Submitted URL: http://www.phart.org.uk/
Effective URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-con...
Submission: On August 10 via manual from GB — Scanned from GB

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 48 HTTP transactions. The main IP is 104.18.25.41, located in and belongs to . The main domain is www.troyhunt.com.
TLS certificate: Issued by WE1 on June 22nd 2024. Valid for: 3 months.
This is the only time www.troyhunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
16 www.troyhunt.com 1 redirects coinhive.com
www.troyhunt.com
cdn.jsdelivr.net
static.cloudflareinsights.com
6 troyhunt.ghost.io cdn.jsdelivr.net
4 cdn.jsdelivr.net www.troyhunt.com
4 platform.twitter.com www.troyhunt.com
platform.twitter.com
3 cdnjs.cloudflare.com www.troyhunt.com
cdnjs.cloudflare.com
2 disqus.com troyhunt.disqus.com
2 region1.google-analytics.com www.googletagmanager.com
2 troyhunt.disqus.com www.phart.org.uk
troyhunt.disqus.com
2 www.phart.org.uk
1 bloghelpers.troyhunt.com www.phart.org.uk
1 www.gravatar.com www.troyhunt.com
1 www.googletagmanager.com www.troyhunt.com
1 static.cloudflareinsights.com www.troyhunt.com
1 www.youtube.com www.troyhunt.com
1 gratyfikantgt.info www.phart.org.uk
1 freeresultsguide.com www.phart.org.uk
1 searchmagnified.com 1 redirects
1 coinhive.com www.phart.org.uk
48 18

This site contains links to these domains. Also see Links.

Domain
www.troyhunt.com
Subject Issuer Validity Valid
coinhive.com
WE1
2024-07-05 -
2024-10-03
3 months crt.sh
gratyfikantgt.info
R10
2024-08-10 -
2024-11-08
3 months crt.sh
troyhunt.com
WE1
2024-06-22 -
2024-09-20
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-08 -
2025-07-07
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-05 -
2025-01-04
a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-16 -
2025-04-16
a year crt.sh
ghost.io
R10
2024-06-17 -
2024-09-15
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Frame ID: D3CD21F06DBDC7A13402571C3895171F
Requests: 38 HTTP requests in this frame

Frame: http://freeresultsguide.com/?dn=www.phart.org.uk&pid=1POZ5NV7A
Frame ID: F23669F8FDA84ABB72BDAAEBA28D902C
Requests: 1 HTTP requests in this frame

Frame: https://gratyfikantgt.info/grafika/favicon.ico
Frame ID: 38305427BB37831FE5C4CAF3D751D4C1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EhmekYj1pIY
Frame ID: 4E77EF9B2D32F09E1340294D336A2B71
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.troyhunt.com
Frame ID: 880D7F87C6D7AE09D19F4B4790236238
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Frame ID: EEF5C231DC86873F0795810C060D3B5C
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Frame ID: 3F145F5F8720183946E44FA7F9BDF199
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=21292bbadcaee6954a2da02759e98dc19136387d&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 93FE7D189635D9E76657DED977981AA4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Coming Soon...

Page URL History Show full URLs

  1. http://www.phart.org.uk/ HTTP 307
    https://www.phart.org.uk/ HTTP 307
    http://www.phart.org.uk/ Page URL
  2. https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... HTTP 301
    https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • coinhive\.com/lib

Page Statistics

48
Requests

94 %
HTTPS

56 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

1235 kB
Transfer

4142 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.phart.org.uk/ HTTP 307
    https://www.phart.org.uk/ HTTP 307
    http://www.phart.org.uk/ Page URL
  2. https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies HTTP 301
    https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.phart.org.uk/ HTTP 307
  • https://www.phart.org.uk/ HTTP 307
  • http://www.phart.org.uk/
Request Chain 2
  • http://searchmagnified.com/?dn=www.phart.org.uk&pid=1POZ5NV7A HTTP 302
  • http://freeresultsguide.com/?dn=www.phart.org.uk&pid=1POZ5NV7A

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.phart.org.uk/
Redirect Chain
  • http://www.phart.org.uk/
  • https://www.phart.org.uk/
  • http://www.phart.org.uk/
1 KB
1004 B
Document
General
Full URL
http://www.phart.org.uk/
Protocol
HTTP/1.1
Server
212.159.9.152 Wokingham, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
www.users.globalnet.co.uk
Software
Apache /
Resource Hash
459ef3f6bd1e6f971d048a7828dbd772c92755a5909e588b0a0da3eefc08308e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
677
Content-Type
text/html
Date
Sat, 10 Aug 2024 16:57:42 GMT
ETag
"468-5a5c777255290-gzip"
Keep-Alive
timeout=15, max=100
Last-Modified
Sat, 16 May 2020 17:43:19 GMT
Server
Apache
Vary
Host,Accept-Encoding

