Submitted URL: http://cnhv.co/
Effective URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-con...
Submission: On July 06 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3032::6815:2e06, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.troyhunt.com. The Cisco Umbrella rank of the primary domain is 771520.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time www.troyhunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:2800:234... 15133 (EDGECAST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 199.232.192.134 54113 (FASTLY)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
25 2600:9000:231... 16509 (AMAZON-02)
8 151.101.128.134 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.244.42.72 13414 (TWITTER)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 199.232.198.49 54113 (FASTLY)
2 2606:2800:134... 15133 (EDGECAST)
111 26
Apex Domain
Subdomains
Transfer
32 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4067
a.disquscdn.com — Cisco Umbrella Rank: 8183
887 KB
16 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
syndication.twitter.com — Cisco Umbrella Rank: 869
532 KB
14 troyhunt.com
www.troyhunt.com — Cisco Umbrella Rank: 771520
bloghelpers.troyhunt.com
724 KB
11 disqus.com
troyhunt.disqus.com
disqus.com — Cisco Umbrella Rank: 2181
referrer.disqus.com — Cisco Umbrella Rank: 6177
131 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
771 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
120 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
30 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
2 KB
4 report-uri.com
troyhunt.report-uri.com — Cisco Umbrella Rank: 987553
3 KB
2 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1443
pbs.twimg.com — Cisco Umbrella Rank: 690
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 944
124 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
82 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
47 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 257
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
14 KB
1 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 3533
14 KB
1 cnhv.co
cnhv.co
954 B
111 18
Domain Requested by
25 c.disquscdn.com troyhunt.disqus.com
disqus.com
c.disquscdn.com
www.troyhunt.com
13 platform.twitter.com www.troyhunt.com
platform.twitter.com
13 www.troyhunt.com www.troyhunt.com
unpkg.com
9 www.youtube.com www.troyhunt.com
www.youtube.com
8 disqus.com troyhunt.disqus.com
c.disquscdn.com
7 a.disquscdn.com www.troyhunt.com
c.disquscdn.com
4 jnn-pa.googleapis.com www.youtube.com
4 troyhunt.report-uri.com www.troyhunt.com
3 syndication.twitter.com platform.twitter.com
www.troyhunt.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 troyhunt.disqus.com www.troyhunt.com
troyhunt.disqus.com
2 www.google-analytics.com www.troyhunt.com
www.google-analytics.com
2 unpkg.com 1 redirects www.troyhunt.com
2 cdnjs.cloudflare.com www.troyhunt.com
cdnjs.cloudflare.com
1 pbs.twimg.com platform.twitter.com
1 cdn.syndication.twimg.com platform.twitter.com
1 referrer.disqus.com www.troyhunt.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.gravatar.com www.troyhunt.com
1 bloghelpers.troyhunt.com www.troyhunt.com
1 fonts.googleapis.com www.troyhunt.com
1 cnhv.co 1 redirects
111 28
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.report-uri.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2022-04-20 -
2023-04-20
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
a.disquscdn.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2022-01-03 -
2023-02-04
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: B9E75D4F9A447883005EF1763AC9FC0C
Requests: 37 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EhmekYj1pIY
Frame ID: DE0B14E6CAAA6B1381FF31FEDDB2503F
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.troyhunt.com
Frame ID: 8E96D4CEE675A876179DA3B7B37BC1D2
Requests: 2 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 9271595A31E5F7EBCB97D0E728B70022
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Frame ID: B1BA4ADDFBF350B511676CC23EE7B658
Requests: 18 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: A5E1B349D1765C78E29D4DCDBAFE527D
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Frame ID: 710FFB573B65936F6B95C251D62C395A
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Frame ID: 301751C49206C6E1D727C1755B260163
Requests: 14 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: BED3EE9E1B568C195FF5770930E5934F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Troy Hunt: I Now Own the Coinhive Domain. Here's How I'm Fighting Cryptojacking and Doing Good Things with Content Security Policies.

Page URL History Show full URLs

  1. http://cnhv.co/ HTTP 301
    https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

111
Requests

97 %
HTTPS

85 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

3508 kB
Transfer

8060 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cnhv.co/ HTTP 301
    https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js HTTP 302
  • https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Redirect Chain
  • http://cnhv.co/
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
61 KB
21 KB
Document
General
Full URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8f5ea74cdfddd9e71f504bac4a98d225762769d69ad0b5a9ebee8216ddc1628
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
REVALIDATED
cf-ray
726833f36d8859d1-MXP
content-encoding
br
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=utf-8
date
Wed, 06 Jul 2022 12:04:26 GMT
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
nel
{"report_to":"default","max_age":10886400}
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server
cloudflare
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 9
x-content-type-options
nosniff
x-request-id
72c588845e38bc9e81eaf6912708575b 72c588845e38bc9e81eaf6912708575b
x-served-by
cache-ams12769-AMS, cache-mxp6978-MXP
x-timer
S1656474995.919154,VS0,VE0
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
726833f0ab85baa0-MXP
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 12:04:26 GMT
Location
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBXiUA3kI5X0g%2Fr%2BLSO2Cvpjap3q9ZI9qx1AwEUfw0xj00wdoodRr4AJsVLiHX8CJnCN1boZGG2z7KJRqtvWJkhJpgfVpoQvMCHs2RLyvOvqVER7zpEWRG7vg%2F29HDI%2BlXJbyETD"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.min.css
www.troyhunt.com/assets/css/
26 KB
7 KB
Stylesheet
General
Full URL
https://www.troyhunt.com/assets/css/main.min.css?v=f948270cfd
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca584423385387f7fd16ae6c62079f43d381881df869c02e9228c46ec203583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
630739
x-cache
HIT, HIT
status
200 OK
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
6f2b47faf10cc9aa247ebb429614ba80, 6f2b47faf10cc9aa247ebb429614ba80
x-served-by
cache-ams12778-AMS, cache-mxp6968-MXP
last-modified
Fri, 10 Dec 2021 06:45:57 GMT
server
cloudflare
x-timer
S1656478328.955389,VS0,VE1
etag
W/"6855-17da3175ec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpHEK2yTOfrM9eD4%2B7tdIGZcpWqLts%2Fz8hWmY2z0%2FFgLUTofOHc4o8ytiSfX7lMBg5NEFL8rmHqn931ES%2FKNvMYKHhcxQtg2GladjVfXqAVaENQOTJOIWNNzHboG7JbnpIX6Hrb%2BoQXc3va7J52t"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
vary
Accept-Encoding, Cookie
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f3de2f59d1-MXP
x-cache-hits
1, 1
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16ea11a0622f9e8baa63399c68c725780ca7ef3cdd1d1a2dbad3361eb8658ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 11:59:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 12:04:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 12:04:26 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2996929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3bq2ro9xnZc11wfrpuBeF2S2fS2Mxb6XAuy4h9JdhED0OiiXAZD5aURwriN7KEgUd5KwYTnJoV8hVBnhxGvzbMkQuRb4dIQm4yr%2B3x3ERIAStc84HmVvYQYURqltUhflgZSh4Qg3lRYzJqIFKQN4ed0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
726833f40c4001e3-ZRH
expires
Mon, 26 Jun 2023 12:04:26 GMT
portal.min.js
unpkg.com/@tryghost/portal@1.22.6/umd/
Redirect Chain
  • https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
  • https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js
484 KB
124 KB
Script
General
Full URL
https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
4265144
fly-request-id
01G3AJTT3QS7E0V2AE0A8PDPTW-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Wed, 18 May 2022 03:15:35 GMT
server
cloudflare
etag
W/"79000-M0DLzHAKKwWGpUR+nfOsDIxvZTs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
726833f5088dcc36-ZRH

