www.troyhunt.com Open in urlscan Pro
2606:4700:3030::ac43:ddf5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coinhive.com/
Effective URL:
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-con...
Submission: On August 25 via manual (August 25th 2022, 2:43:21 pm UTC) from IT — Scanned from NL

Summary HTTP 107 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 18 domains to perform 107 HTTP transactions. The main IP is 2606:4700:3030::ac43:ddf5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.troyhunt.com. The Cisco Umbrella rank of the primary domain is 730168.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.troyhunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	2606:4700:303... 2606:4700:3030::ac43:ddf5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	2606:4700::68... 2606:4700::6811:b658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:2e06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
25	2600:9000:236... 2600:9000:236e:0:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
6	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2a04:4e42:62:... 2a04:4e42:62::159	54113 (FASTLY) (FASTLY)
107	28

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::ac43:ddf5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:b658 (United States)

ASN13335 (CLOUDFLARENET, US)

troyhunt.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:2e06 (United States)

ASN13335 (CLOUDFLARENET, US)

bloghelpers.troyhunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

troyhunt.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:236e:0:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:62::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4294 a.disquscdn.com — Cisco Umbrella Rank: 8221	812 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 701 syndication.twitter.com — Cisco Umbrella Rank: 956	536 KB
13	troyhunt.com 1 redirects www.troyhunt.com — Cisco Umbrella Rank: 730168 bloghelpers.troyhunt.com	683 KB
11	disqus.com troyhunt.disqus.com disqus.com — Cisco Umbrella Rank: 1643 referrer.disqus.com — Cisco Umbrella Rank: 6417	132 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	788 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	120 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	31 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 static.doubleclick.net — Cisco Umbrella Rank: 398	2 KB
4	report-uri.com troyhunt.report-uri.com	3 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1441 pbs.twimg.com — Cisco Umbrella Rank: 693	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 868	124 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	82 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 133	47 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 256	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 9	14 KB
1	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 3564	14 KB
1	coinhive.com 1 redirects coinhive.com — Cisco Umbrella Rank: 630707	972 B
107	18

	Domain	Requested by
25	c.disquscdn.com	troyhunt.disqus.com disqus.com c.disquscdn.com
13	platform.twitter.com	www.troyhunt.com platform.twitter.com
12	www.troyhunt.com	1 redirects www.troyhunt.com unpkg.com
9	www.youtube.com	www.troyhunt.com www.youtube.com
8	disqus.com	troyhunt.disqus.com c.disquscdn.com
6	a.disquscdn.com	www.troyhunt.com c.disquscdn.com
4	jnn-pa.googleapis.com	www.youtube.com
4	troyhunt.report-uri.com	www.troyhunt.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	syndication.twitter.com	platform.twitter.com
2	troyhunt.disqus.com	www.troyhunt.com troyhunt.disqus.com
2	www.google-analytics.com	www.troyhunt.com www.google-analytics.com
2	unpkg.com	1 redirects www.troyhunt.com
2	cdnjs.cloudflare.com	www.troyhunt.com cdnjs.cloudflare.com
1	pbs.twimg.com
1	referrer.disqus.com	www.troyhunt.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gravatar.com	www.troyhunt.com
1	bloghelpers.troyhunt.com	www.troyhunt.com
1	fonts.googleapis.com	www.troyhunt.com
1	coinhive.com	1 redirects
107	28

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
feeds.feedburner.com
l.kolide.co
reddit.com
web.archive.org
coinhive.com
www.zdnet.com
lookedon.com
www.usenix.org
webtruyenonline.com
www.cyber-threat-intelligence.com
aahora.org
en.wikipedia.org
www.netflix.com
www.telerik.com
report-uri.com
developer.mozilla.org
github.com
gotocph.com
ndcsydney.com
pluralsight.pxf.io
creativecommons.org
ghost.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.report-uri.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: 6F3CC785501A4526D5B8C21DF2CC0E97
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EhmekYj1pIY
Frame ID: 605A2B12650548E27A36C4630DF5D7CE
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.troyhunt.com
Frame ID: 25649527F08ABF0CD190EEEB04A2552F
Requests: 2 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 64FE0ADE592F67C23FE811110CE54C03
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Frame ID: E0DB75EDBD860E33FD1B49175FE4232E
Requests: 17 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 84C05D638FE431ED4252387C757739BB
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Frame ID: F28F589430BDF7EAEA289DF6A0FE2119
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
Frame ID: 3B7AFA44D60ED513366F35603A3C41EA
Requests: 14 HTTP requests in this frame

Frame: https://troyhunt.report-uri.com/r/d/csp/enforce
Frame ID: 816B7864E40075593690BFDA6C9C54D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Troy Hunt: I Now Own the Coinhive Domain. Here's How I'm Fighting Cryptojacking and Doing Good Things with Content Security Policies.

Page URL History Show full URLs

http://coinhive.com/ HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

107
Requests

97 %
HTTPS

82 %
IPv6

18
Domains

28
Subdomains

28
IPs

4
Countries

3414 kB
Transfer

8029 kB
Size

8
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/troyhunt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/troyahunt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/troyhunt

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/troyhuntdotcom

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/TroyHunt

Search URL Search Domain Scan URL

URL: https://l.kolide.co/3PaubS1
Title: Sponsored by: Kolide is a fleet visibility solution for Mac, Windows, and Linux that can help you securely scale your business. Learn more here.

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/&text=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/&title=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190429040938/https://coinhive.com/
Title: Coinhives's

Search URL Search Domain Scan URL

URL: https://coinhive.com/
Title: coinhive.com

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/coinhive-cryptojacking-service-to-shut-down-in-march-2019/
Title: And then Coinhive was gone

Search URL Search Domain Scan URL

URL: https://lookedon.com/
Title: lookedon.com

Search URL Search Domain Scan URL

URL: https://www.usenix.org/system/files/sec19-bijmans.pdf
Title: Inadvertently Making Cyber Criminals Rich: A Comprehensive Study of Cryptojacking Campaigns at Internet Scale

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190430083127/https://coinhive.com/lib/coinhive.min.js
Title: the original Coinhive script

Search URL Search Domain Scan URL

URL: http://webtruyenonline.com/
Title: webtruyenonline.com

Search URL Search Domain Scan URL

URL: https://www.cyber-threat-intelligence.com/publications/CCS2019-router.pdf
Title: Just the Tip of the Iceberg: Internet-Scale Exploitation of Routers for Cryptojacking

Search URL Search Domain Scan URL

URL: http://aahora.org/
Title: aahora.org

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Subrata_Roy
Title: Subarta Roy

Search URL Search Domain Scan URL

URL: https://www.netflix.com/au/title/80990073
Title: Bad Boy Billionaires

Search URL Search Domain Scan URL

URL: https://www.telerik.com/blogs/understanding-fiddlerscript
Title: FiddlerScript

Search URL Search Domain Scan URL

URL: https://report-uri.com/
Title: Report URI

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri
Title: report-uri is deprecated

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to
Title: report-to

Search URL Search Domain Scan URL

URL: https://github.com/troyhunt/Coinhive
Title: the code that now runs on coinhive.com is available on GitHub

Search URL Search Domain Scan URL

URL: https://github.com/troyhunt/Coinhive/pull/3
Title: a full WASM implementation

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&url=https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Title: Tweet

Search URL Search Domain Scan URL

URL: https://gotocph.com/
Title: GOTO Copenhagen: 3 to 7 Oct, Copenhagen (Denmark) / Online

Search URL Search Domain Scan URL

URL: https://ndcsydney.com/
Title: NDC Sydney: 10 to 14 Oct, Sydney (Australia)

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2F

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fbilling.pluralsight.com%2Findividual%2Fcheckout
Title: How about a 10 day free trial?