Redirect headers

Location
http://www.phart.org.uk/
Non-Authoritative-Reason
HttpsUpgrades
coinhive.min.js
coinhive.com/lib/
2 KB
1 KB
Script
General
Full URL
https://coinhive.com/lib/coinhive.min.js
Requested by
Host: www.phart.org.uk
URL: http://www.phart.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88

Request headers

Referer
http://www.phart.org.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Nov 2021 00:44:41 GMT
server
cloudflare
etag
"806233d282cfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
8b1186cc492e941b-LHR
content-length
1115
/
freeresultsguide.com/ Frame F236
Redirect Chain
  • http://searchmagnified.com/?dn=www.phart.org.uk&pid=1POZ5NV7A
  • http://freeresultsguide.com/?dn=www.phart.org.uk&pid=1POZ5NV7A
0
0
Document
General
Full URL
http://freeresultsguide.com/?dn=www.phart.org.uk&pid=1POZ5NV7A
Requested by
Host: www.phart.org.uk
URL: http://www.phart.org.uk/
Protocol
HTTP/1.1
Server
208.91.196.4 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://www.phart.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Aug 2024 16:57:25 GMT
Keep-Alive
timeout=5, max=128
Permissions-Policy
ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Transfer-Encoding
chunked
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_P9Imse1KdjuNz6o3UaEqx1U18E2JHbBlD/fW+uvaXFG0OOjGYOZHEB9zssu0Q7MChh2kdcv2h7eu3hteMeEXzw==

Redirect headers

Accept-CH
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
Keep-Alive
Content-Length
250
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 10 Aug 2024 16:57:25 GMT
Keep-Alive
timeout=5, max=128
Location
http://freeresultsguide.com/?dn=www.phart.org.uk&pid=1POZ5NV7A
Permissions-Policy
ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
favicon.ico
gratyfikantgt.info/grafika/ Frame 3830
0
0
Document
General
Full URL
https://gratyfikantgt.info/grafika/favicon.ico
Requested by
Host: www.phart.org.uk
URL: http://www.phart.org.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.52 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash

Request headers

Referer
http://www.phart.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 10 Aug 2024 16:57:44 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_PgZvuPS9rLnmIdiAtgbxAFLbJH6muYW5sgJKKVW7/pEjBHMnsuCJ2O3o94pgPQMZh6TXT4ID61t+DJqXR8AIYg==
x-buckets
bucket011
x-domain
gratyfikantgt.info
x-forwarded-host
gratyfikantgt.info
x-language
german
x-ssl-c
v1
x-ssl-proxy
v2
x-subdomain
x-template
tpl_CleanPeppermintBlack_twoclick
favicon.ico
www.phart.org.uk/
196 B
398 B
Other
General
Full URL
http://www.phart.org.uk/favicon.ico
Protocol
HTTP/1.1
Server
212.159.9.152 Wokingham, United Kingdom, ASN6871 (PLUSNET UK Internet Service Provider, GB),
Reverse DNS
www.users.globalnet.co.uk
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer
http://www.phart.org.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 10 Aug 2024 16:57:47 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
Primary Request /
www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Redirect Chain
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies
  • https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
68 KB
22 KB
Document
General
Full URL
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Requested by
Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b175ad47d7799092afa0c24e9bdae6efe870f708251ee41e12829cb7a0c907
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer
http://www.phart.org.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
8b118707ecaabea1-LHR
content-encoding
br
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=utf-8
date
Sat, 10 Aug 2024 16:57:52 GMT
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
expires
Sat, 10 Aug 2024 20:57:52 GMT
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
nel
{"report_to":"default","max_age":10886400}
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server
cloudflare
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
20, 0
x-content-type-options
nosniff
x-request-id
fa31b031-3b57-4376-adcf-15e3416fa8b5
x-served-by
cache-ams21063-AMS, cache-lcy-eglc8600058-LCY
x-timer
S1723309073.645961,VS0,VE1
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Redirect headers

