhunt&thread=url%3Ahttps%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.ee9c33b24a56672a5987fadb46fbba34.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ccdb5a31cbfe2ca6e1e790fc7d77945ec58b7d7a1ae8620016771784f1b22331

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 169
X-Frame-Options: SAMEORIGIN
Vary: Origin
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 7007
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 6191 3 KB
4 KB 111ms
110ms XHR
application/json 151.101.0.134

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1c3b8001697eba74828346d67a9a8f6ee115cc6376c9b05d4dd9a17ed3ced117

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:50 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3159
X-XSS-Protection: 1; mode=block

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 9 KB
10 KB 10ms
8ms Image
image/jpeg 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F01%2FSplash-Template-2.jpg&key=GNy2ic9-t4bwzY3s54SUsA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7a30d079e503098d40eb62b0860a7d27dfd1a4171e0af7b929f6fb8c57be8e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 19 Feb 2023 07:30:30 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1031360
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9642
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUR7etkCwbOLNV8g0IKOFVTtlFkXaZxCftTXXiPESIW606SQCVNOzfwDOX%2BnBBsB4UlARgCAHpnuh1PBL1ONEEdCLbPKYXyoYWsbPsU3tsCcbgoineLLtWp3ka4RXhpZoqJq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: IpFz6vgPxuyEvv6qa23i_1QYv-twehajXRZj6kfdGgrd53xgqHGtiA==
expires: Tue, 21 Mar 2023 07:30:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 10 KB
11 KB 11ms
10ms Image
image/jpeg 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F07%2FCopy-of-2895.jpg&key=b1rfsIG61KbLut75l2533A&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

34ea988c3674199db364b13660e4a0dd9c3d309be1245bd011ac5db590420259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 16 Feb 2023 01:10:01 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1365023
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10552
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLBPA0QvdLD%2FAWOuhUeqsjP9t1VU66%2BD4IHi9aTdPnGgih%2FD%2BALX3d1FIvg4tYnk8MCdUEV7mkBdwYUrAJFKUOnXkCXczyGe3hnHod23GNQ1LyBG3fvjZFt0dUikE6Kt6oF8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: pgZ_jv4HoS6Iy5vJDyOm6wGL0M8vIGHpvmHi0UNBC46-xXtOLxVqjw==
expires: Sat, 18 Mar 2023 01:10:01 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 12 KB
13 KB 20ms
18ms Image
image/jpeg 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F12%2FSplash-Template-4.jpg&key=ocuMSQweK_0FMY_AeSAOpA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

693f7012e1be692e23379d4352fdbb9f2f29fe06f8cd46e6b5a4d6b3383807ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 02 Feb 2023 12:18:04 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 2482906
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 12499
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29SHMwzcpg9aXwOmvrinyKxfxTrnY2HibFQwjVvc7ou0DTSl7bvEaGEaDVOg%2FjnK%2BW78ydBCNKL5kSgy2P0mlFk3ZaIr04MXp371x%2F965C1EjOGsMKCmsTq%2Bk6IvgLd8zzp9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: ygT8M5GgUWCfztOfhbe3JS2EALqAVymOA_mOtObJPrhKQz5FhhlShQ==
expires: Sat, 04 Mar 2023 12:18:04 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 57 KB
58 KB 13ms
12ms Image
image/png 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F11%2FPricing.png&key=BUfGQtpqczhyyQkzWO7ZkA&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c895de97186493a0caeee45fa66e7032f40295d71d5889ec346e827e80d3fe2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Tue, 14 Feb 2023 16:40:03 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1542474
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 58808
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGH2x6CC%2F%2Bk6Zy1ypTLnTxj0jgd4YmIvvhAGvWXv5fSC80vm818V6h6JGTwgH7s%2BxV2C1E%2BYoCwuC%2B2ai%2BgbUPCrsZD5DxeH3Day2Ba8fYXDor3r8vdl%2Bf8DwNyw%2B0uzOPvS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: dqKPXKfyjTI9vxx7uXZTxUkp3WrpesUDyMJv8wUJ4cU8RVITqo387A==
expires: Thu, 16 Mar 2023 16:40:03 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 14 KB
15 KB 16ms
15ms Image
image/jpeg 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F12%2FSplash-Template.jpg&key=YmxwbXS2110deeY-f33nNg&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