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fowasp-top10-aspdotnet-application-security-risks
Title: OWASP Top 10 Web Application Security Risks for ASP.NET

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fhttps-every-developer-must-know
Title: What Every Developer Must Know About HTTPS

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fhack-yourself-first
Title: Hack Yourself First: How to go on the Cyber-Offense

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Finformation-security-big-picture
Title: The Information Security Big Picture

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-social-engineering
Title: Ethical Hacking: Social Engineering

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fmodernizing-websites-microsoft-azure
Title: Modernizing Your Websites with Azure Platform as a Service

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fbrowser-security-headers
Title: Introduction to Browser Security Headers

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-sql-injection
Title: Ethical Hacking: SQL Injection

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fweb-security-owasp-top10-big-picture
Title: Web Security and the OWASP Top 10: The Big Picture

Search URL Search Domain Scan URL

URL: https://pluralsight.pxf.io/c/1196446/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fcourses%2Fethical-hacking-web-applications
Title: Ethical Hacking: Hacking Web Applications

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/
Title: Creative Commons Attribution 4.0 International License

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Ghost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coinhive.com/ HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies HTTP 301
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js HTTP 302
https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

Request Chain 44

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

107 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Redirect Chain

http://coinhive.com/
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

61 KB
20 KB

53ms
53ms

Document
text/html

2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c147933ff645590f163edd3a82c3aec0241fea210956062f76ce03641c7edeef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action .twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: REVALIDATED
cf-ray: 74051956f9b09a2d-FRA
content-encoding: br
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 14:43:15 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-content-type-options: nosniff
x-request-id: 5c8daa1adcf85f1c771bd3a973fd73db 5c8daa1adcf85f1c771bd3a973fd73db
x-served-by: cache-ams21083-AMS, cache-fra19156-FRA
x-timer: S1661255711.320650,VS0,VE45096
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

age: 19915822
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 74051956a9179a2d-FRA
content-length: 0
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
date: Thu, 25 Aug 2022 14:43:15 GMT
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
location: /i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel: {"report_to":"default","max_age":10886400}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server: cloudflare
status: 301 Moved Permanently
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-content-type-options: nosniff
x-request-id: 8d57d4c968a904e25b8efb6272814a49 8d57d4c968a904e25b8efb6272814a49
x-served-by: cache-ams12762-AMS, cache-fra19136-FRA
x-timer: S1641522774.519635,VS0,VE1
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

GET
H3 200 main.min.css
www.troyhunt.com/assets/css/ 26 KB
8 KB 44ms
44ms Stylesheet
text/css 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/assets/css/main.min.css?v=115c087ec9

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79190512d658c86ffed8986c98a8709da27cd4eabe12c8528ebbe26dc369188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182839
x-cache: HIT, HIT
status: 200 OK
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: ec3d40cf08e6d2ec39aba516191446fc, ec3d40cf08e6d2ec39aba516191446fc
x-served-by: cache-ams21023-AMS, cache-hhn4068-HHN
last-modified: Wed, 03 Aug 2022 20:16:53 GMT
server: cloudflare
x-timer: S1661255757.615263,VS0,VE1
etag: W/"6840-182655a9d8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgYg3n8OIKt%2Fz2jOfKGFR42FS88Ubev3VPqJBAoJU%2BcoDscOEd1ZJuMHGt3%2Bxe2rb9q8JdG2uoYsBa%2F1J21Tx9ob9DnyfBa8v0sbYjFfpczfTfgL1ZZQMoJN8EYK1EDtrOZUm6Nq3wyhSjUui%2B2R"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 740519575e759201-FRA
x-cache-hits: 1, 1

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcdefaf5c3f143b4a31cd7b499fdbcce2c73411684bd15d57c0d5f956567cb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 14:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 14:43:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 14:43:15 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 81ms
33ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 73830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B3rxULc3fQBYkPP7mjqokH%2BYnWPCB4thMbtWlfPWBRKUfMN63mIpR3nuI5qoop8UhCMo1HeZ5a%2BXP5S2KcKTZNzGNkhINRy%2BxiTeQ%2FZSW8n8JrIH4UP7D0gliIZd47GqqfCdOkNUgFGYRdRZghvvUfl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74051957af065c6e-FRA
expires: Tue, 15 Aug 2023 14:43:15 GMT

GET
H2

200

portal.min.js Show response
unpkg.com/@tryghost/portal@1.22.6/umd/
Redirect Chain

https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

484 KB
124 KB

52ms
51ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8594547
fly-request-id: 01G3AJYNYHNFWEZAES2CAJDRMH-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 18 May 2022 03:15:35 GMT
server: cloudflare
etag: W/"79000-M0DLzHAKKwWGpUR+nfOsDIxvZTs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 740519587d055b80-FRA

Redirect headers

date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GBAPTQH6JSQBXW66BPTJ5DE7-fra
server: cloudflare
age: 505
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@tryghost/portal@1.22.6/umd/portal.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 740519582ca35b80-FRA
access-control-allow-origin: *

GET
H3 200 cards.min.js Show response
www.troyhunt.com/public/ 7 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.js?v=115c087ec9

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182839
x-cache: HIT, MISS
status: 200 OK
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: da754f3949b04a61cea2f804ccc69407, da754f3949b04a61cea2f804ccc69407
x-served-by: cache-ams21068-AMS, cache-hhn4072-HHN
server: cloudflare
x-timer: S1661255757.880615,VS0,VE12
etag: W/"16d84278bb517d1765f9d6471d902dc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P05fGK73T5EQ94hBxs273B4x9RGyWc0NPjrxOqzybPVclwQiKxGPKiByl%2FRg%2FYFK%2BHBS897Xs4SGum3zI9rdbk0VBEAVdvOC%2FYF32GcEQaJ9pAjve2889O9Dnd5woRtfyFYzPpyEVfiCUphPDgU2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding, Cookie
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 74051957df1a9201-FRA
x-cache-hits: 1, 0

GET
H3 200 cards.min.css
www.troyhunt.com/public/ 23 KB
5 KB 37ms
37ms Stylesheet
text/css 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/public/cards.min.css?v=115c087ec9

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182839
x-cache: HIT, HIT
status: 200 OK
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: dd214ea405848ea361e50f922fb062f4, dd214ea405848ea361e50f922fb062f4
x-served-by: cache-ams21037-AMS, cache-fra19168-FRA
server: cloudflare
x-timer: S1661255757.670828,VS0,VE1
etag: W/"68dd49021ee6d7818c2e1e2e64ed89aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVxo6zJJshCuhWDM%2FZlhppHrRRiab6h5FjSHyPKNXsi9RiT157IntzBio%2BQFciOGwDFQwRPjIN37G3QQIm6er4DK6tdUAwQ6A6GV6INPjYUrO3RYCoed0Hwg%2BHBhJXPlrb0mrbO5xn7bYaQpH4SX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding, Cookie
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 740519575e799201-FRA
x-cache-hits: 1, 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 58ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9C) /
Resource Hash: 33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:15 GMT
Content-Encoding: gzip
Age: 565
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29278
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:23:32 GMT
Server: ECS (amb/6B9C)
Etag: "080f1472776d4d1a972a14cea4433aeb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 Logo-2.svg
www.troyhunt.com/content/images/2017/11/ 4 KB
3 KB 54ms
53ms Image
image/svg+xml 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2017/11/Logo-2.svg

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18325539
x-cache: HIT, HIT
status: 200 OK
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 9f6f009af2e9d5df4445d59fafb3c499, 9f6f009af2e9d5df4445d59fafb3c499
x-served-by: cache-ams12755-AMS, cache-fra19135-FRA
last-modified: Wed, 01 Nov 2017 08:13:50 GMT
server: cloudflare
x-timer: S1643113056.281996,VS0,VE1
etag: W/"ff3-15f76a4c508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8itb8IwfCdYU7VFjilP6k%2FMdvXnflo0xxb7XVP9JnsTijA56UdAcYLRvlTnKPv1C4ekIpq7iH%2BoAOddTlfHED9d3VPlLwlMJA39g3fHlAc43DzxiiIeH5qgsNZdj6aIa1HSNBCp4u%2B7OyE4AZNV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding, Cookie
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 74051957ef269201-FRA
x-cache-hits: 1, 1

POST
H2 201 enforce
troyhunt.report-uri.com/r/d/csp/ 0
686 B 98ms
41ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 25 Aug 2022 14:43:15 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 74051957be93bb83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
20ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6075
date: Thu, 25 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 15:02:00 GMT