Redirect headers

date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G79P4R86QAMF1GBS41P6QHPX-fra
server
cloudflare
age
78
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@tryghost/portal@1.22.6/umd/portal.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
726833f44f60cc36-ZRH
access-control-allow-origin
*
cards.min.js
www.troyhunt.com/public/
7 KB
2 KB
Script
General
Full URL
https://www.troyhunt.com/public/cards.min.js?v=f948270cfd
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
635621
x-cache
HIT, HIT
status
200 OK
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
15e222e79abb458c5c16d9d00fc52bf9, 15e222e79abb458c5c16d9d00fc52bf9
x-served-by
cache-ams12758-AMS, cache-mxp6975-MXP
server
cloudflare
x-timer
S1656473445.135455,VS0,VE1
etag
W/"16d84278bb517d1765f9d6471d902dc2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrhxvekKLH%2FL3lMhWq1MYsa9yaTOT2I5qQP9xss6k5V3osKllMtUHnP6Bc4lCdPSIpStmdFMDUNXbtvPkn48FiN1GCVZHbPX2F%2Bi790o%2FWapL2dSTQ03dyjsIl%2Bc8vSzCa1LjuNxY3wZkwhXKGce"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding, Cookie
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f43a86bb2c-MXP
x-cache-hits
1, 1
cards.min.css
www.troyhunt.com/public/
23 KB
5 KB
Stylesheet
General
Full URL
https://www.troyhunt.com/public/cards.min.css?v=f948270cfd
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
630739
x-cache
HIT, HIT
status
200 OK
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
68c6d3dd55b57285666a0828dc818366, 68c6d3dd55b57285666a0828dc818366
x-served-by
cache-ams12769-AMS, cache-mxp6942-MXP
server
cloudflare
x-timer
S1656478328.958018,VS0,VE1
etag
W/"68dd49021ee6d7818c2e1e2e64ed89aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h38afV3aX6%2FK3sONScmrj42WHQ%2BnNGJEUhp20SyjOZZrO%2FlwzcXFtmVli0YRNuM0uApcHliGf1Xwz5HVx8Cvuo%2FHyqcCH95L7ib8QLsObxqqzOPO7mxCkT3tEPXC2LwkrKCxcw244MQdHWl7XJB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding, Cookie
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f3de3159d1-MXP
x-cache-hits
1, 1
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B99) /
Resource Hash
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:26 GMT
Content-Encoding
gzip
Age
539
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29459
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:12:37 GMT
Server
ECS (amb/6B99)
Etag
"5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
Logo-2.svg
www.troyhunt.com/content/images/2017/11/
4 KB
3 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2017/11/Logo-2.svg
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, MISS
status
200 OK
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
8a62fb6f2a74e1f4cdf05927ccad6e35, 8a62fb6f2a74e1f4cdf05927ccad6e35
x-served-by
cache-ams12730-AMS, cache-mxp6959-MXP
last-modified
Wed, 01 Nov 2017 08:13:50 GMT
server
cloudflare
x-timer
S1655967572.655299,VS0,VE18
etag
W/"ff3-15f76a4c508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDi2Q8aU7k5me7mwscmijvH3QLSgWxDi7rdW44FDEDtk%2FRKqpW5RSnQVkLEftpSg3WBeEzRliuSEmo71URm8VfEsNVzs1XbBVKwbvrAL46JDtTcPxbacFZ3JBMlo%2Fw9ct2fow46PrgWu28NuIuV1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding, Cookie
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f44a95bb2c-MXP
x-cache-hits
1, 0
enforce
troyhunt.report-uri.com/r/d/csp/
0
685 B
Other
General
Full URL
https://troyhunt.report-uri.com/r/d/csp/enforce
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 06 Jul 2022 12:04:26 GMT
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=63113904; includeSubDomains; preload
cf-ray
726833f41b8801f4-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3577
date
Wed, 06 Jul 2022 11:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 06 Jul 2022 13:04:49 GMT
EhmekYj1pIY
www.youtube.com/embed/ Frame DE0B
63 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/EhmekYj1pIY
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab471a5b96b472c718a413bb8ebb8f86ac2ae27705136703d36d1875e7ab99b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 06 Jul 2022 12:04:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
BlogData
bloghelpers.troyhunt.com/api/
746 B
1 KB
XHR
General
Full URL
https://bloghelpers.troyhunt.com/api/BlogData
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f22a9f54f09ca8192e3e9ed742a188a7cfc7643fd0e2804e46b7031554ac92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
709
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Jul 2022 11:52:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrt%2B6gkbSnEEW7u8TkRh94vgb2H2P258T8fsBdYzMPm62G4SAKy4YLdmqzwReVroKvUXpRt3JxQbQvqEIdRZn9ZlGQG%2B6R3XSwG8TGpp9DwUcw4F%2FMZVzZNrKS4CY1gSRKim9E2lGaeu%2BpR5F9ulmG7xVlU45Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
726833f4bb92bb2c-MXP
embed.js
troyhunt.disqus.com/
78 KB
25 KB
Script
General
Full URL
https://troyhunt.disqus.com/embed.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
98a1cceb44bfa8c67dea71686e67555be058278ae327e11ac38b6918875e9283
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:26 GMT
Content-Encoding
gzip
Server
openresty
Age
17
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25393
Cross-Origin-Resource-Policy
cross-origin
2021-03-29_17-11-30.png
www.troyhunt.com/content/images/2021/03/
384 KB
385 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2021/03/2021-03-29_17-11-30.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:26 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, MISS
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
392979
ghost-fastly
true
x-request-id
545b5b81d40e58512b732eee4fab3bdd, 545b5b81d40e58512b732eee4fab3bdd
x-served-by
cache-ams21040-AMS, cache-mxp6937-MXP
accept-ranges
bytes
last-modified
Mon, 29 Mar 2021 08:02:26 GMT
server
cloudflare
x-timer
S1655967572.801205,VS0,VE21
etag
W/"5ff13-1787d016583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI12JBII923tiQcWhSdk6D%2Br7gzADmPzF2hZXrpFWUZJ80nZVLPSolPaWuHGceRqxYpsB9cxCrmRfBJJpkS%2Fun027GV2vDutVwfsd5JaeMCzeGyPLgoMcBMYbtqLqirjhP%2FMZhjQNkei5x7RXR68"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f44ab3bb2c-MXP
x-cache-hits
1, 0
c5531bfb7d76cdaa370c7baf6053288d
www.gravatar.com/avatar/
14 KB
14 KB
Image
General
Full URL
https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 06 Jul 2022 12:04:26 GMT
last-modified
Thu, 09 Dec 2021 09:20:52 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="c5531bfb7d76cdaa370c7baf6053288d.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x>; rel="canonical"
content-length
14191
expires
Wed, 06 Jul 2022 12:09:26 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.troyhunt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3491676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf%2FTr9vYt%2FhSGJPGMwo9IFnGQKOEvbSuCN%2BZZWT%2BBiwNknQKDBcoFkJ0dN6TtMvjkBGZg4UXix5%2BTmleIthuPAK%2Bhl7tuj4psgcxe2atpiYj19%2BAr24csJLQnBYxqoulsA0Bg451gqACLY92cXIORk7p"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
726833f47cd0cc5a-ZRH
expires
Mon, 26 Jun 2023 12:04:26 GMT
0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v20/
43 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vollkorn/v20/0yb9GDoxxrvAnPhYGxkpaE0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b19babcbeb24e9aaa0dc20648896a72a76604ff6c42e9273cc5eb44a2cb0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.troyhunt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:32:46 GMT
x-content-type-options
nosniff
age
574300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43968
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 20:32:46 GMT
0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
fonts.gstatic.com/s/vollkorn/v20/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vollkorn/v20/0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18d65bf4d4f58fbf4d9ab20a305da397bfc8ef2ab3ad87f9cc512a82ddde2e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.troyhunt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 23:41:36 GMT
x-content-type-options
nosniff
age
562970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44804
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:38:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 23:41:36 GMT
image-60.png
www.troyhunt.com/content/images/2021/03/
24 KB
25 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2021/03/image-60.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, HIT
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24853
ghost-fastly
true
x-request-id
7ddf6683aebb11c2603e4d8ba0cb4a0c, 7ddf6683aebb11c2603e4d8ba0cb4a0c
x-served-by
cache-ams12777-AMS, cache-mxp6953-MXP
accept-ranges
bytes
last-modified
Wed, 31 Mar 2021 02:18:38 GMT
server
cloudflare
x-timer
S1655967572.023758,VS0,VE1
etag
W/"6115-17886135c00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wArl11n%2B%2BEBjA3UwxfbbwGGn0vaYMY2Zmqkg7514EmWVM0UW1nJehRBNr3oofIbr3Y2iOYlu3XvgXrg1UsXRwVT52Uuqg9HRmk2bjP1nhVgnEkDVKCKz3Q7oq1B7Yd%2FuUmYOVcRwc01p5abHi5RB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f50c44bb2c-MXP
