engineering.salesforce.com Open in urlscan Pro
52.1.119.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
Effective URL:
https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
Submission Tags: falconsandbox
Submission: On January 14 via api (January 14th 2021, 5:40:06 pm UTC) from US

Summary HTTP 114 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 114 HTTP transactions. The main IP is 52.1.119.170, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is engineering.salesforce.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 29th 2020. Valid for: a year.

This is the only time engineering.salesforce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	52.1.119.170 52.1.119.170	14618 (AMAZON-AES) (AMAZON-AES)
1 75	2606:4700::68... 2606:4700::6812:1cd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.71.160 65.9.71.160	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.33 143.204.215.33	16509 (AMAZON-02) (AMAZON-02)
1	184.30.223.23 184.30.223.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.208.40.114 3.208.40.114	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:2600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:214... 2600:9000:214f:c800:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.206.80.215 18.206.80.215	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:e2:... 2606:4700:e2::ac40:8a24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1	14618 (AMAZON-AES) (AMAZON-AES)
7	2606:4700::68... 2606:4700::6812:1dd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
114	15

9 52.1.119.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-119-170.compute-1.amazonaws.com

engineering.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2606:4700::6812:1cd4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.71.160 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-33.fra53.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.223.23 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-223-23.deploy.static.akamaitechnologies.com

a16180790160.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.40.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-40-114.compute-1.amazonaws.com

srv-2021-01-14-17.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:c800:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.80.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-80-215.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:e2::ac40:8a24 (United States)

ASN13335 (CLOUDFLARENET, US)

lightstep.medium.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1dd4 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	medium.com 1 redirects medium.com miro.medium.com cdn-client.medium.com glyph.medium.com	880 KB
10	medium.systems lightstep.medium.systems	2 KB
9	salesforce.com 1 redirects engineering.salesforce.com	47 KB
5	branch.io cdn.branch.io api2.branch.io	25 KB
3	optimizely.com cdn.optimizely.com a16180790160.cdn.optimizely.com logx.optimizely.com	96 KB
2	datadoghq.com browser-http-intake.logs.datadoghq.com	93 B
2	google-analytics.com www.google-analytics.com	19 KB
1	app.link app.link	738 B
1	parsely.com srv-2021-01-14-17.pixel.parsely.com	229 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	19 KB
114	10

	Domain	Requested by
38	miro.medium.com	engineering.salesforce.com
35	cdn-client.medium.com	engineering.salesforce.com cdn-client.medium.com
10	lightstep.medium.systems	cdn-client.medium.com
9	engineering.salesforce.com	1 redirects cdn-client.medium.com
8	glyph.medium.com	cdn-client.medium.com glyph.medium.com
4	api2.branch.io	cdn.branch.io
2	browser-http-intake.logs.datadoghq.com	cdn-client.medium.com
2	www.google-analytics.com	engineering.salesforce.com www.google-analytics.com
1	logx.optimizely.com	cdn.optimizely.com
1	app.link	cdn.branch.io
1	srv-2021-01-14-17.pixel.parsely.com	engineering.salesforce.com
1	a16180790160.cdn.optimizely.com	cdn.optimizely.com
1	cdn.branch.io	engineering.salesforce.com
1	d1z2jf7jlzjs58.cloudfront.net	cdn-client.medium.com
1	cdn.optimizely.com	engineering.salesforce.com
1	medium.com	1 redirects
114	16

This site contains links to these domains. Also see Links.

Domain
medium.com
rsci.app.link
pub.s8.exacttarget.com
quake.360.cn
en.wikipedia.org
github.com
wireshark.com
www.alexa.com
securitytrails.com
www.cobaltstrike.com
www.linkedin.com
twitter.com
about.medium.com
help.medium.com
policy.medium.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
engineering.salesforce.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-29` - `2021-05-29`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2021-01-08` - `2021-04-07`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.branch.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
appipv4.link Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
Frame ID: 870787CBDCC643880E85C66650CC723B
Requests: 107 HTTP requests in this frame

Frame: https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html
Frame ID: 32B6D42B1EAAACA95C1B56B266828B68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fengineering.salesforce.com%2Feas... HTTP 302
https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

114
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1087 kB
Transfer

3069 kB
Size

3
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/?source=post_page-----e095edac525a--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_page-----e095edac525a---------------------nav_reg-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2Fe095edac525a&~feature=LoOpenInAppButton&~channel=ShowPostUnderCollection&~stage=mobileNavBar&source=post_page-----e095edac525a--------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_page-----e095edac525a---------------------nav_reg-----------
Title: Get started

Search URL Search Domain Scan URL

URL: https://pub.s8.exacttarget.com/kzcsxifmi0k?source=post_page-----e095edac525a--------------------------------
Title: Join our team

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=responses-----e095edac525a---------------------respond_sidebar-----------
Title: What are your thoughts?

Search URL Search Domain Scan URL

URL: https://medium.com/@frank.bussink?source=responses-----e095edac525a----0----------------------------
Title: K4nfr3

Search URL Search Domain Scan URL

URL: https://medium.com/@frank.bussink/hi-small-question-what-are-the-differences-between-ja3-and-ja3s-and-jarm-cebad9a6e434?source=responses-----e095edac525a----0----------------------------
Title: about 1 month ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2Fcebad9a6e434&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=responses-----cebad9a6e434----0-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@jcran_49469?source=responses-----e095edac525a----1----------------------------
Title: Jonathan Cran

Search URL Search Domain Scan URL

URL: https://medium.com/@jcran_49469/neat-technique-thanks-for-sharing-ad11aa388d4?source=responses-----e095edac525a----1----------------------------
Title: about 2 months ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2Fad11aa388d4&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=responses-----ad11aa388d4----1-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@attacker2001?source=responses-----e095edac525a----2----------------------------
Title: Attacker2001@360QuakeTeam

Search URL Search Domain Scan URL

URL: https://medium.com/@attacker2001/our-system-already-supported-you-can-use-the-following-syntax-to-search-44f66937bc5d?source=responses-----e095edac525a----2----------------------------
Title: about 1 month ago (edited)