GET
H3 200 2021-03-29_17-11-30.png
www.troyhunt.com/content/images/2021/03/ 384 KB
385 KB 36ms
35ms Image
image/png 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/2021-03-29_17-11-30.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5654705
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 392979
ghost-fastly: true
x-request-id: 545b5b81d40e58512b732eee4fab3bdd, 545b5b81d40e58512b732eee4fab3bdd
x-served-by: cache-ams21044-AMS, cache-hhn4078-HHN
accept-ranges: bytes
last-modified: Mon, 29 Mar 2021 08:02:26 GMT
server: cloudflare
x-timer: S1655783890.003104,VS0,VE2
etag: W/"5ff13-1787d016583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08Nve09jRRFenuNRueqnTXrnsjVd2pl5ETGndHHyVrZvzS8bJUXm%2FP5I1SB8FZBX%2BfHkXWnHRPPfHfrn%2FTh4jUKKRjL8vjNruGdfoNY3hYpAWCsWc0B8mhjSFIzg41%2BZGw%2F24w1sry98tz8owhbI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Cookie, Accept-Encoding
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 74051957ef2f9201-FRA
x-cache-hits: 1, 1

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 52ms
28ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1365844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9wAjoKI9ywRosu6SC3v3wli%2FgBKjeM8u1IA1ZWKp56pw4Ff%2B14%2BXcKTB%2F3HCWFM1BzSB3PJIqs2NsbhfZpFqOACZk18QhfHAj3XYfoF8qV%2B3csaHXchXpLSlEy7IhUN803Z%2BsRGg6nu9efhDLlb9CZj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740519580ddfbb74-FRA
expires: Tue, 15 Aug 2023 14:43:15 GMT

GET
H2 200 0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v21/ 43 KB
44 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0yb9GDoxxrvAnPhYGxkpaE0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37916b0c48fadfceebfbfb1777c42d5454209ccad3cf78db4a5565b32b53453e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 00:09:22 GMT
x-content-type-options: nosniff
age: 138833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44004
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:35:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 00:09:22 GMT

GET
H2 200 0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
fonts.gstatic.com/s/vollkorn/v21/ 44 KB
44 KB 97ms
47ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vollkorn/v21/0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Vollkorn:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6bcb438bde380c06e723584e069f13e39d3dc90771e4f7c1a8acfe7cb1821fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.troyhunt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 00:12:39 GMT
x-content-type-options: nosniff
age: 138636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44716
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:39:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 00:12:39 GMT

GET
H2 200 EhmekYj1pIY Show response
www.youtube.com/embed/ Frame 605A 64 KB
27 KB 134ms
73ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EhmekYj1pIY

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd49342e0924719a2cd2042479cb3ae87ab942ae737b3351ca33772d1f8e53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 25 Aug 2022 14:43:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 image-60.png
www.troyhunt.com/content/images/2021/03/ 24 KB
25 KB 77ms
77ms Image
image/png 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-60.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18325539
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24853
ghost-fastly: true
x-request-id: 5a3b1851a8f91eb30300e7d5fb99d4ca, 5a3b1851a8f91eb30300e7d5fb99d4ca
x-served-by: cache-ams21048-AMS, cache-fra19151-FRA
ghost-cache: MISS
last-modified: Wed, 31 Mar 2021 02:18:38 GMT
server: cloudflare
x-timer: S1643113057.854510,VS0,VE1
etag: W/"6115-17886135c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gE2BxUz8Z6tF034JOwsgYUEebc4KCFC0M2EgsNj7L3QwvRyhZf2%2B28xUaFW5Z5wzA0B92Vr2lT8QW3OL8u1MJpWu6l0VviGT5WLS0ppRKGgdWgvAOAfcuZCSPpkU6X%2B%2BvGg%2FJNFFhEjRVCW%2BQV2S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Cookie, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 740519582f7a9201-FRA
x-cache-hits: 1, 1

GET
H3 200 image-61.png
www.troyhunt.com/content/images/2021/03/ 22 KB
23 KB 120ms
120ms Image
image/png 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/2021/03/image-61.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18325539
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22256
ghost-fastly: true
x-request-id: 91ea5e8f8be272f24cb1992af09b5c0a, 91ea5e8f8be272f24cb1992af09b5c0a
x-served-by: cache-ams12760-AMS, cache-fra19161-FRA
ghost-cache: MISS
last-modified: Wed, 31 Mar 2021 02:19:10 GMT
server: cloudflare
x-timer: S1643113057.840140,VS0,VE1
etag: W/"56f0-1788613d7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGdZRN4FH0WjFeAT%2F5OaKJ%2Fs6PW5duLyg0iBCHLudVZqGKAwcKnqhTubFjiJdoOs0kAdzHYiPYW0YEmVsCO2FT3%2ByW5VO%2BYLcWV2jqz3EJvMJEGimxYGothCT%2BX3shF5TvdgqAhys2K6%2BoSWy87K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Cookie, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 740519582f7d9201-FRA
x-cache-hits: 1, 1

GET
H3 200 image-62.png
www.troyhunt.com/content/images/size/w1000/2021/03/ 208 KB
209 KB 121ms
121ms Image
image/png 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.troyhunt.com/content/images/size/w1000/2021/03/image-62.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:15 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5654705
x-cache: HIT, HIT
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 213055
ghost-fastly: true
x-request-id: e2430cc6957c72b117bfb324c77b574e, e2430cc6957c72b117bfb324c77b574e
x-served-by: cache-ams21044-AMS, cache-hhn4027-HHN
accept-ranges: bytes
last-modified: Wed, 31 Mar 2021 02:27:19 GMT
server: cloudflare
x-timer: S1655783890.441658,VS0,VE1
etag: W/"3403f-178861b4cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyRDLc%2FB25Dyy3tPywgJOuxZolvAInR1a7pbKtl4jdQQ5wOV%2B3a1plJCBfJ35oXb9C7gP0CL9pFLs4zc%2FVBze9JxnEf70iTsGA4t1n%2BIPibPVEdkk0MP3%2F2v32PrZSLklE00pCpKN36peLfZW4Uf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Cookie, Accept-Encoding
cache-control: public, max-age=31536000
ghost-cache: MISS
cf-ray: 740519582f7e9201-FRA
x-cache-hits: 1, 1

GET
H2 200 BlogData Show response
bloghelpers.troyhunt.com/api/ 466 B
952 B 849ms
789ms XHR
application/json 2606:4700:3032::6815:2e06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloghelpers.troyhunt.com/api/BlogData

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2e06 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abbedb4bceab87f716904cad78d5f39a38317673b5d19286bb7cb039f1f0ffc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 25 Aug 2022 13:37:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5dM7%2BUOw1BQt0REbvxrxBiQufdbi%2F%2BK1IY4KRcnbkV9DyVBniQIXxIDfM9YSoQhXcDacWKhQGSvR9TbRq9r4A7gQ2T3j6rn2XeXabVJVfddwR18P6QoLrIYJ%2F3ZAZnVWOGtDeX8RMcFuaTfKbGDsI5rdvizwNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 740519588d6c5c0e-FRA

GET
H/1.1 200
OK embed.js Show response
troyhunt.disqus.com/ 78 KB
25 KB 192ms
156ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/embed.js

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1a8e7bd776bcbd098f4f6807e6c0db2b9ae5322a4c0794d3dbe359752bbbd3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25378
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 c5531bfb7d76cdaa370c7baf6053288d
www.gravatar.com/avatar/ 14 KB
14 KB 48ms
14ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x
Requested by: Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 25 Aug 2022 14:43:15 GMT
last-modified: Thu, 09 Dec 2021 09:20:52 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c5531bfb7d76cdaa370c7baf6053288d.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x>; rel="canonical"
content-length: 14191
expires: Thu, 25 Aug 2022 14:48:15 GMT

GET
H/1.1 200
OK widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html Show response
platform.twitter.com/widgets/ Frame 2564 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.troyhunt.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAE) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 762703
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Aug 2022 14:43:15 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BAE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 70ms
27ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1126700323&t=pageview&_s=1&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&ul=en-us&de=UTF-8&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2082724484&gjid=1089338623&cid=756107707.1661438596&tid=UA-10949399-1&_gid=2144732652.1661438596&_r=1&_slc=1&z=1443624193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 14:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2564 709 B
589 B 237ms
190ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d95b7aecd3f6137b6a6b2977d4d19c4804f67740