x-cache-hits
1, 1
image-61.png
www.troyhunt.com/content/images/2021/03/
22 KB
23 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2021/03/image-61.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, HIT
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22256
ghost-fastly
true
x-request-id
637dd4962db713b92995e3c2fbbab59f, 637dd4962db713b92995e3c2fbbab59f
x-served-by
cache-ams21053-AMS, cache-mxp6974-MXP
accept-ranges
bytes
last-modified
Wed, 31 Mar 2021 02:19:10 GMT
server
cloudflare
x-timer
S1655967572.018761,VS0,VE1
etag
W/"56f0-1788613d7be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzZSX9hmSYo8t0qD803dIXwTUQ5Fjf1wZMnZ2bdWDT2nI2Ar415X94WLe5MJaV88MPHpD6UIQdFipFKTzvESbED68rzY2xObkVdra56r0uc0acLGD%2FIYRC6gGwpqfY99ClFQFrCVXxL1xk2RUit5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f50c48bb2c-MXP
x-cache-hits
1, 1
image-62.png
www.troyhunt.com/content/images/size/w1000/2021/03/
208 KB
209 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/size/w1000/2021/03/image-62.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, HIT
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
213055
ghost-fastly
true
x-request-id
e2430cc6957c72b117bfb324c77b574e, e2430cc6957c72b117bfb324c77b574e
x-served-by
cache-ams12730-AMS, cache-mxp6956-MXP
accept-ranges
bytes
last-modified
Wed, 31 Mar 2021 02:27:19 GMT
server
cloudflare
x-timer
S1655967572.019310,VS0,VE2
etag
W/"3403f-178861b4cef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deZpHTuSFJldGQPjoAGHuI2fQ9%2BbsOuUhXyp1UtzEHDB9CmKSdxk4Ja68xfLDzQw0f%2FTp7Rgb%2FRsHuIoETy%2FhZ4TvCdTEgvzQPZTpDQiBgV9EwulZDDEv1g1itetkRmMyqLsUt5zQOPmwLHTvHLw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f50c4dbb2c-MXP
x-cache-hits
1, 1
image-42.png
www.troyhunt.com/content/images/size/w1000/2021/03/
15 KB
16 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/size/w1000/2021/03/image-42.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e4e4a366c75566ae01490b743331b04e0c3b6cdb0010d9f9c44ea8f6fc04f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, HIT
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15703
ghost-fastly
true
x-request-id
cea6cc39c7218e64bd240408a9c2f278, cea6cc39c7218e64bd240408a9c2f278
x-served-by
cache-ams21022-AMS, cache-mxp6949-MXP
accept-ranges
bytes
last-modified
Mon, 29 Mar 2021 07:17:54 GMT
server
cloudflare
x-timer
S1655967572.021299,VS0,VE1
etag
W/"3d57-1787cd89ecb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEldMSkU89Pn9WR8jDCh7L%2F%2FKo8Lrcc14MuAON12nK9JDweWrBoZj26NTmQMzYUzQ6QM0iBjNUGgD2N3zrr4p3k8OO5K%2BAhk1QpVGx5P%2B4rXqcV8qjQaEnL16JLjKPRTX5A8OheYcPoyto1Fhq1u"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f50c53bb2c-MXP
x-cache-hits
1, 1
image-39.png
www.troyhunt.com/content/images/size/w1000/2021/03/
24 KB
25 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/size/w1000/2021/03/image-39.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4a3546094b441918fadccc1be997aa401490b83c733fb5bfb3555865bf52dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1141495
x-cache
HIT, HIT
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24477
ghost-fastly
true
x-request-id
fcd1cf978fa014a6956ddf4f738e51c1, fcd1cf978fa014a6956ddf4f738e51c1
x-served-by
cache-ams12765-AMS, cache-mxp6930-MXP
accept-ranges
bytes
last-modified
Mon, 29 Mar 2021 07:17:54 GMT
server
cloudflare
x-timer
S1655967572.023994,VS0,VE1
etag
W/"5f9d-1787cd89ed0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfSQx8KMAyAGe%2FuFMVw61rqUEx1U2D%2BLfn5ijjnj%2BoELg13X6sR1L7cQEb%2BWp25EljjyBAJ46xWSaRjzFSBd6Rg2ja%2B4PgzE%2BFtyBeS3b7dCio7IkmLfb%2B%2Fo%2Bk%2F77Eot0wIawD9nXHVe4UCRNk1p"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Cookie, Accept-Encoding
cache-control
public, max-age=31536000
ghost-cache
MISS
cf-ray
726833f50c56bb2c-MXP
x-cache-hits
1, 1
www-player.css
www.youtube.com/s/player/0e7373c2/ Frame DE0B
339 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/0e7373c2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 10:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
5315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47687
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 06 Jul 2023 10:35:52 GMT
www-embed-player.js
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame DE0B
302 KB
93 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
97783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95369
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 05 Jul 2023 08:54:44 GMT
base.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame DE0B
2 MB
556 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16bd75e506b6109e4f50ea8e0b221b1c405be69c0073700247ce7a780e545c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
466800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569701
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Jul 2023 02:24:27 GMT
fetch-polyfill.js
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame DE0B
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 05:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
282649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jul 2023 05:33:38 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1023262850&t=pageview&_s=1&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&ul=en-us&de=UTF-8&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2064304659&gjid=2050863227&cid=1067589953.1657109067&tid=UA-10949399-1&_gid=1110557093.1657109067&_r=1&_slc=1&z=1532172147
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:04:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.troyhunt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html
platform.twitter.com/widgets/ Frame 8E96
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.troyhunt.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
54592
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 12:04:27 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Jun 2022 18:01:40 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B9D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE0B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 11:18:05 GMT
x-content-type-options
nosniff
age
89182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 11:18:05 GMT
lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/
0
26 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26078
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-65de"
content-type
text/css; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
WEIXllsuD_eIfEbq-o9MsvSbllRcALh8zdU0Wpe2Oz6XQogQeEdY2A==
x-cache-hits
0
common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94755
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-17223"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
SG2i0h8iBl9HLsYwlUQDeTeFOd0GcN5rvSXg9XBc8q4ATslLWfL1rw==
x-cache-hits
0
lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/
0
121 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2832645
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123109
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1e0e5"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
cfaZ8BtLjpWKfLJ8AwFMX2lLSHEcLHTkpy5h-gzFQYeDS2UNn6OAvQ==
x-cache-hits
0
config.js
disqus.com/next/
0
16 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
12
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15596
X-XSS-Protection
1; mode=block
enforce
troyhunt.report-uri.com/r/d/csp/ Frame 9271
0
700 B
Other
General
Full URL
https://troyhunt.report-uri.com/r/d/csp/enforce
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=63113904; includeSubDomains; preload
cf-ray
726833f5de010211-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
recommendations.js
troyhunt.disqus.com/
64 KB
21 KB
Script
General
Full URL
https://troyhunt.disqus.com/recommendations.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
3fefd6344894b8bd4624db6f7a61981b118238a8877023e5f96b0804b8c4ed04
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21275
Cross-Origin-Resource-Policy
cross-origin
/
www.troyhunt.com/members/api/site/
2 KB
2 KB
Fetch
General
Full URL
https://www.troyhunt.com/members/api/site/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7837d484887511c41986fb59a5d48849873733069ebcc0b2757962a447437d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT, HIT
status
200 OK
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
ba2123cd07149f6a60a530dc449231b5, ba2123cd07149f6a60a530dc449231b5
x-served-by
cache-ams21056-AMS, cache-mxp6976-MXP
server
cloudflare
x-timer
S1657109067.202219,VS0,VE0
etag
W/"846-2zyoc5BDV2Rz/DrRtbHlnF/jzYk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3o%2F%2F6kDK%2Fhg05l15q92QEhX5ATgLhgHpyNcNqqEJKNhsCEo%2BchMDkre5ePehKYj7NKY3xPUyK1ZfQhEkDhrYKqhYCANfACjjIA43tB2psvHgFEnQyx1AjPbEdFh5NS5w5MFwe24V83alkJMDSwu"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding, Cookie
cache-control