Search URL Search Domain Scan URL

URL: https://quake.360.cn/quake/#/searchResult?searchVal=response%3A%22JARM%3A07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1%22%20AND%20port%3A50050&selectIndex=quake_service
Title: https://quake.360.cn/quake/#/searchResult?searchVal=response%3A%22JARM%3A07d14d16d21

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2F44f66937bc5d&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=responses-----44f66937bc5d----2-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@samanrajapaksha_39253?source=responses-----e095edac525a----3----------------------------
Title: Saman Rajapaksha

Search URL Search Domain Scan URL

URL: https://medium.com/@samanrajapaksha_39253/john-246e7091bd37?source=responses-----e095edac525a----3----------------------------
Title: about 2 months ago

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fp%2F246e7091bd37&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=responses-----246e7091bd37----3-----------------respond_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@jalthouse?source=post_page-----e095edac525a--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Fde317c4d57de&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_page-de317c4d57de----e095edac525a---------------------follow_byline-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_actions_header--------------------------bookmark_preview-----------

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Transport_Layer_Security
Title: Transport Layer Security (TLS)

Search URL Search Domain Scan URL

URL: https://github.com/salesforce/jarm
Title: https://github.com/salesforce/jarm

Search URL Search Domain Scan URL

URL: https://wireshark.com/
Title: Wireshark

Search URL Search Domain Scan URL

URL: https://github.com/salesforce/ja3
Title: JA3/S

Search URL Search Domain Scan URL

URL: https://www.alexa.com/topsites
Title: Alexa

Search URL Search Domain Scan URL

URL: https://securitytrails.com/
Title: SecurityTrails

Search URL Search Domain Scan URL

URL: https://www.cobaltstrike.com/
Title: Cobalt Strike

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/johnalthouse/
Title: John Althouse

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/andrew-smart-a3b15a2/
Title: Andrew Smart

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/rjnunnally/
Title: RJ Nunnally

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mike-brady-b5293b21/
Title: Mike Brady

Search URL Search Domain Scan URL

URL: https://twitter.com/4A4133
Title: @4A4133

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fsalesforce-engineering%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_sidebar--------------------------follow_sidebar-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fsalesforce-engineering%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_sidebar-----e095edac525a---------------------clap_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_sidebar-----e095edac525a---------------------bookmark_sidebar-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fvote%2Fsalesforce-engineering%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_actions_footer-----e095edac525a---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fbookmark%2Fp%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=post_actions_footer--------------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@jalthouse?source=follow_footer-------------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fuser%2Fde317c4d57de%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=follow_footer-de317c4d57de-------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fsubscribe%2Fcollection%2Fsalesforce-engineering%2Fe095edac525a&operation=register&redirect=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&source=follow_footer--------------------------follow_footer-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/@pkassianik?source=post_internal_links---------0----------------------------
Title: Paul Kassianik

Search URL Search Domain Scan URL

URL: https://medium.com/@arpeetkale?source=post_internal_links---------1----------------------------
Title: Arpeet Kale

Search URL Search Domain Scan URL

URL: https://medium.com/@elilevine?source=post_internal_links---------2----------------------------
Title: Eli Levine

Search URL Search Domain Scan URL

URL: https://medium.com/@subrat.thakur?source=post_internal_links---------3----------------------------
Title: Subrat Thakur

Search URL Search Domain Scan URL

URL: https://medium.com/@jalthouse?source=post_internal_links---------4----------------------------
Title: John Althouse

Search URL Search Domain Scan URL

URL: https://medium.com/@randi274?source=post_internal_links---------5----------------------------
Title: Randi Wilson

Search URL Search Domain Scan URL

URL: https://medium.com/@melanchenko?source=post_internal_links---------6----------------------------
Title: Dmitry Melanchenko

Search URL Search Domain Scan URL

URL: https://medium.com/@prantapbedi?source=post_internal_links---------7----------------------------
Title: Prantap Bedi

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----e095edac525a--------------------------------
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://medium.com/topics?source=post_page-----e095edac525a--------------------------------
Title: Make Medium yours.

Search URL Search Domain Scan URL

URL: https://about.medium.com/creators/?source=post_page-----e095edac525a--------------------------------
Title: Share your thinking.

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----e095edac525a--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----e095edac525a--------------------------------
Title: Legal

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----e095edac525a--------------------------------

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----e095edac525a--------------------------------

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a HTTP 302
https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a Show response
engineering.salesforce.com/
Redirect Chain

https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

200 KB
43 KB

1032ms
1032ms

Document
text/html

52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-119-170.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3a8645d9fd3372021901b8c4e43adaeedc8dcdb11821960bcbfdff46030aabeb

Security Headers

Name	Value
X-Frame-Options	allow-from medium.com

Request headers

:method: GET
:authority: engineering.salesforce.com
:scheme: https
:path: /easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Thu, 14 Jan 2021 17:39:41 GMT
content-type: text/html; charset=utf-8
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"31eb2-U/vTV1s7am5Ed97r6543t3pBSwA"
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, lite/main-20210114-054250-0730e012e2, rito/main-20210114-154607-5ccd2c2a30, tutu/medium-43414
set-cookie: uid=lo_5df2696fb4d2; Path=/; Expires=Fri, 14 Jan 2022 17:39:40 GMT; HttpOnly; Secure; SameSite=None sid=1:3tajn65TyrDzFYl3O1xluoPK+a4DU+msk70R9YlMhSbRovA0njdV/3l43MkcbA+md4MBsKvpP3x43Xmg882AUA==; Path=/; Expires=Fri, 14 Jan 2022 17:39:40 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_5df2696fb4d2; Path=/; Expires=Fri, 14 Jan 2022 17:39:40 GMT; Secure; SameSite=None
vary: Accept-Encoding
x-envoy-upstream-service-time: 923
x-frame-options: allow-from medium.com