age
2565983
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
8b1187077c53bea1-LHR
content-length
0
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
date
Sat, 10 Aug 2024 16:57:52 GMT
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
expires
Sun, 10 Aug 2025 16:57:52 GMT
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
location
/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
nel
{"report_to":"default","max_age":10886400}
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
server
cloudflare
status
301 Moved Permanently
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
45, 0
x-content-type-options
nosniff
x-request-id
edc52cfe-0138-408f-b4cb-6a15487e16d6
x-served-by
cache-ams2100128-AMS, cache-lcy-eglc8600098-LCY
x-timer
S1720743090.666756,VS0,VE7
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
main.min.css
www.troyhunt.com/assets/css/
26 KB
7 KB
Stylesheet
General
Full URL
https://www.troyhunt.com/assets/css/main.min.css?v=bb52dc1782
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
777cce45fc6263382451ea803a5d8f90ec653bc12c38631c85c44a4e54d00aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
via
1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
367327
x-cache
HIT
status
200 OK
x-cache-hits
1
alt-svc
h3=":443"; ma=86400
content-length
6612
ghost-fastly
true
x-request-id
55fad88b-c1c1-4913-b430-4541095e7ba2
x-served-by
cache-ams2100108-AMS
last-modified
Sat, 09 Dec 2023 03:15:30 GMT
server
cloudflare
x-timer
S1722941710.135640,VS0,VE2
etag
W/"68a3-18c4c92ad0f"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b1187086d26bea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
175556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGTJGyJebzudAIPYUu5VRDG9k8j85Ibewt5hw%2FBcjFQTQpZMLxD2AMmCx9IZvOwY0KSOT3i%2BmFI4Ygq%2BGvwCxB5zSJEWO%2F8bcOTs1sT3G3QvO%2F%2FP8EU1gFAl5fqZhOCELXcClk8z"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b118708c8975279-LHR
expires
Thu, 31 Jul 2025 16:57:52 GMT
cards.min.css
www.troyhunt.com/public/
39 KB
7 KB
Stylesheet
General
Full URL
https://www.troyhunt.com/public/cards.min.css?v=bb52dc1782
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2f0d1fe6073569e59003ed08a146b1c0e0c58a8608a2e6d87dac42ab679b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
163661
x-cache
HIT, MISS
status
200 OK
x-cache-hits
6, 0
alt-svc
h3=":443"; ma=86400
content-length
6797
ghost-fastly
true
x-request-id
384ff4b4-0d0c-46b9-aa2a-8bb7b3e343db
x-served-by
cache-ams2100102-AMS, cache-lcy-eglc8600071-LCY
server
cloudflare
x-timer
S1722941710.876789,VS0,VE9
etag
W/"bab5aee254a903a07ef4673e8e2e18c5"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b1187086d29bea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
EhmekYj1pIY
www.youtube.com/embed/ Frame 4E77
0
0
Document
General
Full URL
https://www.youtube.com/embed/EhmekYj1pIY
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Aug 2024 16:57:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Logo-2.svg
www.troyhunt.com/content/images/2017/11/
4 KB
2 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2017/11/Logo-2.svg
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2565757
x-cache
HIT, HIT
status
200 OK
x-cache-hits
5, 0
alt-svc
h3=":443"; ma=86400
content-length
1846
ghost-fastly
true
x-request-id
995368f0-3630-4b3a-8ed8-f35862a794b0
x-served-by
cache-ams21028-AMS, cache-lcy-eglc8600087-LCY
last-modified
Wed, 01 Nov 2017 08:13:50 GMT
server
cloudflare
x-timer
S1720743316.607486,VS0,VE2
etag
W/"ff3-15f76a4c508"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b118708ad5bbea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
rocket-loader.min.js
www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 06 Aug 2024 10:19:48 GMT
server
cloudflare
content-encoding
gzip
etag
W/"66b1f8c4-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8b118708ad5ebea1-LHR
expires
Mon, 12 Aug 2024 16:57:52 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8b1187093d0d769e-LHR
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c -, , ASN (),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 10 Aug 2024 16:57:53 GMT
Content-Encoding
gzip
Age
844
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/668D)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
311 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a0a508af82b53598aa6bd5263960828f4d2bdbd7be4aa56d08a4f797ff5a179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 10 Aug 2024 16:57:53 GMT
member-attribution.min.js
www.troyhunt.com/public/
2 KB
1 KB
Script
General
Full URL
https://www.troyhunt.com/public/member-attribution.min.js?v=bb52dc1782
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dbfe9b021eb47cc7899ef34e5d48983563b0fff331e9740bacdc614e21ffd1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
367326
x-cache
HIT, MISS
status
200 OK
x-cache-hits
8, 0
alt-svc
h3=":443"; ma=86400
content-length
780
ghost-fastly
true
x-request-id
d397d90b-0d8d-4fc4-96a2-ea45fa8124fd
x-served-by
cache-ams21046-AMS, cache-lcy-eglc8600098-LCY
server
cloudflare
x-timer
S1722941746.290272,VS0,VE9
etag
W/"d3835a893b20615fbdbecc7c556ae8dc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b1187096e09bea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
cards.min.js
www.troyhunt.com/public/
7 KB
2 KB
Script
General
Full URL
https://www.troyhunt.com/public/cards.min.js?v=bb52dc1782
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
367326
x-cache
HIT, MISS
status
200 OK
x-cache-hits
9, 0
alt-svc
h3=":443"; ma=86400
content-length
1582
ghost-fastly
true
x-request-id
e3e5a207-d0cc-46c3-921e-cb153f229e0e
x-served-by
cache-ams21063-AMS, cache-lcy-eglc8600055-LCY
server
cloudflare
x-timer
S1722941746.292296,VS0,VE11
etag
W/"431228c753b74a6958600d170f921e6d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b1187096e0abea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
sodo-search.min.js
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/
197 KB
61 KB
Script
General
Full URL
https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Aug 2024 16:57:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
9827
x-jsd-version
1.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
62368
x-served-by
cache-fra-etou8220075-FRA, cache-lon420142-LON
x-jsd-version-type
version
etag
W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
timing-allow-origin
*
portal.min.js
cdn.jsdelivr.net/ghost/portal@~2.37/umd/
1 MB
246 KB
Script
General
Full URL
https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
59aa7f85c64b6bfd0e494c20b8f555fb4af3a61eabca935550f8d7643bee3ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Aug 2024 16:57:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
18586
x-jsd-version
2.37.10
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
251859
x-served-by
cache-fra-etou8220116-FRA, cache-lon420142-LON
x-jsd-version-type
version
etag
W/"1189bd-zKB54yGOEE4HA0Fax8znJDJ3Nio"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
timing-allow-origin
*
2021-03-29_17-11-30.png
www.troyhunt.com/content/images/2021/03/
271 KB
272 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2021/03/2021-03-29_17-11-30.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
45aa2c72c9cc30f0903311c732dd73cbe9b701c8d6691a48b071bed2178997b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
age
168766
cf-polished
origFmt=png, origSize=392979
x-cache
HIT, HIT
status
200 OK
x-cache-hits
60, 0
content-disposition
inline; filename="2021-03-29_17-11-30.webp"
alt-svc
h3=":443"; ma=86400
content-length
277858
ghost-fastly
true
x-request-id
d3160a57-9f65-433b-822f-01789dc68b61
x-served-by
cache-ams2100089-AMS, cache-fra-eddf8230084-FRA
last-modified
Mon, 29 Mar 2021 08:02:26 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
x-timer
S1721845771.717521,VS0,VE2
etag
W/"5ff13-1787d016583"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b1187096e0ebea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
c5531bfb7d76cdaa370c7baf6053288d
www.gravatar.com/avatar/
14 KB
14 KB
Image
General
Full URL
https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2