no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache
MISS
cf-ray
726833f5ee36bb2c-MXP
x-cache-hits
1, 40
/
www.troyhunt.com/members/api/member/
0
0
Fetch
General
Full URL
https://www.troyhunt.com/members/api/member/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
76376
date
Wed, 06 Jul 2022 12:04:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"default","max_age":10886400}
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
x-cache
MISS, MISS
status
204 No Content
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly
true
x-request-id
1337ded6e3ba22caffb7cb1e489c2823, 17d21dc629e036e1f56624c6d168eb97
x-served-by
cache-ams21081-AMS, cache-mxp6942-MXP
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-timer
S1657109067.204816,VS0,VE25
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-origin
*
vary
Cookie, Accept-Encoding
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
ghost-cache
HIT
cf-ray
726833f5ee37bb2c-MXP
x-cache-hits
0, 0
collect
stats.g.doubleclick.net/j/
1 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10949399-1&cid=1067589953.1657109067&jid=2064304659&gjid=2050863227&_gid=1110557093.1657109067&_u=IEBAAEAAAAAAAC~&z=708349270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 06 Jul 2022 12:04:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.troyhunt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 8E96
580 B
541 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=7576b0485db66d8450b38a78e1ffebb3321ba6dd
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.troyhunt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
106
date
Wed, 06 Jul 2022 12:04:26 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 12:04:27 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
abd58b14bbf817fdc6615320478db4a993db4a3ce1d4e4503383f80d70b43b78
content-length
260
id
googleads.g.doubleclick.net/pagead/ Frame DE0B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0517caaf9c8e7fa5843e37bf3d380761d81e8699cd0eeccfa59b174768d1018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:04:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame DE0B
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:49:42 GMT
x-content-type-options
nosniff
age
885
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Jul 2022 12:04:42 GMT
/
disqus.com/embed/comments/ Frame B1BA
105 KB
19 KB
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6aa858b52c4ce33f314b473585f03727144d3396580949f859db4d227468c5d
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
5
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
18250
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 06 Jul 2022 12:04:27 GMT
ETag
W/"lounge:view:8455005378.61ecac5dd33b231d9aa901aa50875ba8.2"
Last-Modified
Mon, 13 Jun 2022 18:29:28 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 06 Jul 2022 12:04:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DE0B
63 KB
29 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b445f98013e879165ac485eddb8cd23da30fa5bc429bab3e1c99341716e7c7c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29755
x-xss-protection
0
remote.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame DE0B
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7cc06a08320a714a331f843708a667aa53ac4962e45cc89a1ac7e02d8e59753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:24:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
466799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37799
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Jul 2023 02:24:28 GMT
tRh46bwZLsMw15MswWgbKEMYCUT3M55WmlHUIyt1un8.js
www.google.com/js/th/ Frame DE0B
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/tRh46bwZLsMw15MswWgbKEMYCUT3M55WmlHUIyt1un8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b51878e9bc192ec330d7932cc1681b2843180944f7339e569a51d4232b75ba7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 17:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
326965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13790
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 09:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 02 Jul 2023 17:15:02 GMT
embed.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame DE0B
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
133a0196abac3c595767baee508cd6d237e432c7b2ff39b4f5a7aa47d93ef6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
466790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8109
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Jul 2023 02:24:37 GMT
truncated
/ Frame DE0B
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRW-3GT3K3y8eN13owym5eqq80dmAnajJjLjkWf0w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DE0B
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLRW-3GT3K3y8eN13owym5eqq80dmAnajJjLjkWf0w=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:44:21 GMT
x-content-type-options
nosniff
age
1206
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2971
x-xss-protection
0
server
fife
etag
"v452"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 10:15:26 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/EhmekYj1pIY/ Frame DE0B
47 KB
47 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/EhmekYj1pIY/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:47:18 GMT
x-content-type-options
nosniff
age
1029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47972
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 06 Jul 2022 13:47:18 GMT
lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
c.disquscdn.com/next/embed/ Frame B1BA
958 B
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2832644
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
496
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1f0"
content-type
application/javascript; charset=utf-8
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:43 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
InRD69U0Yhihjl7oqbRPecCyVakjtkWdP-SMDo0Wv1uQKrKUy4jkQA==
x-cache-hits
0
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/
0
3 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717450
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-ba2"
content-type
text/css; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
BsY1AjqptraBL_a465xYW7v1j0hGjHfgv_dsWhMduYz9PJAXQbkiLw==
x-cache-hits
0
common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/
0
87 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88804
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-15ae4"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
19mJQhesdMVYJkyCjJvdclu18-mRKEHBBnmqP_nAAAZWgIPBpbnogQ==
x-cache-hits
0
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/
0
20 KB
Other
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717450
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
z64qZsgvA7bO6QxUV92Ry0arGKBIfQy7b2M8cP-DO1JP-yWF6n96gA==
x-cache-hits
0
enforce
troyhunt.report-uri.com/r/d/csp/ Frame A5E1
0
665 B
Other
General
Full URL
https://troyhunt.report-uri.com/r/d/csp/enforce
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=63113904; includeSubDomains; preload
cf-ray
726833f7383d0211-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
tweet.45758a9d6fd14fe4ebd62b2170932592.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/tweet.45758a9d6fd14fe4ebd62b2170932592.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB5) /
Resource Hash
4d64259e1efa5608b9da553ac10da15df5717d41e66fc25cada5a83697b72bed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2690
x-tw-cdn
VZ
Last-Modified
Thu, 02 Jun 2022 18:01:33 GMT
Server
ECS (amb/6BB5)
Etag
"e4bf092baf573285fddcbcaa6197634d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
generate_204
www.youtube.com/ Frame DE0B
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?N5r3kw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/EhmekYj1pIY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame DE0B
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Jul 2022 12:04:27 GMT
common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ Frame B1BA
282 KB
93 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.cfefa856cbcd7efb87102e7242c9a829.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94755
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-17223"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
joCd4RmddjyDj5HassZE_sXv-cl58yqlass6JpRCaVEIye0xMI6zAw==
x-cache-hits
0
/
disqus.com/recommendations/ Frame 710F
5 KB
3 KB
Document
General
Full URL
https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8620bba8374272bedadac61bab37c06ae3c76e642ffcae7fd149d4f73ab42e82
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
113
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2341
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 06 Jul 2022 12:04:27 GMT
Last-Modified
Tue, 24 May 2022 17:47:51 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
enforce
troyhunt.report-uri.com/r/d/csp/ Frame 3017
0
0