Redirect headers

date: Thu, 14 Jan 2021 17:39:40 GMT
content-type: application/octet-stream
content-length: 0
set-cookie: __cfduid=d43821922a553e3799d304b51b71a38601610645979; expires=Sat, 13-Feb-21 17:39:39 GMT; path=/; domain=.medium.com; HttpOnly; SameSite=Lax uid=lo_5df2696fb4d2; Path=/; Domain=medium.com; Expires=Fri, 14 Jan 2022 17:39:39 GMT; HttpOnly; Secure sid=1:8ugxl8QH1ZWcwb11AFFYb2LIT+iTikLYUoV/g4kcOgxk26+deY6DR0NWlkHJn+MJ; Path=/; Domain=medium.com; Expires=Fri, 14 Jan 2022 17:39:39 GMT; HttpOnly; Secure; SameSite=None optimizelyEndUserId=lo_5df2696fb4d2; Path=/; Domain=medium.com; Expires=Fri, 14 Jan 2022 17:39:39 GMT; Secure; SameSite=None __cfruid=65d242b7d29e955461a73b5f2e020c187ceb7e30-1610645980; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None
sepia-upstream: medium
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://*.braintree-api.com https://*.braintreegateway.com https://accounts.google.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://lightstep.medium.systems https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
expires: Thu, 09 Sep 1999 09:09:09 GMT
link: <https://medium.com/humans.txt>; rel="humans"
location: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2
pragma: no-cache
x-content-type-options: nosniff
x-envoy-upstream-service-time: 150
x-frame-options: sameorigin
x-obvious-info: 20210114-0115-root,3d3b034c
x-obvious-tid: 1610645979913:303491acd63a
x-opentracing: {"ot-tracer-spanid":"52705b4639e2027c","ot-tracer-traceid":"166a27a2dc10ee94","ot-tracer-sampled":"true"}
x-powered-by: Medium
x-ua-compatible: IE=edge, Chrome=1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 07a3945ab600002c26c927e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6119233dfe862c26-FRA

GET
H2 200 16180790160.js Show response
cdn.optimizely.com/js/ 341 KB
96 KB 53ms
10ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/16180790160.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ad2241f69060f75c612f89a803a0d5a92f9373336a54b156aaecf9b38fc61691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 3w2OhRg36i8gaaXR3PCn_NOU656iHaVz
content-encoding: gzip
etag: "8afe14ee9b56e8eaf60fc119f226648c"
x-amz-request-id: 73855C29F87E16B3
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 5522
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 97011
x-amz-id-2: NVigIADW7pBIooT8X0pOIUAT4TZXyXGD1yC5lAccmImNHkNGolda/ZtKjhS5tO1zI4qvrrAVMA0=
last-modified: Thu, 14 Jan 2021 17:02:14 GMT
server: AmazonS3
date: Thu, 14 Jan 2021 17:39:41 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 480
date: Thu, 14 Jan 2021 17:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 14 Jan 2021 19:31:41 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
73 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1107820100&t=pageview&_s=1&dl=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a%3Fgi%3D68cc9787975e&ul=en-us&de=UTF-8&dt=Easily%20Identify%20Malicious%20Servers%20on%20the%20Internet%20with%20JARM%20%7C%20by%20John%20Althouse%20%7C%20Nov%2C%202020%20%7C%20Salesforce%20Engineering&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1020505484&gjid=1285215076&cid=1352642766.1610645981&tid=UA-24232453-2&_gid=819429741.1610645981&_r=1&_slc=1&z=902451675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://engineering.salesforce.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2*u7kgtidAMzS9ZD41CQWC9w.jpeg
miro.medium.com/fit/c/96/96/ 4 KB
4 KB 41ms
35ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/96/96/2*u7kgtidAMzS9ZD41CQWC9w.jpeg

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d02f7e4f8648fdc9e9e1123348fe176aa66b75029ea220fc066c64cf72bfacfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1644830
x-envoy-upstream-service-time: 78
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3962
cf-request-id: 07a394603700002c2678349000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 61192346bee22c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 0*Mua4JH888Pr2AnEY
miro.medium.com/max/60/ 1 KB
2 KB 226ms
220ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*Mua4JH888Pr2AnEY?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa1608956128abccbe669efecc9bb3f3942ac84b41f3401c5ce674447feca66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 55
content-length: 1401
cf-request-id: 07a394603700002c2669909000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192346bee72c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 1*yixX-SgZgdDhBVP1IKmXyw.gif
miro.medium.com/freeze/max/60/ 707 B
864 B 49ms
44ms Image
image/gif 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*yixX-SgZgdDhBVP1IKmXyw.gif?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a311996acaacf247fa72d2290c7a896a160d3f01e92a6b3038e4b54a41b32c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380255
x-envoy-upstream-service-time: 52
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 707
cf-request-id: 07a394603500002c26b2061000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192346bed12c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 0*lVxSz8r0PQj4YFdV
miro.medium.com/max/60/ 3 KB
3 KB 201ms
196ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*lVxSz8r0PQj4YFdV?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e91b4a4ed9c6479812f7efdb90270e7d651a637078819aa2ebf36e4e8c20ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 51
content-length: 3337
cf-request-id: 07a394603500002c268f32f000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192346beda2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 0*DbhcRHM2LnjilTbF
miro.medium.com/max/60/ 3 KB
3 KB 194ms
189ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*DbhcRHM2LnjilTbF?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7bf0369f514b505df2a666e0e49e29c7bebc245c34fd843d120b2df0530b8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 35
content-length: 2760
cf-request-id: 07a394603800002c267b372000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192346beec2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 0*Pmy-KoX1Uz-Wvz0F
miro.medium.com/max/60/ 636 B
822 B 173ms
169ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*Pmy-KoX1Uz-Wvz0F?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95cc70038425fa5ac3e6a2e48186200f7ae34f585b5244fe86f66d879ec48231

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 15
content-length: 636
cf-request-id: 07a394603600002c266f2e6000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192346bedd2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 0*NxjAyuEFWOykMsAp
miro.medium.com/max/60/ 2 KB
2 KB 185ms
185ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*NxjAyuEFWOykMsAp?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eaa22845dc493d6c01a0a51c9fdcf52895e99d0150413f5abd018d726c24f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 14
content-length: 1916
cf-request-id: 07a394605c00002c26a6841000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192346ffaa2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 0*N3PtTW4ULz-EZwP2
miro.medium.com/max/60/ 2 KB
2 KB 154ms
154ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*N3PtTW4ULz-EZwP2?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0357757d215a441af27d78652a98ec905b6a1853e9c56fd5964d1c95e32b7d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 15
content-length: 1853
cf-request-id: 07a394606400002c269f054000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 611923470fca2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 1*yrjhVQLMADoqbJ9wiriY0g.png
miro.medium.com/max/60/ 2 KB
2 KB 117ms
116ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*yrjhVQLMADoqbJ9wiriY0g.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af8730be3a3646069ac3338f5d7cd0dac0a5da59bfb57e3a527c41c7022daae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1654
cf-request-id: 07a39460e000002c26c9345000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192347ca282c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*UoC79uwUvMAbc1isvU1gMg.gif
miro.medium.com/freeze/max/60/ 699 B
798 B 53ms
53ms Image
image/gif 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*UoC79uwUvMAbc1isvU1gMg.gif?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cf065a4b2a11096a80d324c360020729ebcb29e3c5c2622a8f6aae687ac2884