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.troyhunt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 171
date: Thu, 25 Aug 2022 14:43:15 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 14:43:16 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ab66268e1601ff4cc115c63b0c13ffce13c0165d2b6677806e3b8226f449a6f4
content-length: 308

GET
H3 200 / Show response
www.troyhunt.com/members/api/site/ 2 KB
2 KB 59ms
58ms Fetch
application/json 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/members/api/site/

Requested by

Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7837d484887511c41986fb59a5d48849873733069ebcc0b2757962a447437d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 14:43:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
status: 200 OK
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: 616c029269d3044b486fb1d3b6cd5697, 616c029269d3044b486fb1d3b6cd5697
x-served-by: cache-ams21026-AMS, cache-hhn4052-HHN
server: cloudflare
x-timer: S1661438596.071894,VS0,VE0
etag: W/"846-2zyoc5BDV2Rz/DrRtbHlnF/jzYk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bamd6hzAfH1S74Fj0KmL1Bpajjb7PBymoV%2BZo22KUArpNSqNAOrjrElnIvMN4nI%2BATYV5n1GTGc4WDy75IZXWtEwXpNcEz6OGUXnlRmUvyQtoG5TjIwQEQCWABxDEn0VD%2BQ9zF1np4hELmmsFvjH"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding, Cookie
cache-control: no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache: MISS
cf-ray: 74051959491e9201-FRA
x-cache-hits: 1, 2

GET
H3 204 /
www.troyhunt.com/members/api/member/ 0
0 73ms
72ms Fetch 2606:4700:3030::ac43:ddf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.troyhunt.com/members/api/member/

Requested by

Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ddf5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action .twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 182841
date: Thu, 25 Aug 2022 14:43:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"default","max_age":10886400}
x-xss-protection: 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
x-cache: MISS, MISS
status: 204 No Content
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ghost-fastly: true
x-request-id: eeb88716dd607a3a613dcca180f7e0eb, 6eee5bee4a510d0e606e8c3057d04922
x-served-by: cache-ams12757-AMS, cache-fra19128-FRA
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-timer: S1661438596.068936,VS0,VE15
expect-ct: max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-origin: *
vary: Cookie, Accept-Encoding
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
ghost-cache: HIT
cf-ray: 7405195949229201-FRA
x-cache-hits: 0, 0

GET
H3 200 www-player.css
www.youtube.com/s/player/dc0c6770/ Frame 605A 343 KB
47 KB 85ms
21ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c46dad97fbe6c22b941cb28882308b86fc8294511660388fa6d8f8d5ee51f799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 10:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48175
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Aug 2023 10:20:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dc0c6770/www-embed-player.vflset/ Frame 605A 308 KB
95 KB 119ms
55ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5f83f16ff6c285c5f586acaa48c8f986445963cfff1e7f500f95a1689a08dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97486
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Aug 2023 15:44:42 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/ Frame 605A 2 MB
571 KB 121ms
57ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6237c600274f21d9321d0394a0ba9e0dbb1e439c747b7890c04b617e3ee0aca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584546
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Aug 2023 16:11:36 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/dc0c6770/fetch-polyfill.vflset/ Frame 605A 9 KB
3 KB 126ms
63ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Aug 2023 15:44:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 71ms
23ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10949399-1&cid=756107707.1661438596&jid=2082724484&gjid=1089338623&_gid=2144732652.1661438596&_u=IEBAAEAAAAAAAC~&z=1622753464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Aug 2022 14:43:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.troyhunt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 605A 15 KB
15 KB 84ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 164195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Aug 2023 17:06:41 GMT

GET
H2 200 lounge.67b5a088d7f080840d0cb527ab15b5ff.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 89ms
23ms Other
text/css 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243573
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26365
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 22 Aug 2022 18:44:25 GMT
server: nginx
etag: "6303ce89-66fd"
content-type: text/css; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Tue, 22 Aug 2023 19:03:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: qBX8bmL63Wmp4w_tpxRAKHmxuAo0JAuf6KF56aZz_Ysrc39Gh3vrcQ==
x-cache-hits: 0

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
c.disquscdn.com/next/embed/ 0
93 KB 105ms
40ms Other
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046980
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: fCe50kANOzUQOIe23ARrOYU4gjKwRWKGZrHvd13NrVpeKhj6Ro9YBQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.bbe4b8346a5647402379a02c518a1514.js
c.disquscdn.com/next/embed/ 0
123 KB 130ms
65ms Other
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 124754
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 23 Aug 2022 18:40:20 GMT
server: nginx
etag: "63051f14-1e752"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 23 Aug 2023 19:22:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: XsNCva8Eu39sCo6pvwKdLSMlFzpbFUKHP1TFQuR4FESceGYxBzR4tw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
16 KB 49ms
13ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 28
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15994
X-XSS-Protection: 1; mode=block

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 64FE 0
702 B 83ms
30ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 74051959c829917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK recommendations.js Show response
troyhunt.disqus.com/ 64 KB
21 KB 130ms
129ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.disqus.com/recommendations.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

283a14954a1ebd15643fed83d48df27e24b13104696d6b87aa4fa206ec8ec28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21282
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame E0DB 104 KB
19 KB 115ms
114ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

599727f9375ea81fd9ce5afad8fe8e31aaabb2313b4d68e41de6960551aa3b07

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17632
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 25 Aug 2022 14:43:16 GMT
ETag: W/"lounge:view:8455005378.bc91978eaf722320c77d459e873be241.2"
Last-Modified: Mon, 22 Aug 2022 21:19:25 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 44ms
43ms Other
text/css 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2712107
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-ba2"
content-type: text/css; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: DhsJieBRzU9xnJ2kcPc9CR36tJ-JRdzFV6US6jVO7aTQEaX_7ReGEw==
x-cache-hits: 0

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js
c.disquscdn.com/next/recommendations/ 0
87 KB 46ms
45ms Other
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046980
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: LglZ79wIeBgE0RWnbnTDy9Wln6ui7krKrBRyce7cfPR5aYwDOwkiDA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 47ms
46ms Other
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046979
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: gi2oBnbrzgkmOMXHXogmHtNBIvXYRYX8VU3EAWQk0brl5Vv0EvPi8A==
x-cache-hits: 0

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 84C0 0
668 B 44ms
44ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 7405195a6972917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK tweet.5b94507822be1b77b58bef86fc7cd9f7.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.5b94507822be1b77b58bef86fc7cd9f7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8E) /
Resource Hash: 543f1e90e16b91657384920db11d373b377d4e152e1b9081099f7c6ed7de5765

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2620
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:01:06 GMT
Server: ECS (amb/6B8E)
Etag: "de945abf31c14b2f81f9f499871cbe47+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 605A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

71ms
29ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406ab5fa1dc496e6e7aa80ff16a4e581ec3145634cfdbb27862c16d49016e721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 Aug 2022 14:43:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 605A 29 B
588 B 70ms
20ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:34:42 GMT
x-content-type-options: nosniff
age: 514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 14:49:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 83ms
34ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 25 Aug 2022 14:43:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 605A 65 KB
30 KB 102ms
38ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e418e7ad29f5e9d38b457ee03674e35089e4c7b1943dc9d7c3f0a4f9ffa634c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30633
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/ Frame 605A 119 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e811682784831e4aa26e7320f91057e861aab4db0f1e8b55bac8a5a19d329e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37729
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Aug 2023 16:22:07 GMT

GET
H2 200 OBV2VGLOWo4TxjmFVMwfRCY8z3kUGFcpAAVtrf_pEjE.js Show response
www.google.com/js/th/ Frame 605A 36 KB
14 KB 93ms
20ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/OBV2VGLOWo4TxjmFVMwfRCY8z3kUGFcpAAVtrf_pEjE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3815765462ce5a8e13c6398554cc1f44263ccf791418572900056dadffe91231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 13:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 09:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 13:19:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/ Frame 605A 27 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236e7cfee17c1cccf09e9472feba449c9af88c53f175257bbccf57df8099150c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 16:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8259
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 00:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Aug 2023 16:11:38 GMT