Request headers

Referer
https://www.troyhunt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc
HIT lhr 3
date
Sat, 10 Aug 2024 16:57:52 GMT
last-modified
Thu, 09 Dec 2021 09:20:52 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="c5531bfb7d76cdaa370c7baf6053288d.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c5531bfb7d76cdaa370c7baf6053288d?s=250&d=mm&r=x>; rel="canonical"
content-length
14191
alt-svc
h3=":443"; ma=86400
expires
Sat, 10 Aug 2024 17:02:52 GMT
normal.woff2
www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/400/
25 KB
25 KB
Font
General
Full URL
https://www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/400/normal.woff2
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8e968bf7c38b4daa1237fc8b177f917857aa3e92f772536fa6d004d40cea7a7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8b118709be61bea1-LHR
alt-svc
h3=":443"; ma=86400
content-length
25644
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/
115 KB
115 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
117372
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-1ca7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5BnGdOC3QzlOCoDiJuLChq2mQ9I80GZzeLJQAOJ48G9dXD6f3wRSrutJ%2FG%2Bxf7EkgObt1ELZw7%2FDBQBT7Cux62BBFH7CTFkKNgFcX0A7DZcajh2h3rQF4qe9wv4OTrxrKSeRurZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b118709b9445279-LHR
expires
Thu, 31 Jul 2025 16:57:52 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/
153 KB
153 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
244891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzTiFjaNsLCM7KxNOT49dPglujwkRmFNJ%2FMG2J1d0ufPR57DTacr41PJmG89A%2BYlVF6NfWWH0LhLOkHUato%2FJnxxKkhAB5ILqnXgSBlv%2F80n3LsoZnhQWPxKEj2bciMywWl2SF9E"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b118709b9485279-LHR
expires
Thu, 31 Jul 2025 16:57:52 GMT
italic.woff2
www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/400/
25 KB
25 KB
Font
General
Full URL
https://www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/400/italic.woff2
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
870f57e1f241d2592f489802c86cb3acce1ce3de6573cfcfeba545df404781fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8b118709be63bea1-LHR
alt-svc
h3=":443"; ma=86400
content-length
25824
normal.woff2
www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/700/
27 KB
27 KB
Font
General
Full URL
https://www.troyhunt.com/cf-fonts/s/vollkorn/5.0.18/latin/700/normal.woff2
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
40aa8ddbea69ae0f3219d023bfec811ea721bf91de9554e278512a2366bcf7a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8b118709be65bea1-LHR
alt-svc
h3=":443"; ma=86400
content-length
27196
image-60.png
www.troyhunt.com/content/images/2021/03/
13 KB
14 KB
Image
General
Full URL
https://www.troyhunt.com/content/images/2021/03/image-60.png
Requested by
Host: www.troyhunt.com
URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd867f757952f750817be355028ff737e4e3df2ed7d2ff2f0715314df3cad94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
age
2565757
cf-polished
origFmt=png, origSize=24853
x-cache
HIT, HIT
status
200 OK
x-cache-hits
22, 0
content-disposition
inline; filename="image-60.webp"
alt-svc
h3=":443"; ma=86400
content-length
13600
ghost-fastly
true
x-request-id
48997a36-0d70-44ad-984e-83d7d95e6d9b
x-served-by
cache-ams2100094-AMS, cache-lcy-eglc8600046-LCY
last-modified
Wed, 31 Mar 2021 02:18:38 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
x-timer
S1720743316.962551,VS0,VE1
etag
W/"6115-17886135c00"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b118709be5fbea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:52 GMT
BlogData
bloghelpers.troyhunt.com/api/
296 B
700 B
XHR
General
Full URL
https://bloghelpers.troyhunt.com/api/BlogData
Requested by
Host: www.phart.org.uk
URL: http://www.phart.org.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
81174a47d8976f778ad4eef870dca05cc104326fafa1c1720e94ce08a5a1577c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
476
alt-svc
h3=":443"; ma=86400
content-length
339
request-context
appId=cid-v1:2126186f-f3a8-4540-9c69-e6eb72430007
last-modified
Sat, 10 Aug 2024 15:51:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8b11870f3d596511-LHR
expires
Sat, 10 Aug 2024 20:57:53 GMT
embed.js
troyhunt.disqus.com/
80 KB
26 KB
Script
General
Full URL
https://troyhunt.disqus.com/embed.js
Requested by
Host: www.phart.org.uk
URL: http://www.phart.org.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f34f159c26a7b054d113d43c8f2b4a10b9f537b466dafe63744be589131f8427
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 10 Aug 2024 16:57:54 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
0
Vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
26325
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 880D
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.troyhunt.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c -, , ASN (),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
11976621
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Aug 2024 16:57:53 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
portal.min.js
cdn.jsdelivr.net/ghost/portal@~2.37/umd/
1 MB
72 B
Other
General
Full URL
https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
59aa7f85c64b6bfd0e494c20b8f555fb4af3a61eabca935550f8d7643bee3ffa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
18587
x-jsd-version
2.37.10
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
251859
x-served-by
cache-lon420142-LON
x-jsd-version-type
version
etag
W/"1189bd-zKB54yGOEE4HA0Fax8znJDJ3Nio"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
timing-allow-origin
*
/
www.troyhunt.com/members/api/member/
0
0
Fetch
General
Full URL
https://www.troyhunt.com/members/api/member/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:53 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":10886400}