dc60fc64932038e213b086fb9cd3868823ce6bd55cc99d3adc505365c0215849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 13 Feb 2023 06:09:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1554641
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 14276
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wwq%2BMtWwen4bTS0vzoSCfJNuX6ZSKQK7GyPLvtHPrKA6xmPJXy2HSLeyuRVpXPbpcFkfYHJIA66EMw32m9wIJaCDMg9YaXff2egxKS1y6ioq2RrIWHWEYafcYaOE1hy7SuFk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: dIdq6MGUxe0wL4truI_3-Z_sajyQDig5X0l9Kne1Dw7v8rNm8tODnw==
expires: Wed, 15 Mar 2023 06:09:09 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 8 KB
9 KB 14ms
13ms Image
image/jpeg 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2023%2F01%2FPwned-or-Bot.jpg&key=QVxHQAEO7fKr5r5iYhLPsg&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

af134411a32de886dc035064a659be187238ed529ecad4d9b9bf1632e8cca8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Sat, 18 Feb 2023 09:03:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1112161
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 7923
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO9zlZlkj3KPsWHr%2FDV3IGvX64W%2FVwy9p96PC1kaVzcaL0BaclOX0dNJ7DkO3Vs9y5iBeQayzdN1yJ97SbSxIDI2iYpO2Zyd6wE%2B5C9Tf42lPglC8oeUkTRP7J6Es1tuQVp3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: -3Tgx2D6d5SenWAo8JsJNW4e1xjd2MAO6tErQOLpbHv2tYXZDQA34Q==
expires: Mon, 20 Mar 2023 09:03:49 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 33 KB
34 KB 18ms
17ms Image
image/png 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F11%2Fsupport.haveibeenpwned.com.png&key=RX_RdOWxD-yqelfQU0jY-Q&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

575721b37226604b27bb9c2af852c0da7620c47d07aece572666e89320db4ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Feb 2023 01:55:40 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 965050
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 33376
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPLqcX%2BHENV02w1VgZ0Ja%2BeF9DuDPBCv%2F4e%2BmIdbyntfRWN48DPNjJXsFb4deaDrMNGyXsK44EHoeNFrS%2F7fidGQqg7lnwcRDl4%2F02V5lnnpSHv1cWHlBwq%2Ba%2BDn9aDdqe5l"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: g0CmnS5q9O_-EMhSC8cL8HfEVHrUjAXoSJdmVxDiRq4ME_DqW3RVYw==
expires: Wed, 22 Mar 2023 01:55:40 GMT

GET
H2 200 get
c.disquscdn.com/ Frame C7D1 100 KB
101 KB 21ms
20ms Image
image/png 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F11%2FBreachPost.png&key=g5HQfV8eaC7xv9QhBIqCFQ&h=200

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

aedd66f10e4b14dc511a08966b8d9d2d3b5ac275abb492d966dcd231ae1473ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 13 Feb 2023 01:41:15 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cache-hits: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
age: 1570715
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 102419
ghost-fastly: true
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPp7W45FMSOxX5mp4sWtllglLZ95k3jDyHAx2ovqb9iJ78x8Y8G%2BzVTTGD5038Tla%2BfPMu4sa3Avz4FbJJkfK8NiCqHXMknbLKVlKjBIkOy8%2BiDg64eet%2Bphb1Bre874mKWF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
ghost-cache: MISS
accept-ranges: bytes
x-amz-cf-id: 6OsOCMuwNUmww3pNc0NFRViIPCt-KK-1lrVuUW-Ue_KLwUqyw4jb-w==
expires: Wed, 15 Mar 2023 01:41:15 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 9F71 43 B
150 B 114ms
114ms Image
image/gif 104.244.42.136

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1677823190989%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22troyhunt%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22troyhunt%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22e87353cc2ba70%3A1673652681513%22%2C%22item_ids%22%3A%5B%221040634067018895360%22%5D%2C%22item_details%22%3A%7B%221040634067018895360%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 03 Mar 2023 05:59:50 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 03 Mar 2023 05:59:51 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 11d842f725c74bf5
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d90ea230816ff9c80570fdec2c91f725712b779d46caae47018e419301ac1cc9
content-length: 43

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7D1 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 57255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:05:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7D1 15 KB
16 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 597223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 08:06:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C7D1 16 KB
16 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 135421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:22:50 GMT

GET
H2 200 RxIZwxXx_normal.jpg
pbs.twimg.com/profile_images/824723579602403330/ Frame 9F71 2 KB
2 KB 49ms
7ms Image
image/jpeg 2a04:4e42:8d::159

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/824723579602403330/RxIZwxXx_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::159 -, , ASN (),