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380255
x-envoy-upstream-service-time: 22
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 699
cf-request-id: 07a39460f300002c269a130000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192347ea752c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*tHOAiC1y7d4KGNvC7_WBpw.png
miro.medium.com/max/60/ 1 KB
2 KB 131ms
131ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*tHOAiC1y7d4KGNvC7_WBpw.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

484a8fab25e8b8ff16dd09e2cf6e4b380bb74464ad1d21b73d9d5d5e52d4c206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 28
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1451
cf-request-id: 07a39460fa00002c26a4317000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192347fab02c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*Uy-xw4TVG7o2N1NKakT9pQ.png
miro.medium.com/max/60/ 983 B
1 KB 165ms
165ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Uy-xw4TVG7o2N1NKakT9pQ.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

910b3b46085736858067eef2ffe4a754acc32d8b42515f06a1b70f9eabfa970c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 60
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 983
cf-request-id: 07a39460fe00002c26778a5000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192347fab82c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*rAh_FV-S-uKEFqlW-OXI4A.png
miro.medium.com/max/46/ 3 KB
3 KB 149ms
149ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/46/1*rAh_FV-S-uKEFqlW-OXI4A.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

454acda42c088d128eb706669de5ca2f00d2494a3ecc521108cf0b4090a886a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 64
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2833
cf-request-id: 07a394611400002c26823df000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 611923481b412c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*ZVADqGu7u2lCe4MvSykqzA.gif
miro.medium.com/freeze/max/60/ 702 B
813 B 23ms
22ms Image
image/gif 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*ZVADqGu7u2lCe4MvSykqzA.gif?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b289d637fcf7c062cf1f6ef392de4ce2818d6a1a867d4e6e0bcb6d7086c59a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 31589
x-envoy-upstream-service-time: 24
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 702
cf-request-id: 07a394611500002c26593ab000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 611923481b462c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 0*wUpdfC8VdK-S7rDY
miro.medium.com/max/60/ 754 B
851 B 180ms
174ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*wUpdfC8VdK-S7rDY?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f6032fb4948e924c44a930b3f450b7b96e0a85bec49cbf743ee4d060333bb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 36
content-length: 754
cf-request-id: 07a394613900002c266c22b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 611923485bf42c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 0*YrS-tI6Eh0OW3GSA
miro.medium.com/max/60/ 978 B
1 KB 160ms
158ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/0*YrS-tI6Eh0OW3GSA?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb9a8036b691e18acc1b2c9d263e42579eb0dbb2c91d3e3066f5b0b4fd1c56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 35
content-length: 978
cf-request-id: 07a394613a00002c26cd363000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 611923485bf92c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 UTC

GET
H2 200 1*zPCRQcQmuxmP9qCyN2_Sgg.png
miro.medium.com/max/60/ 1 KB
1 KB 22ms
21ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*zPCRQcQmuxmP9qCyN2_Sgg.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e89b4d56b524ca2ee06cda6345e56dbf1f698edf7b69ecbd5ee7ac9a962d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 380255
x-envoy-upstream-service-time: 55
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1057
cf-request-id: 07a39461a300002c265eb53000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 611923490e1e2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*A69rQo_WOWLJcHaBOwBlzg.gif
miro.medium.com/freeze/max/60/ 721 B
826 B 127ms
125ms Image
image/gif 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*A69rQo_WOWLJcHaBOwBlzg.gif?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb156f7f389a0857df74733e6be806d5b16d2c08eecf7eb36990b6f377255b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 32
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 721
cf-request-id: 07a39461ad00002c26b2090000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 611923491e4e2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 2*u7kgtidAMzS9ZD41CQWC9w.jpeg
miro.medium.com/fit/c/160/160/ 8 KB
8 KB 44ms
44ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/2*u7kgtidAMzS9ZD41CQWC9w.jpeg

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c65c8b8f992d0ad7dbf4eb387f33722ae1adc80498376619290a02b9a9684f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25216
x-envoy-upstream-service-time: 67
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 8114
cf-request-id: 07a39461b800002c268b16f000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 611923492e8a2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*vCKMGqNBlOH26MLJ2aJXiQ.png
miro.medium.com/fit/c/160/160/ 5 KB
5 KB 41ms
40ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/160/160/1*vCKMGqNBlOH26MLJ2aJXiQ.png

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a738dda6e96583650f66d31009a2909e8b44b8be0894dea3e365471cd1ec1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1646841
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4755
cf-request-id: 07a39461df00002c2670a68000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 611923496f412c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 2*u7kgtidAMzS9ZD41CQWC9w.jpeg
miro.medium.com/fit/c/80/80/ 3 KB
3 KB 26ms
24ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/2*u7kgtidAMzS9ZD41CQWC9w.jpeg

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e644a1d50dbd459f1d1b004c92709506ea51a181f1933b78a245fae2342607

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1644830
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 3096
cf-request-id: 07a39461eb00002c267ab81000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201022-235030-74926b7bfe
accept-ranges: bytes
cf-ray: 611923497f812c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*vCKMGqNBlOH26MLJ2aJXiQ.png
miro.medium.com/fit/c/80/80/ 2 KB
3 KB 27ms
26ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/80/80/1*vCKMGqNBlOH26MLJ2aJXiQ.png