Tweet.html
platform.twitter.com/embed/ Frame 3017
406 B
953 B
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash
1f7c168874f03d4ca0529cc8034e427f76bfb0e7df6fd1be698e04563f3233fb

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1395
Cache-Control
public, max-age=1800
Content-Length
406
Content-Type
text/html; charset=utf-8
Date
Wed, 06 Jul 2022 12:04:27 GMT
Etag
"9b35b2a0e957b11b91fb497037bd439f"
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BA4)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/
43 B
357 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22experiment_key%22%3A%22tfw_tweet_result_migration_13979%22%2C%22bucket%22%3A%22tweet_result%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221040634067018895360%22%5D%2C%22item_details%22%3A%7B%221040634067018895360%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1657109067509%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_tweet_result_migration_13979%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7576b0485db66d8450b38a78e1ffebb3321ba6dd
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Wed, 06 Jul 2022 12:04:27 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
abd58b14bbf817fdc6615320478db4a993db4a3ce1d4e4503383f80d70b43b78
x-transaction
01447257bad79706
expires
Tue, 31 Mar 1981 05:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame DE0B
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 15:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 06 Jul 2022 15:37:23 GMT
lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame B1BA
165 KB
26 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26078
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-65de"
content-type
text/css; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
iHWKrZroRLzy8oByJbVxpOim7YGkwJrzVDgyQuX60QtOhhsMUeF-KQ==
x-cache-hits
0
embed.runtime.98eb02c4936ded6ea33d.js
platform.twitter.com/embed/ Frame 3017
8 KB
4 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
b13fb6225e4fdbc689a8b7a2021e19a2ba8e3c6648f8e0bd4027562465951950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
3365
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B74)
Etag
"1f5ce68d18814e6b5987dbb609190aec+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.cfee4b331d0f780ab748.js
platform.twitter.com/embed/ Frame 3017
494 KB
161 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.modules.cfee4b331d0f780ab748.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8F) /
Resource Hash
a9a0e9a447d98ac39f6bb55d3c3a116298bff15177f4ffe66bcb55e28736d091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54592
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
164776
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B8F)
Etag
"4df3d4d71a8ccc3f478302dad028545b+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.045a11cf6fab3519a120.js
platform.twitter.com/embed/ Frame 3017
16 KB
6 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.Tweet.045a11cf6fab3519a120.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B91) /
Resource Hash
8460f1910d2358464d1e9fae2ed06cb32a6ac58f8bcdc9511c0d70aa5925b4ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
6036
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B91)
Etag
"6394ec2c50cb6eccfc23f1ec8cd81e24+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
c.disquscdn.com/next/embed/ Frame B1BA
476 KB
121 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 17:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2832645
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123109
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 03 Jun 2022 17:03:15 GMT
server
nginx
etag
"629a3ed3-1e0e5"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Sat, 03 Jun 2023 17:13:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
nSKkSsQfYdEAmZOZPWatTbKQmVNG9o5X9Mx9gl4TaAgED3FoxipgRQ==
x-cache-hits
0
config.js
disqus.com/next/ Frame B1BA
15 KB
16 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0437b7ece4404a56371201276c845647abf9d508ac76511861d206bec115b6d2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
13
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15596
X-XSS-Protection
1; mode=block
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DE0B
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a28d9077d52e2ad3913c50e3e3b1ce792901a63f42cff08eb3d063f431c8f098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 06 Jul 2022 12:04:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
c.disquscdn.com/next/recommendations/ Frame 710F
923 B
1 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
446
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-1be"
content-type
application/javascript; charset=utf-8
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
-FEyWekIUPkMst5bA8l7cgMCULKKeH0h5qnpfQCAxanWlSgt9pyc5w==
x-cache-hits
0
embed.vendors~ondemand.horizon-web.i18n.ar-js~ondemand.horizon-web.i18n.ar-x-fm-js~ondemand.horizon-web.i1~98d47477.ee8d9301eaeed83932c3.js
platform.twitter.com/embed/ Frame 3017
20 KB
7 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.i18n.ar-js~ondemand.horizon-web.i18n.ar-x-fm-js~ondemand.horizon-web.i1~98d47477.ee8d9301eaeed83932c3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B99) /
Resource Hash
97dafbf46ab5a039bdf636eb94ab194fb4bcdac519a124dac55d88ca0c4fe4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
6794
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B99)
Etag
"fff2061e4ea2484dc02f1b6f8ad5d847+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.d61db963ee91797d53b7.js
platform.twitter.com/embed/ Frame 3017
3 KB
2 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.d61db963ee91797d53b7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAC) /
Resource Hash
7458466f80821ce3887d1a12256597aefffb5e8c2579fb44cc11773052d5edd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
1288
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6BAC)
Etag
"c2663afa674842210c1a657bf57ef129+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.horizon-web.i18n.en-js.faa0ac75c35ed12cb7c1.js
platform.twitter.com/embed/ Frame 3017
35 KB
12 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.i18n.en-js.faa0ac75c35ed12cb7c1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAE) /
Resource Hash
f7f32ffe3920aec33a2944cee8f1ed146ac862d52560bfa792242890138f12be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
11291
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6BAE)
Etag
"0d8642c7d539690c4fbe9254508b220a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
details
disqus.com/api/3.0/forums/ Frame B1BA
3 KB
3 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4070b989b41ff9599736b5fe68a32cbceccf17dc3277bfd005a9f9c449c66246
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
96
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3090
X-XSS-Protection
1; mode=block
common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ Frame 710F
262 KB
87 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
88804
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-15ae4"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
6a9uTjI87RTenROrODLyw1npaYqt5Jx4evQTX2VEFFYJliEhXk-7NA==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame B1BA
3 KB
3 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3717450
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vJR83RNIC_5jXHQOpha5bH5oPGfLNq9MEmTRrkYfYeMaN5Ou2NRyww==
x-cache-hits
0
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3717450
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-6e3"
content-type
image/png
access-control-allow-origin
*
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JKwxUP4d0EaVxNz-dXah_8m8_N8odmS_heAs_cMhMm4mLAys97fb7Q==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame B1BA
8 KB
8 KB
Font
General
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
via