GET
DATA 200
OK truncated
/ Frame 605A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9QHeked9iT5IhojYUCctnbsgEOkv8mJaM0PTD4Aw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 605A 3 KB
3 KB 74ms
20ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9QHeked9iT5IhojYUCctnbsgEOkv8mJaM0PTD4Aw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 12:58:13 GMT
x-content-type-options: nosniff
age: 6303
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2971
x-xss-protection: 0
server: fife
etag: "v452"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 31 Jul 2022 15:37:52 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/EhmekYj1pIY/ Frame 605A 47 KB
47 KB 85ms
31ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EhmekYj1pIY/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:39:33 GMT
x-content-type-options: nosniff
age: 223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47972
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 Aug 2022 16:39:33 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame F28F 5 KB
3 KB 118ms
117ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Requested by

Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ba3afdb452b07eb8d7fbabc739f6744ca03dbf47256bcbcb9a7aabed1cdc040a

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Age: 0
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2341
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 25 Aug 2022 14:43:16 GMT
Last-Modified: Tue, 24 May 2022 17:47:51 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H2 200 lounge.load.ad2eac0e6aa7c265937636beaab16a92.js Show response
c.disquscdn.com/next/embed/ Frame E0DB 958 B
1 KB 66ms
22ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.ad2eac0e6aa7c265937636beaab16a92.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

90f18a12c5a68343d594a9979f223a767cbc605d471e472d76d19a3dc9d838fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 498
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 23 Aug 2022 18:40:20 GMT
server: nginx
etag: "63051f14-1f2"
content-type: application/javascript; charset=utf-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
expires: Wed, 23 Aug 2023 19:22:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: Oq-1THMHFGPDzQn7KZnrriNbfI667q8mSyR-gfDYJtZ-41_Pc_dNcA==
x-cache-hits: 0

POST enforce
troyhunt.report-uri.com/r/d/csp/ Frame 3B7A 0
0

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 3B7A 406 B
951 B 15ms
15ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8C) /
Resource Hash: b64c04792edbe427b98b645d32df75732e5424d3a6d1e840173584dc211aa034

Request headers

Referer: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1419
Cache-Control: public, max-age=1800
Content-Length: 406
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Aug 2022 14:43:16 GMT
Etag: "dd452c08b92523224f8e8cea00e3831c"
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 605A 4 KB
3 KB 100ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 14:43:16 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 605A 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?uurd4g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EhmekYj1pIY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/EhmekYj1pIY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK embed.runtime.77551932feacdf3e1432.js Show response
platform.twitter.com/embed/ Frame 3B7A 8 KB
4 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B84) /
Resource Hash: bd12d05fdd69aa3f07360894560e0bc1be44fdce5be16d0636616d5734ae2109

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 3368
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6B84)
Etag: "c48f684e35b58d9d8912347c92ede7e2+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.modules.22436ce161b8a1362ef3.js Show response
platform.twitter.com/embed/ Frame 3B7A 497 KB
163 KB 30ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.22436ce161b8a1362ef3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA6) /
Resource Hash: 955ce104740b084bf508227d36801bb475235b7de0191428e7053df2311865bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 165822
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6BA6)
Etag: "2b6c114de2ad3be0593f59454c05064f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.Tweet.37db06d48778970271d7.js Show response
platform.twitter.com/embed/ Frame 3B7A 17 KB
7 KB 57ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.37db06d48778970271d7.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B73) /
Resource Hash: 4a00637aa353e2f5120dff7d29ab6b2997f2edee0ac7b80792a82ef03a804548

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 6310
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6B73)
Etag: "e57abd0dbfb15102e9ba7c6f51cbc53f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js Show response
c.disquscdn.com/next/embed/ Frame E0DB 282 KB
93 KB 21ms
20ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.ad2eac0e6aa7c265937636beaab16a92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046980
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94755
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-17223"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: EJdZAJ-r97nRtgdzvovoBxT4hxkMWptzdfNaizKDjU4GifIJt3trgQ==
x-cache-hits: 0

GET
H2 200 recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js Show response
c.disquscdn.com/next/recommendations/ Frame F28F 923 B
1 KB 22ms
21ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 04:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6949010
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
expires: Tue, 06 Jun 2023 04:26:26 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: u3BuNr3y7kewCmpPlxDNsl2i1xNLTri-wt94u-eoOrgkf3jP4S3-8Q==
x-cache-hits: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/104/ Frame 605A 52 KB
15 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/104/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15107
x-xss-protection: 0
last-modified: Mon, 30 May 2022 15:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 26 Aug 2022 03:59:49 GMT

GET
H2 200 common.bundle.a59fbd11efae764ccd959d61e4925fee.js Show response
c.disquscdn.com/next/recommendations/ Frame F28F 262 KB
87 KB 21ms
21ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.9d352c9674ae8172f8669d3aa3a905e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046980
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 88804
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-15ae4"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: KVRgxA2t6bIYEMlwpA6k6jWRuBqXT1oErcsKT2ax4xBDCUjlceW_xw==
x-cache-hits: 0

GET
H2 200 lounge.67b5a088d7f080840d0cb527ab15b5ff.css
c.disquscdn.com/next/embed/styles/ Frame E0DB 166 KB
26 KB 21ms
21ms Stylesheet
text/css 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7d1b71ef71d6565ec12e32c175f345c6b59cb14a06c9749fd489860c872d261c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243573
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26365
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 22 Aug 2022 18:44:25 GMT
server: nginx
etag: "6303ce89-66fd"
content-type: text/css; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Tue, 22 Aug 2023 19:03:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: Hx5H0WtE0m_YidKxMUg2aZCDgkgXUoYrZz9jC8GS28CukuE2qaXs7Q==
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.i18n.ar-js~ondemand.horizon-web.i18n.ar-x-fm-js~ondemand.horizon-web.i1~98d47477.022b10081a82154299a6.js Show response
platform.twitter.com/embed/ Frame 3B7A 20 KB
7 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.i18n.ar-js~ondemand.horizon-web.i18n.ar-x-fm-js~ondemand.horizon-web.i1~98d47477.022b10081a82154299a6.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B99) /
Resource Hash: ba29b730d69c2353e3a3d6347b2da26d0a6ef9eff2a4bb2e7c99f470af05831a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 6794
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6B99)
Etag: "f2b43f31a678952bb606698c2510fadc+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.26aa117248996d58e1bc.js Show response
platform.twitter.com/embed/ Frame 3B7A 3 KB
2 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.26aa117248996d58e1bc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 04d805cf6b74dbc28de8c916eb53f9d7d84e36ae2efdb0b04c7a8e321b2bf0c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 1395
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6BBB)
Etag: "47d31d660d06d314ae8d4664808594e6+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.i18n.en-js.1c97cb46d8f406ddd7b9.js Show response
platform.twitter.com/embed/ Frame 3B7A 35 KB
12 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.i18n.en-js.1c97cb46d8f406ddd7b9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8F) /
Resource Hash: 00f42fa843b0f3ddc9f8028adfe75a3223a3810de9aad23fba78f9f61d09ac28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 11303
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6B8F)
Etag: "1bce9aa204be77ae1eb8a5af6214f3bc+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 lounge.bundle.bbe4b8346a5647402379a02c518a1514.js Show response
c.disquscdn.com/next/embed/ Frame E0DB 484 KB
123 KB 21ms
20ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e828a3f983bc0afc3dcd0ad2660e759b6d2043ca91bd7d5b42602597eaae274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156026
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 124754
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 23 Aug 2022 18:40:20 GMT
server: nginx
etag: "63051f14-1e752"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 23 Aug 2023 19:22:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: IVAST0SR2ZHK151iUmEF6HwvBXkxCx2kz46qPG7-V3I8YmhE4zf6aw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame E0DB 16 KB
16 KB 15ms
14ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81aad3905d151c7fe1e08358b674cb892f6e948f36655e310369aa26e10da1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 29
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15994
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame F28F 14 KB
3 KB 20ms
20ms Stylesheet
text/css 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 05:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2712107
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
server: nginx
etag: "62da91ee-ba2"
content-type: text/css; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: d7TA5M-u6OGjpJ9ml5BhDyXsHj5ZkxDhSZcackHJvQiB8r82e5lGJw==
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.e54d69b39047ba47eee9.js Show response
platform.twitter.com/embed/ Frame 3B7A 666 KB
183 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.e54d69b39047ba47eee9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAE) /
Resource Hash: 23ca344f4c79cfe310d2126ea0ddf6c46a75c0fd0a9f6226ea12f2aad3247b18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 186983
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6BAE)
Etag: "f2eb48291075cf219654edd01a6ab7c8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK embed.ondemand.Tweet.5fc7d13e1d7da5819eef.js Show response
platform.twitter.com/embed/ Frame 3B7A 82 KB
18 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.5fc7d13e1d7da5819eef.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: 94d6cf2810716bc417e93ea855cd83622b7ca1e2fd96fdf8c36154ac493a84e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 18346
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6BC3)
Etag: "8c0d595e288c949c0441b06ac24bea02+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame F28F 65 KB
20 KB 21ms
21ms Script
application/javascript 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8046979
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires: Wed, 24 May 2023 11:26:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
timing-allow-origin: *
x-amz-cf-id: wiiMJn_-Y4Y0eUZ0Rezq3_vt8vDPI4vgXt_sE5ofKOUwROMAZbLDVg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F28F 16 KB
16 KB 14ms
14ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81aad3905d151c7fe1e08358b674cb892f6e948f36655e310369aa26e10da1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 29
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 15994
X-XSS-Protection: 1; mode=block

