This page includes a <script> tag pointing to /net-mime-sniff?payload=1, which serves JavaScript with Content-Type: image/jpeg.
/net-mime-sniff?payload=1
Content-Type: image/jpeg
If your browser MIME-sniffs, the JS will execute and you'll see an alert.