Reverse DNS

Software

Resource Hash

b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Fri, 03 Mar 2023 05:59:51 GMT
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2035
x-served-by: cache-lhr7343-LHR, cache-fra-eddf8230115-FRA, cache-tw-ZZZ1
last-modified: Thu, 26 Jan 2017 20:57:58 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 71d68bc62289ae61
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 css2
fonts.googleapis.com/ Frame 6191 11 KB
840 B 70ms
70ms Stylesheet
text/css 2a00:1450:400d:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 05:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 05:26:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 05:59:51 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 6191 3 KB
3 KB 9ms
9ms Image
image/gif 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 4330610
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gjmCCXaxoemeDx4LzW4oVbjfYuuyAhwP9WUkkAV3TLQs70zZZiGceA==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 840 B
1 KB 10ms
9ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 25 Jan 2023 03:23:40 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 3206171
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: t9z4x5XcfT1IbK4nSlB-lOsXG7EqcbGIqsqJMlJ3PkaDL7Iv-q2IpQ==
expires: Thu, 25 Jan 2024 03:23:40 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 891 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 28 Jan 2023 10:59:15 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 2919636
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5wRic4xm557NSvBi5cTtmAGYXByjCsVQz43Pm5COw9etumIhMdqT6w==
expires: Sun, 28 Jan 2024 10:59:15 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 605 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 07:05:35 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 3884055
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xN8Us_hvdZVyRy18MHyFJzaQ3pWpuFIOP8uirPx6DH1KOsRVCAVZ7w==
expires: Wed, 17 Jan 2024 07:05:35 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 6191 2 KB
2 KB 12ms
11ms Image
image/png 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 06:16:10 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 3887021
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KunEKMSuLHxTfmXJVE8w0HM5_pvyvVJATk66g5I948hLX7l3twPB4A==
expires: Wed, 17 Jan 2024 06:16:10 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 6191 8 KB
8 KB 12ms
12ms Font
application/octet-stream 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 18 Jan 2023 06:16:27 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 3800604
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fmeTGQMJw-CD6XRHcg3GMqJ0hRSpOrgweNwEWaieq-rZBP6vKjs2bg==
expires: Thu, 18 Jan 2024 06:16:27 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 43ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6191 15 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 597223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 08:06:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6191 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 57255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:05:36 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6191 17 KB
17 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:08:39 GMT
x-content-type-options: nosniff
age: 78672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 08:08:39 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 6191 43 B
339 B 115ms
98ms Image
image/gif 199.232.192.134

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=505&event=init_embed&thread=8455005378&forum=troyhunt&forum_id=621325&imp=77n014s7nuaj1&thread_slug=using_the_coinhive_domain_to_fight_cryptojacking_and_do_good_things_with_content_security_policies&user_type=anon&referrer=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:59:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
7ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame E006 0
597 B 14ms
14ms Other
text/plain 2606:4700::6811:b758

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: m.gbk12030.cafe24.com
URL: http://m.gbk12030.cafe24.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b758 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 7a1fa7e27ab92be9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
7ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
7ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1671639122/images/ Frame 6191 2 KB
2 KB 7ms
6ms Image
image/png 199.232.194.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1671639122/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.944405f46b741461538725b083516e4d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 05:59:51 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1139205
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: oRkIWJZBwGvexlxy2l3ixjJgUlyCKCfE6Dp_V1Bmgk5wEWjuvsPWpg==
x-xss-protection: 1; mode=block
expires: Sat, 21 Jan 2023 19:50:36 GMT

GET
H2 200 like.855606fb4e3a7a6448e6c782f3f54e5a.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 2 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/like.855606fb4e3a7a6448e6c782f3f54e5a.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 21 Jan 2023 03:02:48 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 3553023
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1655
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-677"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oSE_RbLUvrPDVHCJ5Ye16XgrktHPYfS6t1HLeiliqtp0xjiPquw89A==
expires: Sun, 21 Jan 2024 03:02:48 GMT

GET
H2 200 dislike.612d8ba98928c381e4c789c1b309cda1.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 2 KB
2 KB 9ms
9ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/dislike.612d8ba98928c381e4c789c1b309cda1.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 02:38:15 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 4936896
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1796
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 04 Jan 2023 20:33:54 GMT
server: nginx
etag: "63b5e2b2-704"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9vsyGV5qFfDvkd2xkXDGCar5afXRqru47SNqKPSSFWereREBaoymCg==
expires: Fri, 05 Jan 2024 02:38:15 GMT