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf82e37aae137150bfc80621a879de82cd75b3a3188289dd5dc8883b5903357b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1646841
x-envoy-upstream-service-time: 135
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2294
cf-request-id: 07a39461eb00002c26778c2000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 611923497f842c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*JNrG0SEIrpJRWyQDZ2wJ8Q.png
miro.medium.com/max/60/ 9 KB
9 KB 83ms
80ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*JNrG0SEIrpJRWyQDZ2wJ8Q.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b50ca84b3ab702701a878a20f64a29dc1eccc4f5a308440814e01a9721395f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70584
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9364
cf-request-id: 07a394620500002c26dca2b000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192349afee2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*HKPAFnTx6TboNUXplvLF2A.png
miro.medium.com/max/60/ 594 B
689 B 46ms
43ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*HKPAFnTx6TboNUXplvLF2A.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b509deaa0a59db74bc7d9630a073c16e0afa6c5b3d0fe0f73f016c31dc7c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1628937
x-envoy-upstream-service-time: 21
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 594
cf-request-id: 07a394620700002c268a1d8000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192349aff62c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*Vbrgxe6dRSZlcv0mSOewDQ.png
miro.medium.com/max/60/ 6 KB
6 KB 26ms
23ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Vbrgxe6dRSZlcv0mSOewDQ.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dbabd8ad9d452865f22041a9ab8dbd71fa6918c34378f71b989ed921a8201e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1628937
x-envoy-upstream-service-time: 19
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6317
cf-request-id: 07a394620900002c266c246000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349a8012c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*R_S7eG_5w5bzXyV059VtcA.png
miro.medium.com/max/60/ 1 KB
2 KB 33ms
32ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*R_S7eG_5w5bzXyV059VtcA.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3906a6f5289f1841d5f6c1664a8bf4ba19e272ea7743183baea77f61c6fbf64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1628937
x-envoy-upstream-service-time: 21
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1525
cf-request-id: 07a394620900002c2687882000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192349a8022c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*iQuZqUS_ftsRDPnEHu1Mcw.gif
miro.medium.com/freeze/max/60/ 727 B
855 B 29ms
29ms Image
image/gif 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/freeze/max/60/1*iQuZqUS_ftsRDPnEHu1Mcw.gif?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a2b82c53e5cef1fa53d57cd031d1138581845c396b3faba4770d13ae26eec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1665621
x-envoy-upstream-service-time: 25
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 727
cf-request-id: 07a394621500002c26928ab000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349b82c2c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*Z73Mha6ocKDNLN57Yi1hZA.png
miro.medium.com/max/60/ 5 KB
5 KB 31ms
30ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*Z73Mha6ocKDNLN57Yi1hZA.png?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ea7ba3f44868041b822fa00ad2fad8cd6aa9320242d35e0489442d501f0054c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1628937
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 4809
cf-request-id: 07a394622100002c267f355000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349c8582c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*lo5A1Z-Ef24Z8p5bw6xjgg.jpeg
miro.medium.com/max/60/ 972 B
1 KB 27ms
26ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*lo5A1Z-Ef24Z8p5bw6xjgg.jpeg?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7618d2e62c31f249fe0b407123035441af2a2d8bb05cbf4dfe1790041ca20f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1628937
x-envoy-upstream-service-time: 47
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 972
cf-request-id: 07a394622900002c2669944000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349d8772c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*tj2HxPu_d5gao-T92CXUZw.jpeg
miro.medium.com/max/60/ 881 B
1005 B 35ms
34ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/60/1*tj2HxPu_d5gao-T92CXUZw.jpeg?q=20

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d88636b4f6cb3ffb38d63efaa4211718f17525235b4173f7e735a305b29a1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1464365
x-envoy-upstream-service-time: 33
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 881
cf-request-id: 07a394622a00002c267b3a1000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192349d8842c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/270/ 10 KB
10 KB 17ms
16ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*Crl55Tm6yDNMoucPo1tvDg.png

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1690928
x-envoy-upstream-service-time: 42
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 9821
cf-request-id: 07a394623400002c2669945000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349e8a32c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/270/ 7 KB
7 KB 30ms
29ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/270/1*W_RAPQ62h0em559zluJLdQ.png

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1690928
x-envoy-upstream-service-time: 46
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 6839
cf-request-id: 07a394623400002c26af1be000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201103-004404-ec640a6618
accept-ranges: bytes
cf-ray: 61192349e8a62c26-FRA
expires: Sat, 13 Feb 2021 17:39:41 GMT

GET
H2 200 manifest.438cab86.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
4 KB 79ms
59ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.438cab86.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27dc4f27d67ecf878270e49f7ce84b8e54d9e5d3bd8708ac1a64ef414a7039a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59643
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C8CA02F0FA2E3A63
x-amz-id-2: kaRRVG25FIVE3XDo8kBeoToCqmx5cI9ikotzFRteOpBuEWc7+/HD3LpTGWCpi2yGQ2ndyrHyEOw=
last-modified: Thu, 14 Jan 2021 00:58:21 GMT
server: cloudflare
etag: W/"22ee82ef8444446c96c219601d563f78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: sMgEdqy_Kg4YhhVFME.FoMvSfe_MWYFS
cache-control: public, max-age=31536000
cf-request-id: 07a394613e00002c267f342000000001
cf-ray: 611923486c222c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 4739.78fb2a04.js Show response
cdn-client.medium.com/lite/static/js/ 642 KB
190 KB 61ms
41ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4739.78fb2a04.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4022f1b61a4bdac656711f12083b0aad56d61fa9bec60819a51cd2f3c450cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 669485
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 71628F499F981A87
x-amz-id-2: Hi385InJaFckNGjReZQrmUrJnSaQq2D0Hnbm9sbSXO20TemlczPMsIhRggdxHl6Q75iVoP+sR5M=
last-modified: Wed, 06 Jan 2021 23:24:25 GMT
server: cloudflare
etag: W/"8377e856c5cccb577b39e5640a162d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: aoVwA2YLXYKRoyMTnkt4U7j5jsWW1fju
cache-control: public, max-age=31536000
cf-request-id: 07a394613f00002c26c50ff000000001
cf-ray: 611923486c312c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 main.a6c21203.js Show response
cdn-client.medium.com/lite/static/js/ 528 KB
136 KB 51ms
32ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.a6c21203.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd7a65a0e7e009b73e12e84c3063e28f7fe62db3497295b435ba8e3ba56ed969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59643
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 564EBA77D937DEEB
x-amz-id-2: A1LoM0LzTQpM20ahFzAyYAbXzvXE5FjJdRPIWsoOJrgO80zmG9hiW6O5ZBc1gxWQORQGAbVYppI=
last-modified: Thu, 14 Jan 2021 00:58:19 GMT
server: cloudflare
etag: W/"b447bd7737ef326616cdc47a785f501c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .yXCA2MaRI_d2CWoGP1VBLUsoZBCpwOF
cache-control: public, max-age=31536000
cf-request-id: 07a394614000002c26823e3000000001
cf-ray: 611923486c352c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 5573.159bf40f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 62 KB
16 KB 55ms
36ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 481326
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 9D584856367C9D21
x-amz-id-2: dCLxGReOzYie8cze7jTmxuhKT0Q4uVVp17EfYoN2lJgIGgeST5SVH5JBEhuTArEU3ydfzFjFxtM=
last-modified: Thu, 03 Dec 2020 23:15:32 GMT
server: cloudflare
etag: W/"285e9d718f6e570e00b30e966996ec1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ITKw14eLTdBpXYYcizy12uJ1fvpJcpCb
cache-control: public, max-age=31536000
cf-request-id: 07a394614100002c268f355000000001
cf-ray: 611923486c3b2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 instrumentation.b5262cb2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 4 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.b5262cb2.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