1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3717450
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
n4gcvLm9HGzQkoUsFi7ICHdiXjH_1pucBRXxFuBohzdBrzX0DAeZLw==
x-cache-hits
0
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
event.gif
referrer.disqus.com/juggler/ Frame B1BA
43 B
339 B
Image
General
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=301&event=init_embed&thread=8455005378&forum=troyhunt&forum_id=621325&imp=6idulsv3ih06j7&thread_slug=using_the_coinhive_domain_to_fight_cryptojacking_and_do_good_things_with_content_security_policies&user_type=anon&referrer=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
embed.vendors~ondemand.Tweet.618716ac3ce413edf13d.js
platform.twitter.com/embed/ Frame 3017
658 KB
181 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.618716ac3ce413edf13d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
c0e4e0200406e5bd0cce86d584b2dcba87f37b9167728aa2c8a4704a369a5e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
Content-Encoding
gzip
Age
54593
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
184945
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B77)
Etag
"da17f82d76fd24d0137d9e9270953663+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.284866466228efe62763.js
platform.twitter.com/embed/ Frame 3017
80 KB
18 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.284866466228efe62763.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8D) /
Resource Hash
5709fb44c9c9fcf011bb410edbfd49bbf85e0c61f1dfe0219aaae0ff117abc16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
Content-Encoding
gzip
Age
54594
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
17714
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B8D)
Etag
"830e6e0db686d3b38a7a0c1f57c4b893+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 710F
14 KB
3 KB
Stylesheet
General
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-ba2"
content-type
text/css; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
oi9_OxAluwcAb-rT-D3TWmF_yweB51qFrYq2Je-_dnpjCVyAqFPFfw==
x-cache-hits
0
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ Frame 710F
65 KB
20 KB
Script
General
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717451
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 10 May 2022 13:06:19 GMT
server
nginx
etag
"627a634b-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
expires
Wed, 24 May 2023 11:26:57 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
kb4S5VeJllrCEsMXq_aTgWAIrkRFfjm7L2qSu5RN3GL5Mslz7nfJIg==
x-cache-hits
0
config.js
disqus.com/next/ Frame 710F
15 KB
16 KB
Script
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0437b7ece4404a56371201276c845647abf9d508ac76511861d206bec115b6d2
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
13
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
15596
X-XSS-Protection
1; mode=block
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
embed.ondemand.Dropdown.2591641f5e66f4941af4.js
platform.twitter.com/embed/ Frame 3017
5 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/embed/embed.ondemand.Dropdown.2591641f5e66f4941af4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.98eb02c4936ded6ea33d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8C) /
Resource Hash
b5df726f5d10d887a4330c48e021963f72de987c61e14f13278c514cf7068aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
Content-Encoding
gzip
Age
54124
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2211
x-tw-cdn
VZ
Last-Modified
Tue, 05 Jul 2022 20:42:48 GMT
Server
ECS (amb/6B8C)
Etag
"b2c77b4a4e7f219ec55c0bee0a376874+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
details
disqus.com/api/3.0/forums/ Frame 710F
3 KB
3 KB
XHR
General
Full URL
https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4070b989b41ff9599736b5fe68a32cbceccf17dc3277bfd005a9f9c449c66246
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
96
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3090
X-XSS-Protection
1; mode=block
tweet-result
cdn.syndication.twimg.com/ Frame 3017
2 KB
2 KB
XHR
General
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_tweet_edit_backend%3Aoff%3Btfw_refsrc_session%3Aoff%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aoff%3Btfw_user_follow_intent_14406%3Afollow%3Btfw_tweet_edit_frontend%3Aoff&id=1040634067018895360&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.cfee4b331d0f780ab748.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6287) / Express
Resource Hash
60e3817f5d28893bf54f65f444e8b773a2d28cdd7887ffa61e127864d1d0a672
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"773-HMyEvJgqJYJRGoPDpIJRKAE21b4"
age
17
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=7
strict-transport-security
max-age=631138519
content-length
817
x-xss-protection
0
x-response-time
145
last-modified
Wed, 06 Jul 2022 12:04:11 GMT
server
ECS (lhb/6287)
x-frame-options
SAMEORIGIN
date
Wed, 06 Jul 2022 12:04:28 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
d72fec602c29e4d74dbd47e02d3ed8c3b2ae8efe4d7bc01c358f40562659b404
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
noavatar92.png
a.disquscdn.com/1647409581/images/ Frame B1BA
2 KB
2 KB
Image
General
Full URL
https://a.disquscdn.com/1647409581/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.39ef974e33e97bdc315c595632f05d3c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
1524644
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
CDG50-C2
content-length
1644
x-amz-cf-id
hiz3X0qG8UnWAOOkXmU9HM2wK7X6-NQiXCKGhSFKE8S_OXo-ycwDqQ==
expires
Mon, 18 Jul 2022 20:33:44 GMT
jot
syndication.twitter.com/i/ Frame 3017
43 B
170 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1657109068316%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22b45a03c79d4c1%3A1654150928467%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22troyhunt%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22troyhunt%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b58a13fac6ae1%3A1656694988201%22%2C%22item_ids%22%3A%5B%221040634067018895360%22%5D%2C%22item_details%22%3A%7B%221040634067018895360%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Wed, 06 Jul 2022 12:04:28 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
abd58b14bbf817fdc6615320478db4a993db4a3ce1d4e4503383f80d70b43b78
x-transaction
b560e003642b6903
expires
Tue, 31 Mar 1981 05:00:00 GMT
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 710F
7 KB
7 KB
XHR
General
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=troyhunt&thread=url%3Ahttps%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00674684c565f2063f4588158523f319ac873ae94f48e520d99b6ee21575f435
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 12:04:28 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
184
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
7041
X-XSS-Protection
1; mode=block
get
c.disquscdn.com/ Frame 710F
16 KB
17 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F02%2Fgreen-bar-iso.png&key=BmtLSleAxaJY_VxQoBx1qw&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
739c422c7bc097749c42bcdb10cd9fcd93c7204987d7ad0808b27310ac95eb51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
24258
date
Tue, 14 Jun 2022 07:50:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1916045
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
16793
ghost-fastly
true
x-served-by
static-web-2
ghost-cache
HIT
expires
Thu, 14 Jul 2022 07:50:23 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T55gu9SCEPg1EcMfxRsOMWPU%2FkBQ3O7ZAHTNiNS1oTZxD6mKIv4Si9JgI%2FYEmuYDWtK8yt1uQiwPSqwbsvaWbwiQqcMSjq5NJs7DO3JXc80hXbq9vJykQWrpRdCVvITfOiZY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
m8dMvGHFZ0-786uftLC-KC9lIhhgV7G87H2pF_EWVI1vyffwlPsvCg==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
35 KB