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 605A 98 B
142 B 31ms
31ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6760db566749a917a6212d4050188ce60d5d2ac78f9c18e55ac53172aeaae940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 25 Aug 2022 14:43:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame E0DB 3 KB
3 KB 118ms
118ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5e67fedd0fda2e86c3e76c9883197fcba04bdf0632127dac691ab363f3531b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3090
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F28F 3 KB
3 KB 61ms
32ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=troyhunt&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5e67fedd0fda2e86c3e76c9883197fcba04bdf0632127dac691ab363f3531b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3090
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK embed.ondemand.Dropdown.5c1c610935c86ba65697.js Show response
platform.twitter.com/embed/ Frame 3B7A 5 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Dropdown.5c1c610935c86ba65697.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.77551932feacdf3e1432.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8F) /
Resource Hash: b086dc80b7682d9c831f918566694d9ea4f078c382efaf6a4b2509b7236365f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiXSwidmVyc2lvbiI6bnVsbH0sInRmd19ob3Jpem9uX3RpbWVsaW5lXzEyMDM0Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfY2hpbl9waWxsc18xNDc0MSI6eyJidWNrZXQiOiJjb2xvcl9pY29ucyIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfcmVzdWx0X21pZ3JhdGlvbl8xMzk3OSI6eyJidWNrZXQiOiJ0d2VldF9yZXN1bHQiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=d95b7aecd3f6137b6a6b2977d4d19c4804f67740&siteScreenName=troyhunt&theme=light&widgetsVersion=31f0cdc1eaa0f%3A1660602114609&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:16 GMT
Content-Encoding: gzip
Age: 762704
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2216
x-tw-cdn: VZ
Last-Modified: Tue, 16 Aug 2022 18:35:46 GMT
Server: ECS (amb/6B8F)
Etag: "6efa12a2c28064b9fd1f5f96db8b3fbb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame E0DB 3 KB
3 KB 20ms
20ms Image
image/gif 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 12:47:57 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7091719
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Sun, 04 Jun 2023 12:47:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pJvaffQyEvJaeaS91DrU2LirfRh6lJv4oESyHFRmSPGGkiKJvG9bTw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame E0DB 2 KB
2 KB 20ms
20ms Image
image/png 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:26:57 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8046979
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 10 May 2022 13:06:19 GMT
server: nginx
etag: "627a634b-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Wed, 24 May 2023 11:26:57 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IBvk6OWsGne4vf13JAHaUrATV5R2d1HTAoAdRpWuQiXCI5fXSkE4uA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame E0DB 8 KB
8 KB 22ms
22ms Font
application/octet-stream 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.67b5a088d7f080840d0cb527ab15b5ff.css
Origin: https://disqus.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 22:05:41 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7144655
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sat, 03 Jun 2023 22:05:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1fSUZlDNl2Gmzdfp01s1nvepLNOZq9ekDHbnNXP-mEw-CVvvG_pf2Q==
x-cache-hits: 0

GET
H2 200 tweet-result Show response
cdn.syndication.twimg.com/ Frame 3B7A 2 KB
2 KB 320ms
230ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_tweet_edit_frontend%3Aoff&id=1040634067018895360&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.22436ce161b8a1362ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

56f2aa398d8a8717124151ec6957af00458a6fa4fa65535c36512a7414713098

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"8db-UIVA5WGEomFQqbToOQjdMA9B3fo"
x-powered-by: Express
access-control-allow-methods: GET
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=217
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 208
server: tsa_f
x-frame-options: SAMEORIGIN
date: Thu, 25 Aug 2022 14:43:17 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: f740db3b2d31c7b052a09e5667f8e5d92003be7926e619a651e7e9c72febb5bf
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 51ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame E0DB 43 B
339 B 135ms
102ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=307&event=init_embed&thread=8455005378&forum=troyhunt&forum_id=621325&imp=19e5lu42tdtu3k&thread_slug=using_the_coinhive_domain_to_fight_cryptojacking_and_do_good_things_with_content_security_policies&user_type=anon&referrer=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame F28F 7 KB
7 KB 96ms
96ms XHR
application/json 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=troyhunt&thread=url%3Ahttps%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.a59fbd11efae764ccd959d61e4925fee.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

67636d141ccaeec3ef7f9a92fea05923ba4f8c5b0a098da0ce4cbfd1758117bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 14:43:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 611
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 6959
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 14ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 14ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 14ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H2 200 get
c.disquscdn.com/ Frame F28F 16 KB
17 KB 22ms
20ms Image
image/png 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F02%2Fgreen-bar-iso.png&key=BmtLSleAxaJY_VxQoBx1qw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

739c422c7bc097749c42bcdb10cd9fcd93c7204987d7ad0808b27310ac95eb51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Sat, 20 Aug 2022 07:45:28 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 473350
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 16793
ghost-fastly: true
x-served-by: static-web-1
ghost-cache: MISS
expires: Mon, 19 Sep 2022 07:45:28 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIc0izLBH2s%2BvHN9vgjVEBpDhHUqgmsa2fKX6Kwey4KQ8sJhiv6M%2BpW3FRs1GLslirnYuhi2phRaUmH40EWvny4PcR45v2%2F74T4PwAm2drfpG48AOQVdltmdPUFC0CSluNvo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: xSqBCyI4RW_NFfuBonAEhB2PCw6qrTgEdxRYG3b0cWJV-ToVAHmp6w==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 10 KB
11 KB 25ms
23ms Image
image/jpeg 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F04%2FSplash-Template.jpg&key=Xo4fOvof77jMDnaPob0qaQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

691224c0b568bf05db95ac7c3a4118892068cc0ec19e496fe099c7bd62c64410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Sat, 20 Aug 2022 04:29:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468846
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10226
ghost-fastly: true
x-served-by: static-web-2
ghost-cache: MISS
expires: Mon, 19 Sep 2022 04:29:11 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F5av8wHB8VG8Rpx%2BEI1wYk3cdsJliT3b8%2FZJyMS09iC8tRXUHLluRNyfc9MsqtqAoMlEAASVY2b%2FABXf9l3tuY48NaQ2JbRUF3X0TJH8YJkk9FXaHEZxFOVqzDJVlkoPZlJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: w35U2nD8y_EDhy7PjYtQBcxKqGWKv40gyGv7py5aELCT1VK23bfL9A==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 766 B
2 KB 27ms
25ms Image
image/png 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F05%2FArtboard-1.png&key=p6Z75-f1beM6fhbMoPET6A&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