761fd463c8762233c23b6a014bf24c231a08006326bfd3a32ad62de5ea63d110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59643
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5613A50EEA32E1DB
x-amz-id-2: TNhn3nF6qe+jkub1eWaUc7QHrl1h/VShcO01/i6A4532nL96uAhPOJbEdnpKMZRDgGAwxVUSjuM=
last-modified: Thu, 14 Jan 2021 00:58:17 GMT
server: cloudflare
etag: W/"052721ef14e587d871d2e47e244eefc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Tty8ZyNpixBc1yZ1R9dz0GpTDr71Ejrq
cache-control: public, max-age=31536000
cf-request-id: 07a394615400002c26b89ec000000001
cf-ray: 611923488cb72c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 reporting.2d4858fa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.2d4858fa.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b75ea6add95847bdd76fbfc7c22f5f07b1a8eb3dd7bf5a3d25e47cfd0419d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671121
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 69EAC181551D4E86
x-amz-id-2: MUQ5zUBPa2DYwgZfrdTN8Dh1JUdWePuP5OkmDbQmpvJt6kbyrmNQZr9kM2Wp/sQumrb+E55fWvs=
last-modified: Tue, 05 Jan 2021 19:26:46 GMT
server: cloudflare
etag: W/"3fdf81ff0694d571a3445a5cea0a5064"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: F_faEiTSlpQpltBSwc4yyfbiquGuBmsM
cache-control: public, max-age=31536000
cf-request-id: 07a394615500002c265eb4d000000001
cf-ray: 611923488cbe2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 1826.f1c2fa77.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
11 KB 22ms
21ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1826.f1c2fa77.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de734b8e6595ce48b70090b3d1b0cc145dd958ad7a6ae5f0e70b25a113a90968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 481326
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 861894AB7BE83874
x-amz-id-2: nKrCPAkwnYLPJqrtP7C6X8yQT6PzIRBY9/aXpF2MQAcmKZZK6g0nVsxbmk8QHtOPM6YA4j+NMR0=
last-modified: Wed, 02 Dec 2020 02:33:01 GMT
server: cloudflare
etag: W/"8b3f85470be88b2a575fc6fd6cc1ccc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: oCKXpQ17eTS3Cg.PCGotxBa7WdqzOGF1
cache-control: public, max-age=31536000
cf-request-id: 07a394616500002c26c9356000000001
cf-ray: 611923489cf92c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 4464.c01c0ad8.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 23ms
21ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4464.c01c0ad8.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c641f892f22057d280574902211a972b66f21887b9605d6373420616c2998b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 481326
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 05A6FF98BD07242E
x-amz-id-2: wOx4GfF2VOlUrCDB/1k8a9MPM0Nj6l7AYB3Vgof8UgB+qYxPd7T6AOl/YNIwQY4Nyv8Dg1j2/WA=
last-modified: Wed, 02 Dec 2020 02:33:01 GMT
server: cloudflare
etag: W/"be8b2bc1f024eb0a68f616793b7f8507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: NkqEyknZNpQQsnJ_0Ysu16usgj0oaHmU
cache-control: public, max-age=31536000
cf-request-id: 07a394616c00002c2664a12000000001
cf-ray: 61192348ad0d2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 8342.6aa0b45e.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 120 KB
34 KB 58ms
58ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8342.6aa0b45e.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 481325
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 774A3BAC62216CA5
x-amz-id-2: 1lgy8xHDqskYRzC4HqpJV59M2FHYLLmGwWXIbjyyTJZqtz5EldZM3d7oE7xsdHkZ21g+q48pXn4=
last-modified: Fri, 04 Dec 2020 01:36:09 GMT
server: cloudflare
etag: W/"5daacb41c4e6b401be87ada016250ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: qonxwwJqyV0gWQau_ewBCZXsv6ZIxVW0
cache-control: public, max-age=31536000
cf-request-id: 07a394616d00002c2699a29000000001
cf-ray: 61192348ad0f2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 1148.27bc51ff.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 56ms
55ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1148.27bc51ff.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ae9db72e4f1080ac11d81a9c3407e16ac5defddf532f9249aae4a3cc3d37e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770802
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E0B3B64E246034AC
x-amz-id-2: PxEUsJVJPRX2piXZdiL9YZfkSg7O7OYjOYJ9LY8HhjC2O/Snq56uv53Rm2ETthNoo54kNOInAoA=
last-modified: Tue, 05 Jan 2021 19:26:19 GMT
server: cloudflare
etag: W/"e661b01d06180da99622c64ed78960d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: S8GrYSZL8mWiwvXrJz5eaHK3.14RXA9t
cache-control: public, max-age=31536000
cf-request-id: 07a394617200002c26b5041000000001
cf-ray: 61192348ad212c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 5064.fedfa9f1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 116 KB
33 KB 46ms
43ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5064.fedfa9f1.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10f3dec70f4e719e85b24b37ea65b269ee5d1f0b2e1207b60314209407f0e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84109
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 5035A0EE9DF771AB
x-amz-id-2: 8o6Ay5dI7up982MTPpRgzchRrHZPhfbKrHtR/MPYTiLxJ51P+L5QvUpAxc70lbqnfeOtd1bu54c=
last-modified: Wed, 13 Jan 2021 18:10:38 GMT
server: cloudflare
etag: W/"00857bc5e35920ab3e333f260c0fbda3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _ikam70jBTBoIM6aFEaU47MW4.7lcixL
cache-control: public, max-age=31536000
cf-request-id: 07a394617c00002c267836b000000001
cf-ray: 61192348cd572c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 9274.431d8f19.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 35ms
34ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9274.431d8f19.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f16c5a5cf88c225a7b495f6a1645b3480396b7f23f1e03fa59668f82b2cd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770802