GET
H2 200 follow-v2.411b1215980cdde315e43cc006cfbea6.svg
c.disquscdn.com/next/embed/assets/img/ Frame 6191 2 KB
2 KB 8ms
8ms Image
image/svg+xml 2600:9000:21f3:8000:6:8656:f5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/follow-v2.411b1215980cdde315e43cc006cfbea6.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8000:6:8656:f5c0:93a1 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 02 Feb 2023 16:45:53 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 2466838
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1557
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 02 Feb 2023 16:37:11 GMT
server: nginx
etag: "63dbe6b7-615"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZUwSgmDtVC30J0ksWRHYJnL-Nu6iSXstQmpSrhro5eIC1ql5Lq5qIw==
expires: Fri, 02 Feb 2024 16:45:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6191 16 KB
16 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 135421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:22:50 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6191 17 KB
17 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:48:58 GMT
x-content-type-options: nosniff
age: 598253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 07:48:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: troyhunt.report-uri.com
URL: https://troyhunt.report-uri.com/r/d/csp/enforce

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: ECSESSID Value: bf9224a0f5aa88c4da685ac1ed2ce239
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: EC_MOBILE_DEVICE Value: 0
.gbk12030.cafe24.com/	1970-01-20 10:03:46	Name: basketcount_1 Value: 0
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: atl_epcheck Value: 1
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: atl_option Value: 1%2C1%2CH
.coinhive.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: bfd38ccbada03af233f9491ab0bebb21d8d4a8a758906bd1733341e76090f6d8
m.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: ec_ipad_device Value: F
.gbk12030.cafe24.com/	1970-01-20 10:13:47	Name: wish_id Value: ef168001216bad68632a798350bea8db
.gbk12030.cafe24.com/	1970-01-20 10:05:09	Name: wishcount_1 Value: 0
.gbk12030.cafe24.com/	1970-01-20 10:03:46	Name: isviewtype Value: mob
.gbk12030.cafe24.com/	1970-01-20 19:39:43	Name: CUK45 Value: cuk45_gbk12030_bf9224a0f5aa88c4da685ac1ed2ce239
.gbk12030.cafe24.com/	1970-01-20 19:39:43	Name: CUK2Y Value: cuk2y_gbk12030_bf9224a0f5aa88c4da685ac1ed2ce239
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: CID Value: CID33ba99a76dfeab2cf17d16fbce7a063c
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: CID33ba99a76dfeab2cf17d16fbce7a063c Value: 72859e489352eebb94a5b43fab46cba3%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%2F%3A%3A1677823183%3A%3A%3A%3Apmdp%3A%3A1677823183%3A%3A%3A%3A%3A%3A%3A%3A
.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: vt Value: 1677823183
.m.gbk12030.cafe24.com/	1970-01-20 18:49:19	Name: CFAE_CUK1Y Value: CFAE_CUK1Y.gbk12030_1.NWBN1Y7.1677823185399
.m.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: CFAE_LC Value: CFAE_LC.gbk12030_1.NWBN1Y7.1677823185399
.m.gbk12030.cafe24.com/	1970-01-20 11:08:31	Name: CFAE_CUK45 Value: CFAE_CUK45.gbk12030_1.NWBN1Y7.1677823185399
.m.gbk12030.cafe24.com/	1969-12-31 23:59:59	Name: CFAE_CID Value: CFAE_CID.gbk12030_1.NWBN1Y7.1677823185399