13c7b28c37b904487bbb8c5eaf5eec02d37f29023a928ccf8e28ab0efe37479b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Sat, 20 Aug 2022 04:24:45 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521710
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 766
ghost-fastly: true
x-served-by: static-web-2
ghost-cache: MISS
expires: Mon, 19 Sep 2022 04:24:45 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FWbosJH3DOB3uz8X95EgcAlG1vUsUdO5ZjsWDbGmqCQoUfPrLgD1LrILTFCHLe5IuJY2ESRu1bEA7jZuQ8W2npeQaxXq3%2BGKleQ622%2B7PhJkI3nv8Y9fDkLlvN0S%2F9sRiBh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: OhyS-OdOQRZmY2nThPfwO5GLUJobdqpScPLvlQnOxSkKo4RZVVx5Kg==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 10 KB
11 KB 25ms
23ms Image
image/jpeg 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F07%2FSplash-Template-3.jpg&key=TBUxAUAQRuZfqxJUPeY8DQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2d61dcce14850e4193dc60094756e5c2fbc8df63cca0b66de6dd9629a4c83baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Wed, 03 Aug 2022 10:32:24 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2205356
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10171
ghost-fastly: true
x-served-by: static-web-1
ghost-cache: MISS
expires: Fri, 02 Sep 2022 10:32:24 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6MT4HtvbDls0BKFQKy1UeZjtJWVWLMzK4Ng7ZiqEuF%2FH2KhGUiv6%2Fd1LRFPTcLGOHLYHP2TkP7yzW3QxVbak2uG2OrwW9G8ft0O4UHBjQyotHaQ%2BVpkztljWXgFGsTbfGdj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: hKm1waF6gxk2o4Cvd1aBg5uyI-VuHEwo94xu2qcWXk_pOI-XPUpDDg==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 10 KB
11 KB 25ms
24ms Image
image/jpeg 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F03%2FSplash-Template-3.jpg&key=hSAxr1HjSe4fTTKBQmdYDw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e5f6611b40478952ace0197006c5df950a84fc19bfd8af85817126c0f252ade0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 25 Aug 2022 05:12:30 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255026
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9795
ghost-fastly: true
x-served-by: static-web-2
ghost-cache: MISS
expires: Sat, 24 Sep 2022 05:12:30 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C41rpAaPkNt0JjczVpR0FU%2FU34dlNW8bKHSjVr5LGW1cGUtiWZCjq8rlWBvBBlPU5v%2B9pspIyLEBqNt3e51tfudl2m3H1Q%2BdhHX7wn3WH7wqNbDVBC1h5MuyvVNtZAUN8Y2Y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 8_Pne7XnJ0de-QSxK96IADVtLh4tBDvCCbSnUJhMChfVgcqVaIG2YA==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 14 KB
14 KB 27ms
25ms Image
image/jpeg 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F02%2FlAsNv2Vu0DvR8i67elmbHcXw8vU-copy-600x336.jpg&key=7AvbGGPCzvNyL9XNREMYBA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c6cebe59bf355fb43ee919ef2daae472bf91f081fc809fb70b2291786bf60467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 18 Aug 2022 02:51:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 647515
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 13848
ghost-fastly: true
x-served-by: static-web-1
ghost-cache: MISS
expires: Sat, 17 Sep 2022 02:51:22 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV8o3cH7hCw2mDb49UjeGdEskknDfG0H5njWfML5UT%2FftyVggRFRcGtxPUBgQuI9nyMEhUQyAR4Qiaxm5T6QIlujESSIDd5g2MVnkZt1WdyEByjDIPX8ooz%2BPNtS4cv%2BAJj6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: xfnUDH7TfSsxSym7DW6yiy6-ZeoA5ByHdqLqA6KEutqojq0fDjTS7g==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 10 KB
11 KB 27ms
26ms Image
image/jpeg 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F05%2FSplash-Template-1.jpg&key=J7A-_MSqWvypjTIjItPeIw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a8e45f17f2e9bdbf37860c954334e2b473c994c4ef93beb9d40c3f260830ca50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Thu, 28 Jul 2022 10:23:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2436798
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 10659
ghost-fastly: true
x-served-by: static-web-1
ghost-cache: MISS
expires: Sat, 27 Aug 2022 10:23:06 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeMp5E1ALLWYq5alIKKBmFQL3AKkVl5pFA3Ppr3lNID4bknY%2FO0mlPqikhdHkJO2llPvbyduXb7uXmMhs2h7jdLRqQR8hzCWJEIVhFOxyF2WQGgmJNUaIibGBV2DB%2F8BaUNd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: cNq0QXiv_LOvYSkITpZDkGUTdB2UDAW2WE4h6uThzSczfvFBbhtDNA==
x-cache-hits: 0

GET
H2 200 get
c.disquscdn.com/ Frame F28F 768 B
2 KB 28ms
27ms Image
image/png 2600:9000:236e:0:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.troyhunt.com%2Fcontent%2Fimages%2F2022%2F06%2FArtboard-1.png&key=kImrQHxYkegG4c5HzmyYEA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:0:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

20b09bfac128d25a41c3c638757958e390f5a78a093c70a68b663ab6ccaff27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

ghost-age: 0
date: Wed, 03 Aug 2022 07:12:37 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1927840
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
status: 200 OK
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 768
ghost-fastly: true
x-served-by: static-web-2
ghost-cache: MISS
expires: Fri, 02 Sep 2022 07:12:37 GMT
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNz3DmKbaw9csQhqpNXyYXdGu8tpHvs5QI4lGFZmTQsSlDqhfWBXrEow%2FU688ar9DpN9ZJDsx1UzYjfbS4nfiq0OQcbm7BtP34FFFrwhwuEuA54x1KxlbfNQaWGZTiDkv9ER"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: UavSg9lN1IH21XUvY-ZuvLONM4NpN16OEXbhh50z7LjBt8jcO9GnHA==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 14ms
14ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H2 200 noavatar92.png
a.disquscdn.com/1660573036/images/ Frame E0DB 2 KB
2 KB 14ms
13ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1660573036/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.bbe4b8346a5647402379a02c518a1514.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 14:43:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 844959
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-P2
content-length: 1644
x-amz-cf-id: T6TsHE0BWInDWVcfPApU7Q_T3BEhqm8O8AqtJXWzLdFaBaADm-dNvA==
expires: Wed, 14 Sep 2022 20:00:38 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ Frame 3B7A 43 B
135 B 203ms
203ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661438597324%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22troyhunt%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22troyhunt%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2ce14a46402b%3A1660602685002%22%2C%22item_ids%22%3A%5B%221040634067018895360%22%5D%2C%22item_details%22%3A%7B%221040634067018895360%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 184
date: Thu, 25 Aug 2022 14:43:16 GMT
last-modified: Thu, 25 Aug 2022 14:43:17 GMT
server: tsa_o
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: ab66268e1601ff4cc115c63b0c13ffce13c0165d2b6677806e3b8226f449a6f4
strict-transport-security: max-age=631138519
content-length: 43

GET
H2 200 RxIZwxXx_normal.jpg
pbs.twimg.com/profile_images/824723579602403330/ Frame 3B7A 2 KB
2 KB 80ms
22ms Image
image/jpeg 2a04:4e42:62::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/824723579602403330/RxIZwxXx_normal.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:62::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Thu, 26 Jan 2017 20:57:58 GMT
date: Thu, 25 Aug 2022 14:43:17 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 2035
x-served-by: cache-lhr7357-LHR, cache-hhn11562-HHN, cache-tw-ZZZ1

POST
H3 201 enforce
troyhunt.report-uri.com/r/d/csp/ Frame 816B 0
667 B 38ms
38ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://troyhunt.report-uri.com/r/d/csp/enforce

Requested by

Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 25 Aug 2022 14:43:17 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 74051962fdeb917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 605A 28 B
54 B 36ms
36ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc0c6770/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-Goog-Request-Time: 1661438598684
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EhmekYj1pIY
X-YouTube-Client-Version: 1.20220823.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5Znc4bDdkTjBzdyiDlZ6YBg%3D%3D
X-YouTube-Ad-Signals: dt=1661438596217&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C930%2C480&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 25 Aug 2022 14:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 25 Aug 2022 14:43:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: troyhunt.report-uri.com
URL: https://troyhunt.report-uri.com/r/d/csp/enforce

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coinhive.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: fd34cb76b22f264ed6a5325a9e27401ed60bac4e9d6c8197b52ed7b182d7381e
.troyhunt.com/	1970-01-20 15:06:38	Name: _ga Value: GA1.2.756107707.1661438596
.troyhunt.com/	1970-01-20 05:32:04	Name: _gid Value: GA1.2.2144732652.1661438596
.troyhunt.com/	1970-01-20 05:30:38	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vMd15_ecONs
.youtube.com/	1970-01-20 09:49:50	Name: VISITOR_INFO1_LIVE Value: yfw8l7dN0sw
disqus.com/	1970-01-20 05:30:40	Name: __jid Value: 19e5m4913jnjko
.disqus.com/	1970-01-20 14:16:14	Name: disqus_unique Value: 19e5ma92gicmph