36 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F01%2FTroys-Mega-Azure-Bandwidth-Bill.png&key=H5LEM4H1_WXxCI344CqwKg&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5975950b0851b31b587a28cb6fe6bcb4eda91f356e9be259704aa797783ab94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Thu, 23 Jun 2022 14:59:43 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1112685
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
35535
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Sat, 23 Jul 2022 14:59:43 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz86Ru8MTSXiKejbcncOtT9xaKPiQHbQJ%2BI1%2BccMEKjyJFLVoz58UXKoDT9duUC4QKB%2FNqsT5YovQpgHb%2BQo6xZ1KxW6svxMr5A7KELUuaBPuWyxdx5b%2FEnNgYsVoYi%2FnTYD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
kEj6Jhr_Ws11I_4GfrX1V_jBBLGntBSn6X6jjzcr2rxkYY7rJhcg6w==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
768 B
2 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F06%2FArtboard-1.png&key=kImrQHxYkegG4c5HzmyYEA&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
20b09bfac128d25a41c3c638757958e390f5a78a093c70a68b663ab6ccaff27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Mon, 04 Jul 2022 10:17:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190327
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
768
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Wed, 03 Aug 2022 10:17:23 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CX91uHw9G3QTEIodP8ncKkdbaLdSaRuFe%2FUOVYwnDsUCthuBjxzghifpd8r8YezUv0Q2tUj03k%2BuPlTi8pVov8N9excpEpIAytBgRxL%2FQ8kPsXu3wOTgSbhjBRF5ks36UJe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
OGDlkJfgooe-ZWBp4D7YPKf9JVPu2uXXeTrRWGZV9FCvvi5Nmx1Efw==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
766 B
2 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F05%2FArtboard-1.png&key=p6Z75-f1beM6fhbMoPET6A&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
13c7b28c37b904487bbb8c5eaf5eec02d37f29023a928ccf8e28ab0efe37479b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 06 Jul 2022 00:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
983275
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
766
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Fri, 05 Aug 2022 00:28:07 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuagK3bKtgq%2BbiSLn7eYyAW7QL9MGyFRcGKxqlTL7KHlTMJkt5oDnUqRfhPkGOCxdUiNor4dtenQwNcO%2BSgOpj%2FOSBmaCKm7P0l6jLxBUpR6dWHhVQn3RjdYk1lb%2FewziMtD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
Jh7Wtfv0zHOSPvJv_ZOHWL0pp94Gy2wkrOiXpF4LPzrkEvpHYRlFNw==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
62 KB
63 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F04%2FAvvo-Extortion-Email.png&key=GPgaCVfboRBy7p1zVQy5Eg&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
624f42dd5765e2a9a1d2caaded46af6a48e482d1874cbca48fc657dc4b65d627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Thu, 09 Jun 2022 15:29:29 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2320499
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
63863
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Sat, 09 Jul 2022 15:29:29 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAJsvymDxqy1uSfPFW5Cg%2BsT%2FAlz1d18V6ZcY5uMg%2Flk94PSQdvkpxhyeG3kKcQDXlT5z%2B3Dfi9HD4cci%2F1zYtr%2FzDBI8akQVGA2Xb6MPs%2BKbcNaPpcF2LTjVautH4TgOcBl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
kaWjLEWTaHBAQPDT8rxXVMkeFi66HYQfVV6UqpDB-8ZIk7VZ-ra3bw==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
10 KB
11 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F03%2FSplash-Template-3.jpg&key=hSAxr1HjSe4fTTKBQmdYDw&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e5f6611b40478952ace0197006c5df950a84fc19bfd8af85817126c0f252ade0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Wed, 08 Jun 2022 09:20:55 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2570833
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
9795
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Fri, 08 Jul 2022 09:20:55 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AISXu9u8dW5TdV1WAxMIGFFAVlVyGQ0N9FNRKqKt0ShMFdMLFiyo5EEjACIHoWmR2j8emtzv4d%2F%2FzdodxW60ULvdKBfoIWBQbIr4OJBRqGS%2BMK38E0o%2BiBCUpJrSfzlld6D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
58jI6lp_VShYYAojo4ewK3FzYevTtJLfNkKKtmSdzY_Je5VJjdapww==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
5 KB
6 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F03%2FHIBP-Banner.jpg&key=ExWs3zK6cA0Dyi4ARrPyvw&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9ccc6324cd68f01ad7b88bcdf809aea432859be912c16aecf8097a93f715b95f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
45000
date
Tue, 28 Jun 2022 15:43:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1388552
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
4675
ghost-fastly
true
x-served-by
static-web-2
ghost-cache
HIT
expires
Thu, 28 Jul 2022 15:43:23 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMjie94wNQuJORzPIPcm7kMbeA5lT47oe1oWu4s3S6YbZf%2BCV6NvaRYTottlLpvR%2Fqkp4LD9guaQk1WX6H9cwvT%2BIwXTMfpRhsFgQOYzTwUepoTc4x%2FBuQk%2BQkOQLX5OVd05"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
cH2UcmgGE51pYjEx9mzcyQrSg4wspNyWAJP09FDUY-u_4zl_njdftg==
x-cache-hits
0
get
c.disquscdn.com/ Frame 710F
19 KB
20 KB
Image
General
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2021%2F12%2FSplash-Template-3.jpg&key=7w1h-TfRjorBnvA5ZpMKiw&h=200
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8c7215b7fcb75a9076da58dda95a67859584d59056d87be781417e7c3324f21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ghost-age
0
date
Thu, 09 Jun 2022 00:33:30 GMT
via
1.1 varnish, 1.1 varnish, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2374258
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status
200 OK
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
19095
ghost-fastly
true
x-served-by
static-web-1
ghost-cache
MISS
expires
Sat, 09 Jul 2022 00:33:30 GMT
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXUubRI%2FV%2FP4OTSA8LOzuZn5W0Ay89bVsgf9b8WVmeWZwJ1YcZqHI9kNnv2Qt2YsIb9pjthz9aw8MEdv9ugoFWRQzj4Kk7KlBQlilUSLSGf5CZc8XuF6Y3UeDsvhxdHPlyZG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
d_R33iy8sfB6lfq8crb5RTYtLlyemtPQiQNswKvMD6oMsiMxXYDivQ==
x-cache-hits
0
RxIZwxXx_normal.jpg
pbs.twimg.com/profile_images/824723579602403330/ Frame 3017
2 KB
2 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/824723579602403330/RxIZwxXx_normal.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=7576b0485db66d8450b38a78e1ffebb3321ba6dd&siteScreenName=troyhunt&theme=light&widgetsVersion=b45a03c79d4c1%3A1654150928467&width=550px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
x-content-type-options
nosniff
age
501490
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
2035
x-response-time
115
surrogate-key
profile_images profile_images/bucket/8 profile_images/824723579602403330
last-modified
Thu, 26 Jan 2017 20:57:58 GMT
server
ECS (amb/6B8E)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
da5953f91bb2876ab7bdaa5bb74128c7ae3ca80122fcd829ef6c29a1f558789f
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
enforce
troyhunt.report-uri.com/r/d/csp/ Frame BED3
0
665 B
Other
General
Full URL
https://troyhunt.report-uri.com/r/d/csp/enforce
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 06 Jul 2022 12:04:28 GMT
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=63113904; includeSubDomains; preload
cf-ray
726833ffad3d0211-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame DE0B
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/EhmekYj1pIY
X-YouTube-Client-Version
1.20220629.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgthVWxaUG1rRjVTQSjK9JWWBg%3D%3D
X-YouTube-Ad-Signals
dt=1657109067194&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C930%2C480&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 06 Jul 2022 12:04:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 06 Jul 2022 12:04:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
troyhunt.report-uri.com
URL
https://troyhunt.report-uri.com/r/d/csp/enforce