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C4BCE3D63F88BE10
x-amz-id-2: EG++6NU8BOsi0PONWd81x62qh/y/5ffRcbBvj1Ujs9mIz+YUdYXCgOnteBQ/OxXnfTlM0UXV96o=
last-modified: Tue, 05 Jan 2021 19:26:21 GMT
server: cloudflare
etag: W/"ee7758236a580944e06907e5534ffe8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ikKFGLYE5iMSJuID5QGtRASzxh8Hl6AC
cache-control: public, max-age=31536000
cf-request-id: 07a394618000002c26a1a13000000001
cf-ray: 61192348cd612c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 2846.2eab6f86.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 47ms
47ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2846.2eab6f86.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a58704c37f8960f7e93e21a79d3e02877de4efe16c0bd1f182d40866a9c712f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770802
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F7D349CE73A284E5
x-amz-id-2: /VKB3NViPN7Mjhig9B0K1TQB7hWgiCawxOTpAU9yc5GyK277vcCZ2Qg5OmWpRTOrASi2W4RKvW4=
last-modified: Tue, 05 Jan 2021 19:26:19 GMT
server: cloudflare
etag: W/"a8e5f5595ecc988810a5bfdf10b5ee08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: epsyUNUujh311SOVcNpH7LA7HZHEB_eE
cache-control: public, max-age=31536000
cf-request-id: 07a394619800002c26b89f6000000001
cf-ray: 61192348cd6a2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 7012.5f022c24.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 55 KB
15 KB 45ms
45ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7012.5f022c24.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97424dd27ef89748ae1cd058fe7094a6d0548d9a9aaf23814bdb7cdb703f2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595927
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AA0D05CCC052DC38
x-amz-id-2: U+0rphEVl28HQO1rsm6I8z3rS1+wjOH3mLfng453pLGjpru4P+kJu/JlN7TxII5/jq1yCCkREVI=
last-modified: Thu, 07 Jan 2021 19:58:28 GMT
server: cloudflare
etag: W/"5587a860cd7cde5d2ef8ed3d5eb043fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0bsRqp6HYuf1PkhyBpoAP8_JbfgoMysx
cache-control: public, max-age=31536000
cf-request-id: 07a394619a00002c26778b8000000001
cf-ray: 61192348fdef2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 7993.d921811a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
8 KB 28ms
27ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7993.d921811a.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a617a7ca2de1f06c979f2e6503c8f4a751b1cfc821c5c632ea287b7043abfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671120
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: CD2B75292305A3B3
x-amz-id-2: CmdiaUx+tyymon0JE2pUGM+q7/AveJs+t+lijo3VbqZd9AZiw/HLmITyC5SyEYjOQ0loLPBAjQk=
last-modified: Tue, 05 Jan 2021 19:26:21 GMT
server: cloudflare
etag: W/"9c33e7411072601287a5293f03a22bdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 0y5sDyQ_8H5BXnkMo99VzxDI0c7wnFly
cache-control: public, max-age=31536000
cf-request-id: 07a39461a300002c26b208f000000001
cf-ray: 611923490e162c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 6839.76c7a097.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 31ms
28ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6839.76c7a097.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdb8433799a5600cb40b8120f9648a09e83199b6a79eaaae0d3b399fbefa44a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770802
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 87F1463282A15598
x-amz-id-2: 9QdPC7fB8v6ezE+6C2x7QFFhek50vKvWJ64phHqXUMgvIdihjDmCmBLdBrkLtikX5ewlk/XeqqA=
last-modified: Tue, 05 Jan 2021 19:26:20 GMT
server: cloudflare
etag: W/"8c23099177f23181c3793e0d049f7c1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: EEj5tBpLODFsQhZl2YQ4jzk6ggeQvSPp
cache-control: public, max-age=31536000
cf-request-id: 07a39461ab00002c26c98d3000000001
cf-ray: 611923491e4a2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 5127.25f1bb68.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 32ms
31ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5127.25f1bb68.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3eb34a7a7bd37aa05c4fb8e2f5d061e1440886170039808b7d0d495edd27f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 159097
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: E712E4DCFD92F895
x-amz-id-2: 8we0fDcPbK/BWNM8wSWug32VEXc9k/EPvqIPpIHAy2E1aaZfBot0FfllJYMCJaVWB2n3f8zvJ1I=
last-modified: Tue, 12 Jan 2021 21:25:06 GMT
server: cloudflare
etag: W/"d6fe66eb94fb8b7077b7a59010f6cec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: _XuqfAZsP7iA96dl68MiP1sAMVp9jeVu
cache-control: public, max-age=31536000
cf-request-id: 07a39461ad00002c26a99d4000000001
cf-ray: 611923491e542c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 5967.577a90dd.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 29 KB
10 KB 32ms
32ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5967.577a90dd.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5a0971765ccaf2128cb41840f669bcbb61632eddb41c59a1c71afa0dbbae1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 158799
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4XAH8R4QBREY9G0Y
x-amz-id-2: 82PG2xaJREpJaIVzmm49NjqRao/0yaqNOqNEA+Bc0CXfGZNNSZlL1PfmrADsEFZIM93TbuLuMhs=
last-modified: Tue, 12 Jan 2021 21:25:06 GMT
server: cloudflare
etag: W/"04427ef7a2e0bd6144bd62aa510a104d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 52NK5Yozbo.JEbngw2NdxlMo4H.bRaka
cache-control: public, max-age=31536000
cf-request-id: 07a39461ad00002c26cd913000000001
cf-ray: 611923491e582c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 8751.0b0595e4.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 75ms
74ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8751.0b0595e4.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97d2a047b01321f69dda95f33968ab16bf913a73ca34ebda4069d1fb2844a520