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; connect-src 'self' api.passwordpurgatory.com bloghelpers.troyhunt.com links.services.disqus.com syndication.twitter.com troyhunt.ghost.io *.google-analytics.com *.privacymanager.io; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com; frame-src www.linkedin.com disqus.com c.disquscdn.com www.youtube.com player.vimeo.com twitter.com platform.twitter.com syndication.twitter.com omny.fm pastebin.com www.google.com; img-src 'self' c.disquscdn.com referrer.disqus.com syndication.twitter.com platform.twitter.com www.gravatar.com *.twimg.com data:; script-src 'self' passwordpurgatory.com c.disquscdn.com disqus.com troyhunt.disqus.com cdnjs.cloudflare.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/troyhunt/ cdn.jsdelivr.net/ghost/ www.googletagmanager.com *.privacymanager.io www.google.com www.gstatic.com static.cloudflareinsights.com 'sha256-26FfYB0WAsKHsnA92jxqaHCDCNo7MV3NrLe1wgLwuI4=' 'sha256-4JqPqO/eQLWuWw1AE7dCvI9hPwiBcw0gy7uoLqS0ncg='; style-src 'self' 'unsafe-inline' c.disquscdn.com cdnjs.cloudflare.com platform.twitter.com ton.twimg.com assets-cdn.github.com github.githubassets.com fonts.googleapis.com; form-action *.twitter.com; media-src 'self'; prefetch-src 'self' c.disquscdn.com disqus.com; frame-ancestors 'self' troyhunt.ghost.io; upgrade-insecure-requests; report-uri https://troyhunt.report-uri.com/r/d/csp/enforce
x-cache
HIT
status
204 No Content
alt-svc
h3=":443"; ma=86400
ghost-fastly
true
x-request-id
f6dc1921-3de6-44d2-ad3d-f3900b86361d
x-served-by
cache-ams2100105-AMS
x-xss-protection
1; mode=block; report=https://troyhunt.report-uri.com/r/d/xss/enforce
referrer-policy
no-referrer-when-downgrade
server
cloudflare
x-timer
S1723309074.829310,VS0,VE1
expect-ct
max-age=0, report-uri=https://troyhunt.report-uri.com/r/d/ct/reportOnly
vary
Cookie, Accept-Encoding
report-to
{"group":"default","max_age":10886400,"endpoints":[{"url":"https://troyhunt.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-origin
*
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ghost-cache
MISS
cf-ray
8b11870f3beabea1-LHR
x-cache-hits
0
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B895JNTH7Z&gtm=45je4880v896774953za200&_p=1723309073711&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=120955239.1723309074&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723309073&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dr=http%3A%2F%2Fwww.phart.org.uk%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1324
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Aug 2024 16:57:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.troyhunt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MH977CGYFX&gtm=45je4880v896774953za200&_p=1723309073711&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=120955239.1723309074&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723309073&sct=1&seg=0&dl=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&dr=http%3A%2F%2Fwww.phart.org.uk%2F&dt=Troy%20Hunt%3A%20I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B895JNTH7Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Aug 2024 16:57:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.troyhunt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodo-search.min.js
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/
197 KB
22 B
Other
General
Full URL
https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Origin
https://www.troyhunt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
9828
x-jsd-version
1.1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
62368
x-served-by
cache-lon420142-LON
x-jsd-version-type
version
etag
W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
timing-allow-origin
*
Troy-Hunt-LM-0059_square.png
www.troyhunt.com/content/images/size/w256h256/2021/12/
23 KB
23 KB
Other
General
Full URL
https://www.troyhunt.com/content/images/size/w256h256/2021/12/Troy-Hunt-LM-0059_square.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
da2707a57c71bda49d413911629b71696e3234742e537a1adfa61dc7f62a3286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
x-content-type-options
nosniff
age
173470
cf-polished
origFmt=png, origSize=30076
x-cache
HIT, HIT
status
200 OK
x-cache-hits
38, 1
content-disposition
inline; filename="Troy-Hunt-LM-0059_square.webp"
alt-svc
h3=":443"; ma=86400
content-length
23188
ghost-fastly
true
x-request-id
80cca811-2d65-4eea-9b1b-686ce7f43401
x-served-by
cache-ams12762-AMS, cache-mad22059-MAD
last-modified
Tue, 15 Nov 2022 16:35:18 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
x-timer
S1710178070.383362,VS0,VE1
etag
W/"757c-1847c251fc3"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b11870f7c24bea1-LHR
ghost-cache
MISS
expires
Sun, 10 Aug 2025 16:57:53 GMT
rum
www.troyhunt.com/cdn-cgi/
0
142 B
XHR
General
Full URL
https://www.troyhunt.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 10 Aug 2024 16:57:53 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.troyhunt.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8b11870fcc74bea1-LHR
/
troyhunt.ghost.io/ghost/api/content/settings/ Frame
0
0
Preflight
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.troyhunt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
367417
alt-svc
clear
cache-control
public, max-age=0
content-version
v5.89
date
Sat, 10 Aug 2024 16:57:54 GMT
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
server
openresty
status
204 No Content
vary
Accept-Version, Access-Control-Request-Headers, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
43, 0
x-request-id
2a7c9fa5-db11-4459-a6ec-11b84eff2990
x-served-by
cache-ams21070-AMS, cache-lon4240-LON
x-timer
S1723309074.999397,VS0,VE1
/
troyhunt.ghost.io/ghost/api/content/settings/
2 KB
1 KB
Fetch
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/settings/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
d9f0ba4c8da3f75150a391e505570b14363c0ec15fc932870517914cdb72b88d