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-to network-errors
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
bloghelpers.troyhunt.com
c.disquscdn.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cfa-js.cafe24.com
coinhive.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.echosting.cafe24.com
jnn-pa.googleapis.com
m.gbk12030.cafe24.com
optimizer.poxo.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
region1.google-analytics.com
static.doubleclick.net
syndication.twitter.com
troyhunt.disqus.com
troyhunt.ghost.io
troyhunt.report-uri.com
www.google.com
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
www.troyhunt.com
www.youtube.com
yt3.ggpht.com
troyhunt.report-uri.com
104.244.42.136
112.175.31.199
146.75.120.157
151.101.0.134
199.232.192.134
199.232.194.49
2001:4860:4802:34::36
203.245.1.129
23.35.236.199
2600:9000:20eb:b600:f:9b8:8140:93a1
2600:9000:21f3:8000:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:3030::ac43:ddf5
2606:4700::6811:180e
2606:4700::6811:b758
2a00:1450:4001:806::2016
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2006
2a00:1450:400d:803::200a
2a00:1450:400d:80a::2004
2a04:4e42:600::485
2a04:4e42:8d::159
2a04:4e42::775
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::3
0036190ebb7173eeb20e3063b887fdd435da873ab3b208ac11f120501cbd982b
04f31fbc01805d3084ba14788bfaa1d4e4c6c14ec95c8e38b5a817b732ccca49
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
059aa0e4fb742a2d328a1d0dd129b5920a5cb2543e162cd86b57093c3ef37b82
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
0978b92f5e9a7ae7f605736431e8fe79ce343929223da745b4f7891873b29dd6
09d6750e3904c7220f0714cd026541a6727a42c3fed2e275769cfa88de8abf5a
0b03272ef5f1d131b31cd78d0dc42b7aa4c1c570a52d44db399227670c5958d8
0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605
0b16d5f9021cf6aaad6f7057ed38f69f17257202075eebcce8ff9077f91985e5
0cb5c6e45e7598de4a59628e62a87656f8fd23005f905d54d0cb2bd4133228eb
0e2542749079861030b3a41a5c049a05a5fdf61ac6c56c9a35c93852d4729658
0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad
1c3b8001697eba74828346d67a9a8f6ee115cc6376c9b05d4dd9a17ed3ced117
1f42c456992943ef45511d4dcccfae3d73505d63a0af225a04e9c6fc8ce4ed57
284b1b367ccb6fbe3585ab4d8702328f5f4f22171d9a5f2b60c332342ada81b0
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
34ea988c3674199db364b13660e4a0dd9c3d309be1245bd011ac5db590420259
35425c6bfcc9cb97073ad120ef2ff24bacb8feede52fa5e505f8c40a067195fb
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37916b0c48fadfceebfbfb1777c42d5454209ccad3cf78db4a5565b32b53453e
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39eb44ceb97856aa7d75eb001503f5134c749e8b1b040e6eea2a481a24d3ced1
39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88
3b8a8d998dd7dc014bdb52a01adea8ec1be82193e7e7c6e0c7067a58435b7c28
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b1b7fd9deafc45cfc3db423df5859c6fbdf7a4d36baddf2612c82f81d56232f
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0
55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5
57204c0dc9f9806cc5fb4b75d11da4a6db5691d8db0bfd602aa008fe98057680
575721b37226604b27bb9c2af852c0da7620c47d07aece572666e89320db4ce1
58de940d3fcfaf38ff160a77cf35dbda649068ff686357e184908c217a80bc6d
5a2744b805079e23c29aae5ed86c370139952cebb806d27045a7b3d05b543f8a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab9af97734b7a1b76e65a6aff767898e4dd763725c46ee56d340a5fd116e6a3
5bd060c4d7413c66456b91af3b13d3a3823c90543d9ccebc7a94a892ecb36d27
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
693f7012e1be692e23379d4352fdbb9f2f29fe06f8cd46e6b5a4d6b3383807ee
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6f9bc2b9b91659a7ae867da36236e83433f3ef540f4412e6fab0bd267ff86798
73b90835985cc1b0e1b1c7bc34fe5860f19c28d5315ef03b96eb20521ef61644
7487bbc150af25858ba2af0afbe2cac11520e357e633d673ef1d543ba79bd26b
76a541717f54d068725b2d50983a5523d4a3675e56b5b8322e5f067006d97c78
79441c5d950c0382597521922894526dbd9a88ac2da7b1c92f9f15f26b491cf4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a30d079e503098d40eb62b0860a7d27dfd1a4171e0af7b929f6fb8c57be8e89
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
8048f4cf343485f269ba72bd28bfad65913705189e5bccbd4562fe2704892b3d
819caf20a98b59edf79abbb9c625bdd6d9d57f52fce7821a7cb041574be96b8d
835522a8bd6be0919bf3b579e711e1291a16ab2b3a50371827bba7580ccc2d4e
839f15c632853416b409d3dcc04b3260dc0afc6632a2c09d09677f3c57ab102f