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com www.google-analytics.com stats.g.doubleclick.net syndication.twitter.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src disqus.com c.disquscdn.com www.google.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com; img-src 'self' c.disquscdn.com referrer.disqus.com stats.g.doubleclick.net www.google-analytics.com www.gstatic.com syndication.twitter.com platform.twitter.com www.gravatar.com .twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com www.google.com www.google-analytics.com www.gstatic.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ 'sha256-dblwN9MUF0KZKfqYU7U9hiLjNSW2nX1koQRMVTelpsA=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg=' unpkg.com/@tryghost/; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com fonts.googleapis.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com; form-action .twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
bloghelpers.troyhunt.com
c.disquscdn.com
cdn.syndication.twimg.com
cdnjs.cloudflare.com
coinhive.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pbs.twimg.com
platform.twitter.com
referrer.disqus.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
troyhunt.disqus.com
troyhunt.report-uri.com
unpkg.com
www.google-analytics.com
www.google.com
www.gravatar.com
www.gstatic.com
www.troyhunt.com
www.youtube.com
yt3.ggpht.com
troyhunt.report-uri.com
104.244.42.136
151.101.128.134
199.232.192.134
199.232.194.49
199.232.196.134
2600:9000:236e:0:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3030::ac43:ddf5
2606:4700:3032::6815:2e06
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6811:b658
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2016
2a00:1450:4001:810::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c03::9b
2a04:4e42:62::159
2a04:fa87:fffe::c000:4902
2a06:98c1:3120::3
00f42fa843b0f3ddc9f8028adfe75a3223a3810de9aad23fba78f9f61d09ac28
04d805cf6b74dbc28de8c916eb53f9d7d84e36ae2efdb0b04c7a8e321b2bf0c6
0e9ecffad6aeace8f37aa9240e4fe7723c700439ad2c0c253984a52c7775c8ad
13c7b28c37b904487bbb8c5eaf5eec02d37f29023a928ccf8e28ab0efe37479b
1a8e7bd776bcbd098f4f6807e6c0db2b9ae5322a4c0794d3dbe359752bbbd3d0
20b09bfac128d25a41c3c638757958e390f5a78a093c70a68b663ab6ccaff27b
234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595
236e7cfee17c1cccf09e9472feba449c9af88c53f175257bbccf57df8099150c
23ca344f4c79cfe310d2126ea0ddf6c46a75c0fd0a9f6226ea12f2aad3247b18
283a14954a1ebd15643fed83d48df27e24b13104696d6b87aa4fa206ec8ec28f
2d61dcce14850e4193dc60094756e5c2fbc8df63cca0b66de6dd9629a4c83baf
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37916b0c48fadfceebfbfb1777c42d5454209ccad3cf78db4a5565b32b53453e
3815765462ce5a8e13c6398554cc1f44263ccf791418572900056dadffe91231
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
406ab5fa1dc496e6e7aa80ff16a4e581ec3145634cfdbb27862c16d49016e721
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a00637aa353e2f5120dff7d29ab6b2997f2edee0ac7b80792a82ef03a804548
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4e828a3f983bc0afc3dcd0ad2660e759b6d2043ca91bd7d5b42602597eaae274
4f5f83f16ff6c285c5f586acaa48c8f986445963cfff1e7f500f95a1689a08dc
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
543f1e90e16b91657384920db11d373b377d4e152e1b9081099f7c6ed7de5765
546696214adcbc74f1b30e84ecd217c7e9b362a807cea623935ea187f4f0cec0
56f2aa398d8a8717124151ec6957af00458a6fa4fa65535c36512a7414713098
599727f9375ea81fd9ce5afad8fe8e31aaabb2313b4d68e41de6960551aa3b07
5e67fedd0fda2e86c3e76c9883197fcba04bdf0632127dac691ab363f3531b34
6237c600274f21d9321d0394a0ba9e0dbb1e439c747b7890c04b617e3ee0aca9
64cee676a611b27aca955c5e227666f9d955682512ec25b982bd5e2f92eb61dd
6760db566749a917a6212d4050188ce60d5d2ac78f9c18e55ac53172aeaae940
67636d141ccaeec3ef7f9a92fea05923ba4f8c5b0a098da0ce4cbfd1758117bf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691224c0b568bf05db95ac7c3a4118892068cc0ec19e496fe099c7bd62c64410
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
739c422c7bc097749c42bcdb10cd9fcd93c7204987d7ad0808b27310ac95eb51
7837d484887511c41986fb59a5d48849873733069ebcc0b2757962a447437d5a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d1b71ef71d6565ec12e32c175f345c6b59cb14a06c9749fd489860c872d261c
81aad3905d151c7fe1e08358b674cb892f6e948f36655e310369aa26e10da1a7
857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
90f18a12c5a68343d594a9979f223a767cbc605d471e472d76d19a3dc9d838fb
94d6cf2810716bc417e93ea855cd83622b7ca1e2fd96fdf8c36154ac493a84e2
955ce104740b084bf508227d36801bb475235b7de0191428e7053df2311865bc
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9b96fe0a7d9b194599c4a2982ba5efb84aa3999dae35fd93cc1c7e64659e20b4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a8e45f17f2e9bdbf37860c954334e2b473c994c4ef93beb9d40c3f260830ca50
abbedb4bceab87f716904cad78d5f39a38317673b5d19286bb7cb039f1f0ffc3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9407164b436e63c470306e2cbd460bebcbcfe75ad1658f27491f58464df7f5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b086dc80b7682d9c831f918566694d9ea4f078c382efaf6a4b2509b7236365f9
b64c04792edbe427b98b645d32df75732e5424d3a6d1e840173584dc211aa034
b6bcb438bde380c06e723584e069f13e39d3dc90771e4f7c1a8acfe7cb1821fd
b6e811682784831e4aa26e7320f91057e861aab4db0f1e8b55bac8a5a19d329e
b79190512d658c86ffed8986c98a8709da27cd4eabe12c8528ebbe26dc369188
b8a641689b38fa201a897a7c2eac93ea317e49a05b7751d96a59e8afebe89520
b8c8c6f9bb5378fba2497c48998eaf586e53ada5a7aef20e8712890e35b72322
ba29b730d69c2353e3a3d6347b2da26d0a6ef9eff2a4bb2e7c99f470af05831a
ba3afdb452b07eb8d7fbabc739f6744ca03dbf47256bcbcb9a7aabed1cdc040a
bd12d05fdd69aa3f07360894560e0bc1be44fdce5be16d0636616d5734ae2109
c147933ff645590f163edd3a82c3aec0241fea210956062f76ce03641c7edeef
c46dad97fbe6c22b941cb28882308b86fc8294511660388fa6d8f8d5ee51f799
c6cebe59bf355fb43ee919ef2daae472bf91f081fc809fb70b2291786bf60467
c9fb00faffe841e0eb30c2f66fd11b313d0c0606ce495bdd4a4ee61066c9e069
caaa2e63ec08517897a85093ab844e85d5f617de24e3d5612fc2e113d9484791
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f
e3ae0f120f30b95b1bc51b7440fb005c41cfc4560e3701763552c07b03a55a46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e418e7ad29f5e9d38b457ee03674e35089e4c7b1943dc9d7c3f0a4f9ffa634c8
e5f6611b40478952ace0197006c5df950a84fc19bfd8af85817126c0f252ade0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2
fcd49342e0924719a2cd2042479cb3ae87ab942ae737b3351ca33772d1f8e53f
fcdefaf5c3f143b4a31cd7b499fdbcce2c73411684bd15d57c0d5f956567cb83

www.troyhunt.com Open in urlscan Pro 2606:4700:3030::ac43:ddf5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

97 %HTTPS

82 %IPv6

18 Domains

28 Subdomains

28 IPs

4 Countries

3414 kBTransfer

8029 kBSize

8 Cookies

44 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.troyhunt.com Open in urlscan Pro
2606:4700:3030::ac43:ddf5 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

97 %
HTTPS

82 %
IPv6

18
Domains

28
Subdomains

28
IPs

4
Countries

3414 kB
Transfer

8029 kB
Size

8
Cookies

107 HTTP transactions
1 data transactions