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
367412
x-cache
HIT, HIT
status
200 OK
content-version
v5.89
alt-svc
clear
content-length
905
ghost-fastly
true
x-request-id
b95ca911-774c-4dfb-9e80-f7dc63809fbc
x-served-by
cache-ams21074-AMS, cache-lon4240-LON
server
openresty
x-timer
S1723309074.050520,VS0,VE1
etag
W/"846-2M/Bb0AjHfIH6VOWDbYed9PT5hI"
vary
Accept-Version, Cookie, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
30, 0
/
troyhunt.ghost.io/ghost/api/content/tiers/ Frame
0
0
Preflight
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.troyhunt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
367417
alt-svc
clear
cache-control
public, max-age=0
content-version
v5.89
date
Sat, 10 Aug 2024 16:57:54 GMT
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
server
openresty
status
204 No Content
vary
Accept-Version, Access-Control-Request-Headers, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
39, 0
x-request-id
5824d0e1-0ccf-480e-8e93-d05339c13635
x-served-by
cache-ams21037-AMS, cache-lon4240-LON
x-timer
S1723309074.999377,VS0,VE2
/
troyhunt.ghost.io/ghost/api/content/tiers/
685 B
663 B
Fetch
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/tiers/?key=5e03cd80efbea6ff26214a466b&limit=all&include=monthly_price,yearly_price,benefits
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
367412
x-cache
HIT, HIT
status
200 OK
content-version
v5.89
alt-svc
clear
content-length
356
ghost-fastly
true
x-request-id
1a7d335d-f1a8-4531-ac4f-6a6571b2be1e
x-served-by
cache-ams21080-AMS, cache-lon4240-LON
server
openresty
x-timer
S1723309074.050615,VS0,VE1
etag
W/"2ad-LRIzvm1aa+pB2kd9cIdE7oaGJYk"
vary
Accept-Version, Cookie, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
30, 0
/
troyhunt.ghost.io/ghost/api/content/newsletters/
604 B
591 B
Fetch
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

