I think that's NoScript being overprotective. carbon.now.sh is a site that renders nice terminal sessions as html that you can include as iframes. - better than screenshots because you can actually copy the code. And as part of that request, the shell code is passed in the query string. I haven't investigated, but NoScript may be triggering on that.