8a0dd7217bd1f7080b9c7449b7c4ca2506984fcc535c48c93a8512733d055e51
8bd3068a31f037d3d198e40d59ae6acf610e3550c11ebff7b6c66bdf8e8b2e3f
8e0e4638456858c1b85a8e5752ea30ae15237207e8a1a65f18e3ac872b1037fc
8e4b654afbf8ad1dc6ba7c45d696e8d081b17e02e048516d384a39f76779f0e8
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
94b73cb575f112729a5b5c1aa19d1ceb320247f0064359496e6ff09966b492a3
95870feeecf745c87609ca5e0bb6d4c60b34a534eb02e8dfb96a72ece70e0719
96ec83b325fa97fb32db5af9568250db1ee54f23fd804b140410c0aa99c59f38
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f
990101125c71ca0f33c451ef1286d20fda038afc5e050c3b1c5b917b75552fd8
9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51
a00fe368ff53a50927b767ebe0a41e203c3bb17fbd1e1f62371d59916796b445
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a924aaedff33edf135742da7a868f61982fff698a5d2ed55c1d661db0a3824db
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd0328ce69b5b0585c6299a4716d1c583cb0fda8ec82ccffda73aa79f6cc238
ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5
ae68958c97fa00e816c8c185a6aa5167752c21b38965116488920ee5eff4f21b
aedd66f10e4b14dc511a08966b8d9d2d3b5ac275abb492d966dcd231ae1473ba
af134411a32de886dc035064a659be187238ed529ecad4d9b9bf1632e8cca8a1
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b00752a14f31593e5642ea377b95698ca657c635e26674356aac76594d1863ba
b0153785b4f39dc26f258acacec371f1dea291d402d7f002c89cb18044ebe7e6
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0995e124e130de91c006f08a21f30fe22202faae3b448eb11e9e6f69e7a6af7
b246d8ebe3eb6d7b265009bfd8f1aec3f1547302a9d18a227a9f4e7371eaf657
b2c03debf23bfea7a6f71bad2142bd51370fbb38b704842d809b966bec5cec5b
b48e1fc2b92c43ccf6022ca829caecb35f1ef2d6919c92366098b7d13c0d5940
b6bcb438bde380c06e723584e069f13e39d3dc90771e4f7c1a8acfe7cb1821fd
b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520
b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322
be84fd6d1e48863b7445ddd6ba71d7be42cffad8aa1e92b02617ab4b034e1e1a
c00bc6177508556408233fa48ab00edf3070843c5e8da19d36fcf74cddb8daaf
c27ae5c16a666df9869db651a64f1965653b98ee0580b09c0fe3aa6c4cf4bfbe
c5727f48a720719716d602c65194a5e797ef38638a7cca4a6d74101008c427fb
c895de97186493a0caeee45fa66e7032f40295d71d5889ec346e827e80d3fe2f
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb
c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069
caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791
cbe3aafd5121ea4b41d1dcabc68450897c3db591c4e8b708d85b6b70ac5be327
ccdb5a31cbfe2ca6e1e790fc7d77945ec58b7d7a1ae8620016771784f1b22331
cd1ca2837ba03995ac49cfc3438105b29a5057d65e79b5a36bbbd45bc3807966
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d2aefd14cd49d63171bf46d8acab64267dc3e49c67a265a3148ed029874ce675
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da6c87dbafdbf96c8d0334dfe2926cd65eb4d0e7f73c4901206f2804f20ce33e
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc60fc64932038e213b086fb9cd3868823ce6bd55cc99d3adc505365c0215849
de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e3e557d5a4a02b4f9deba9f56dd864369a889c940dd8fc6dc182fb67fec82c13
e653e2eddada1ba29458b4e67ebd397c26bebae398a8b271f041d813d4978236
e7958839373758bd28ff5decded6caa97be3acf81ebc66cabd1749ddf6755870
e8c2cd379ea39237db240c627a94b622919b5aac8cc8d3c8c448c46d3a6869a1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef4353f8bec1d6f56900ac576cf10eba4f8a9c3c3dfca7d85bb76dee451afe5a
f29d8cf4228799bc9356d8dac3d8e109dff23f0d8e4436f495b2281c7cc1625e
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2
f438a595dfc2c92e830a125fcc3fc2bdc7254550da42d478c1419471a3d6de82
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f609d7686d219cc85b7d25028a520f24adf63c99be3242c0ba295060a2ff9eb5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62
fcdefaf5c3f143b4a31cd7b499fdbcce2c73411684bd15d57c0d5f956567cb83

www.troyhunt.com Open in urlscan Pro 2606:4700:3030::ac43:ddf5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

82 %HTTPS

74 %IPv6

22 Domains

33 Subdomains

32 IPs

3 Countries

4463 kBTransfer

11282 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.troyhunt.com Open in urlscan Pro
2606:4700:3030::ac43:ddf5 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

82 %
HTTPS

74 %
IPv6

22
Domains

33
Subdomains

32
IPs

3
Countries

4463 kB
Transfer

11282 kB
Size

19
Cookies

163 HTTP transactions
1 data transactions