ghost-age
0
date
Sat, 10 Aug 2024 16:57:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
367412
x-cache
HIT, HIT
status
200 OK
content-version
v5.89
alt-svc
clear
content-length
434
ghost-fastly
true
x-request-id
0e801107-753e-4a0c-86e6-943134c19512
x-served-by
cache-ams2100120-AMS, cache-lon4240-LON
server
openresty
x-timer
S1723309074.050762,VS0,VE2
etag
W/"25c-a8NOwjERtiFH3rCqN/X+kdBpfho"
vary
Accept-Version, Cookie, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
30, 0
/
troyhunt.ghost.io/ghost/api/content/newsletters/ Frame
0
0
Preflight
General
Full URL
https://troyhunt.ghost.io/ghost/api/content/newsletters/?key=5e03cd80efbea6ff26214a466b&limit=all
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::775 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.troyhunt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
367417
alt-svc
clear
cache-control
public, max-age=0
content-version
v5.89
date
Sat, 10 Aug 2024 16:57:54 GMT
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
server
openresty
status
204 No Content
vary
Accept-Version, Access-Control-Request-Headers, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
45, 0
x-request-id
b4d556fc-d8b3-4d54-b03d-26c97dddb348
x-served-by
cache-ams2100110-AMS, cache-lon4240-LON
x-timer
S1723309074.999362,VS0,VE2
recommendations.js
troyhunt.disqus.com/
64 KB
22 KB
Script
General
Full URL
https://troyhunt.disqus.com/recommendations.js
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
52c5c7ebdec3bfb573619a12d8124ff8ef97281a58ea280b3e55ee6b9735b0eb
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 10 Aug 2024 16:57:54 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
content-type
application/javascript; charset=utf-8
cache-control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
x-service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21418
/
disqus.com/embed/comments/ Frame EEF5
0
0
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=troyhunt&t_i=ghost-605f9d0e3a580664b3c53054&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&s_o=default
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17845
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 10 Aug 2024 16:57:54 GMT
ETag
W/"lounge:view:8455005378.c38c554c082f7e7fb999ad3bd2402cd3.2"
Last-Modified
Fri, 12 Jul 2024 22:18:57 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
/
disqus.com/recommendations/ Frame 3F14
0
0
Document
General
Full URL
https://disqus.com/recommendations/?base=default&f=troyhunt&t_u=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&t_d=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.&t_t=I%20Now%20Own%20the%20Coinhive%20Domain.%20Here%27s%20How%20I%27m%20Fighting%20Cryptojacking%20and%20Doing%20Good%20Things%20with%20Content%20Security%20Policies.
Requested by
Host: troyhunt.disqus.com
URL: https://troyhunt.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.134 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age
150
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2366
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 10 Aug 2024 16:57:54 GMT
Last-Modified
Mon, 05 Feb 2024 21:40:42 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c -, , ASN (),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Sat, 10 Aug 2024 16:57:54 GMT
Content-Encoding
gzip
Age
11960981
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2725
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/668D)
Etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
Tweet.html
platform.twitter.com/embed/ Frame 93FE
0
0
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=troyhunt&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=true&id=1040634067018895360&lang=en&origin=https%3A%2F%2Fwww.troyhunt.com%2Fi-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies%2F&sessionId=21292bbadcaee6954a2da02759e98dc19136387d&siteScreenName=troyhunt&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c -, , ASN (),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash