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga function| showUnsponsored function| showNoEvents function| showSponsor function| showEvents object| xmlhttp string| url function| disqus_config function| reCaptchaSolved function| closeFloatingSubscribe object| floating_subscribe object| closeElement object| subscribeElement object| classie object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| DISQUS function| disqus_recommendations_config object| regeneratorRuntime object| __SENTRY__ object| DISQUS_RECOMMENDATIONS

8 Cookies

Domain/Path Name / Value
.cnhv.co/ Name: ARRAffinity
Value: 03162c5fb5bcdbeba70ac60be15b5262381392b93b18ebea9a3965fdf0c88c55
.youtube.com/ Name: YSC
Value: 5BOS65g81T8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: aUlZPmkF5SA
.troyhunt.com/ Name: _ga
Value: GA1.2.1067589953.1657109067
.troyhunt.com/ Name: _gid
Value: GA1.2.1110557093.1657109067
.troyhunt.com/ Name: _gat
Value: 1
disqus.com/ Name: __jid
Value: 6idumc3bjrksl
.disqus.com/ Name: disqus_unique
Value: 6idumie3g7eb4m

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
bloghelpers.troyhunt.com
c.disquscdn.com
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cnhv.co
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
troyhunt.disqus.com
troyhunt.report-uri.com
unpkg.com
www.google-analytics.com
www.google.com
www.gravatar.com
www.gstatic.com
www.troyhunt.com
www.youtube.com
yt3.ggpht.com
troyhunt.report-uri.com
104.244.42.72
151.101.128.134
199.232.192.134
199.232.198.49
2600:9000:2315:8400:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:3030::ac43:ddf5
2606:4700:3032::6815:2e06
2606:4700:3033::6815:355c
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6811:b858
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a04:fa87:fffe::c000:4902
00674684c565f2063f4588158523f319ac873ae94f48e520d99b6ee21575f435
0437b7ece4404a56371201276c845647abf9d508ac76511861d206bec115b6d2
0ca584423385387f7fd16ae6c62079f43d381881df869c02e9228c46ec203583
0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
133a0196abac3c595767baee508cd6d237e432c7b2ff39b4f5a7aa47d93ef6fe
13c7b28c37b904487bbb8c5eaf5eec02d37f29023a928ccf8e28ab0efe37479b
16bd75e506b6109e4f50ea8e0b221b1c405be69c0073700247ce7a780e545c9c
16ea11a0622f9e8baa63399c68c725780ca7ef3cdd1d1a2dbad3361eb8658ff6
18d65bf4d4f58fbf4d9ab20a305da397bfc8ef2ab3ad87f9cc512a82ddde2e45
1f7c168874f03d4ca0529cc8034e427f76bfb0e7df6fd1be698e04563f3233fb
20b09bfac128d25a41c3c638757958e390f5a78a093c70a68b663ab6ccaff27b
234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3fefd6344894b8bd4624db6f7a61981b118238a8877023e5f96b0804b8c4ed04
4070b989b41ff9599736b5fe68a32cbceccf17dc3277bfd005a9f9c449c66246
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d64259e1efa5608b9da553ac10da15df5717d41e66fc25cada5a83697b72bed
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0
5709fb44c9c9fcf011bb410edbfd49bbf85e0c61f1dfe0219aaae0ff117abc16
60e3817f5d28893bf54f65f444e8b773a2d28cdd7887ffa61e127864d1d0a672
624f42dd5765e2a9a1d2caaded46af6a48e482d1874cbca48fc657dc4b65d627
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa
739c422c7bc097749c42bcdb10cd9fcd93c7204987d7ad0808b27310ac95eb51
7458466f80821ce3887d1a12256597aefffb5e8c2579fb44cc11773052d5edd0
77f22a9f54f09ca8192e3e9ed742a188a7cfc7643fd0e2804e46b7031554ac92
7837d484887511c41986fb59a5d48849873733069ebcc0b2757962a447437d5a
79178481c1d1ab6798f68fb68f05045d45e6da72ac7a146feb2440de4f7d35c6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8460f1910d2358464d1e9fae2ed06cb32a6ac58f8bcdc9511c0d70aa5925b4ac
857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900
8620bba8374272bedadac61bab37c06ae3c76e642ffcae7fd149d4f73ab42e82
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
8c7215b7fcb75a9076da58dda95a67859584d59056d87be781417e7c3324f21d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97dafbf46ab5a039bdf636eb94ab194fb4bcdac519a124dac55d88ca0c4fe4bd
98a1cceb44bfa8c67dea71686e67555be058278ae327e11ac38b6918875e9283
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
9ccc6324cd68f01ad7b88bcdf809aea432859be912c16aecf8097a93f715b95f
a0517caaf9c8e7fa5843e37bf3d380761d81e8699cd0eeccfa59b174768d1018
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28d9077d52e2ad3913c50e3e3b1ce792901a63f42cff08eb3d063f431c8f098
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a9a0e9a447d98ac39f6bb55d3c3a116298bff15177f4ffe66bcb55e28736d091
ab471a5b96b472c718a413bb8ebb8f86ac2ae27705136703d36d1875e7ab99b5
ab4a3546094b441918fadccc1be997aa401490b83c733fb5bfb3555865bf52dc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b13fb6225e4fdbc689a8b7a2021e19a2ba8e3c6648f8e0bd4027562465951950
b445f98013e879165ac485eddb8cd23da30fa5bc429bab3e1c99341716e7c7c3
b51878e9bc192ec330d7932cc1681b2843180944f7339e569a51d4232b75ba7f
b5df726f5d10d887a4330c48e021963f72de987c61e14f13278c514cf7068aae
b7cc06a08320a714a331f843708a667aa53ac4962e45cc89a1ac7e02d8e59753
b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520
b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322
c0e4e0200406e5bd0cce86d584b2dcba87f37b9167728aa2c8a4704a369a5e51
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8f5ea74cdfddd9e71f504bac4a98d225762769d69ad0b5a9ebee8216ddc1628
c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069
caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e4e4a366c75566ae01490b743331b04e0c3b6cdb0010d9f9c44ea8f6fc04f5
e5f6611b40478952ace0197006c5df950a84fc19bfd8af85817126c0f252ade0
e7c053aa439dd2bb56d823101047cb9fad99b2b4963e036af632ad0a662099d4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1b19babcbeb24e9aaa0dc20648896a72a76604ff6c42e9273cc5eb44a2cb0f9
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2
f5975950b0851b31b587a28cb6fe6bcb4eda91f356e9be259704aa797783ab94
f6aa858b52c4ce33f314b473585f03727144d3396580949f859db4d227468c5d
f7f32ffe3920aec33a2944cee8f1ed146ac862d52560bfa792242890138f12be