Request headers

Referer
https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
24
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Sat, 10 Aug 2024 16:57:54 GMT
Etag
"3798a7b6b197263df1b225665e92751a"
Last-Modified
Sat, 17 Feb 2024 00:56:45 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| writeIframe

1 Cookies

Domain/Path Name / Value
.coinhive.com/ Name: ARRAffinitySameSite
Value: 4d0bf8a034bef2a73d6df8e02094735bede3b37b4cdba30ad8d13592b30e385b

14 Console Messages

Source Level URL
Text
network error URL: http://www.phart.org.uk/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://www.troyhunt.com/i-now-own-the-coinhive-domain-heres-how-im-fighting-cryptojacking-and-doing-good-things-with-content-security-policies/
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: about:blank
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://platform.twitter.com/widgets.js(Line 7)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/embed.js(Line 48)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/recommendations.js(Line 35)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/recommendations.js(Line 35)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://troyhunt.disqus.com/recommendations.js(Line 35)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://platform.twitter.com/widgets.js(Line 7)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://platform.twitter.com/widgets.js(Line 7)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://platform.twitter.com/widgets.js(Line 7)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://platform.twitter.com/widgets.js(Line 7)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bloghelpers.troyhunt.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
coinhive.com
disqus.com
freeresultsguide.com
gratyfikantgt.info
platform.twitter.com
region1.google-analytics.com
searchmagnified.com
static.cloudflareinsights.com
troyhunt.disqus.com
troyhunt.ghost.io
www.googletagmanager.com
www.gravatar.com
www.phart.org.uk
www.troyhunt.com
www.youtube.com
104.17.25.14
104.18.25.41
151.101.64.134
185.53.177.52
199.232.192.134
2001:4860:4802:34::36
208.91.196.4
212.159.9.152
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:4f49
2606:4700::6812:1c50
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a04:4e42::485
2a04:4e42::775
2a04:fa87:fffe::c000:4902
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
39f7a131d7976b1cbbf08c89727ba5c1b5c384152ed65bc83198bca315be5a88
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
40aa8ddbea69ae0f3219d023bfec811ea721bf91de9554e278512a2366bcf7a3
459ef3f6bd1e6f971d048a7828dbd772c92755a5909e588b0a0da3eefc08308e
45aa2c72c9cc30f0903311c732dd73cbe9b701c8d6691a48b071bed2178997b7
4c2f0d1fe6073569e59003ed08a146b1c0e0c58a8608a2e6d87dac42ab679b61
52c5c7ebdec3bfb573619a12d8124ff8ef97281a58ea280b3e55ee6b9735b0eb
5375620a1478a71cc9ce052d4759f2f520290a1916d8ac91fbe71aefd21346f9
55feab64ee3414b0b83f32bacd2ca32fc0f344202613e144e140049eb22e78e5
59aa7f85c64b6bfd0e494c20b8f555fb4af3a61eabca935550f8d7643bee3ffa
5a0a508af82b53598aa6bd5263960828f4d2bdbd7be4aa56d08a4f797ff5a179
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
777cce45fc6263382451ea803a5d8f90ec653bc12c38631c85c44a4e54d00aa9
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
81174a47d8976f778ad4eef870dca05cc104326fafa1c1720e94ce08a5a1577c
870f57e1f241d2592f489802c86cb3acce1ce3de6573cfcfeba545df404781fc
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e968bf7c38b4daa1237fc8b177f917857aa3e92f772536fa6d004d40cea7a7e
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd867f757952f750817be355028ff737e4e3df2ed7d2ff2f0715314df3cad94
d0b175ad47d7799092afa0c24e9bdae6efe870f708251ee41e12829cb7a0c907
d9f0ba4c8da3f75150a391e505570b14363c0ec15fc932870517914cdb72b88d
da2707a57c71bda49d413911629b71696e3234742e537a1adfa61dc7f62a3286
dbfe9b021eb47cc7899ef34e5d48983563b0fff331e9740bacdc614e21ffd1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3064dd5680bab4cd9e72377af0195736ab0ad25cfd4c0fc202361da27cbe6c2
f34f159c26a7b054d113d43c8f2b4a10b9f537b466dafe63744be589131f8427
f8bc4e43a2c08d166d6c09874cdbd0878914e1cb00636f1a964abe873dc9bd62