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770802
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: DC33F31D9F0929E4
x-amz-id-2: UvzJsiVZZWVSTLdWPksi8eNxVh1doHbOsJs7eYjDzCFvhrH1dGeFL8kdd4tyq2oitvjng4Wsd4M=
last-modified: Tue, 05 Jan 2021 19:26:21 GMT
server: cloudflare
etag: W/"b37e1ee5c82feb95bfb8a97a7f1aa14c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: KGZBTDoEBQ0F_AWPJ6c99KvSPwab3mnf
cache-control: public, max-age=31536000
cf-request-id: 07a39461af00002c266c23b000000001
cf-ray: 611923491e632c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 6010.4461a77a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
8 KB 26ms
26ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6010.4461a77a.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac0b9586f3643987e1328d4c39e3edda5f41353877822404a021540c5dd80e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63036
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: B49B713E3AC78321
x-amz-id-2: H9FKbShEolMYqCHYa5WFQFhzC24TKQwb995FmUTLZG+UfqoCF36ti7SnMt1wj0ngamboL3GdlVg=
last-modified: Thu, 14 Jan 2021 00:01:17 GMT
server: cloudflare
etag: W/"fce9a8f9dade57e07c09f12381849d0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Aaha6SI5IWJoMUyvARU5JC1cgtF5hdSU
cache-control: public, max-age=31536000
cf-request-id: 07a39461b100002c26a1a16000000001
cf-ray: 611923491e712c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 7131.65798e19.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
6 KB 29ms
29ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7131.65798e19.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbdcb77942e20d9fc7aa034d0fc81554522b87b55f4309c76d1c01a377b87746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671120
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 901BD5AB532B59C0
x-amz-id-2: qHo+q39lrABkAlzysRBaZb6U8f/kQ07a762k6cnqwLkcAMo5VI4ST75GqlsIueywAa1Ygmc0L6M=
last-modified: Tue, 05 Jan 2021 19:26:21 GMT
server: cloudflare
etag: W/"f32f72c1081f646ebeec736a38504a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ogdDZR5SZlrupHaui0ZZWlmDAkyK2VY1
cache-control: public, max-age=31536000
cf-request-id: 07a39461c400002c269a14b000000001
cf-ray: 611923493ec12c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 9809.2014403c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
6 KB 30ms
30ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9809.2014403c.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e4a43ce3ea047cb1774e2b80eb2bc0baad62043a18a5cc889b941b288fdc684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202958
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 4E71772A9256149F
x-amz-id-2: rYSAqVR7Xa31vf043SpUK4ECZGalvp3nkokt59k4b/6HDOCgiPZjHXkmHr4y4siATmkYqpIWMcc=
last-modified: Tue, 12 Jan 2021 09:09:53 GMT
server: cloudflare
etag: W/"8403d5c5f1a29a2dcd1c9a9942e0fdb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: PXZkTn6yRPFIIxR3P0MB0LzZxs9bz5MT
cache-control: public, max-age=31536000
cf-request-id: 07a39461c900002c26778c0000000001
cf-ray: 611923493ed72c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 9978.10a970d1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 45ms
44ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9978.10a970d1.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0beb7954e8ea024028ede985c5adb28864000baddf786fa43cbf5a1e0f8fb415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 158798
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BRDPFH5Z6V3NDR4W
x-amz-id-2: mrsvgo5TwZroSRctXshIt18Prfk8HGmxrYZMhemkLaAzPK5xs3ig+OMopd/p3B9Nx8A8xabsdzk=
last-modified: Tue, 12 Jan 2021 21:25:07 GMT
server: cloudflare
etag: W/"e810d661407d3e55c6387b6b9492f18c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: wVkFLWc4.wnBrDN__JRjedXdxmckBhCs
cache-control: public, max-age=31536000
cf-request-id: 07a39461cd00002c26af1b5000000001
cf-ray: 611923494eed2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 7106.32df7fe7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 27ms
27ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7106.32df7fe7.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e4d3d8b145ea47dc884dd6aba8c572cd95ff832f57fb70cb7939da8d8eb73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770801
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 6501E0CD9B29B29B
x-amz-id-2: 59ABqVU7ac5lzCXAZw/wiOVX4yurPdrPyxJJ1kLywhR0JrakSp/AAfDhsKSPn1k11yBYilFl0ak=
last-modified: Tue, 05 Jan 2021 19:26:21 GMT
server: cloudflare
etag: W/"1ff9695c9a78d1dbcc699dce62a09910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: k7ghE7MJnSloDt7arvOh3rKqOqlGKuPr
cache-control: public, max-age=31536000
cf-request-id: 07a39461cf00002c265eb5b000000001
cf-ray: 611923494ef12c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 3277.e57d6ad0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 30ms
30ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3277.e57d6ad0.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80c4741f2b7df1c1f597f93c58afc36b16ca20d89b7a43ee0bd1c91b484e72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202957
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 72F8DF5B6CB2D8AD
x-amz-id-2: e126TQesdpLkSyzQH/VWQa769pS23qr1ioEm6bpp5K+aMsOQqkYKIcWyEQ1LO798CBwm5YRsWRc=
last-modified: Tue, 12 Jan 2021 09:09:52 GMT
server: cloudflare
etag: W/"0082f820cbff8d2e662c2195a04c146e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: BFcL13bdgEt592xH3tH7ueiCQuMw_H..
cache-control: public, max-age=31536000
cf-request-id: 07a39461ce00002c26b2094000000001
cf-ray: 611923494ef32c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 3721.63bce59f.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 70 KB
20 KB 43ms
40ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3721.63bce59f.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ca20d2091ca25899eaec96fae31faef0ee05138657e5c5ad037d702b11be3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63036
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: C14A2145CC86974F
x-amz-id-2: 19mwZhLCH3ZVWyVS2Woawxn1l2KUFJQBkvIcU6fyw2wb614sS6aKEN0rjZlHonekAXS+TvZaWJc=
last-modified: Thu, 14 Jan 2021 00:01:16 GMT
server: cloudflare
etag: W/"549f046626b0f38bd947f0c765a7562b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ECJ5r3fa7F_POnUG20kcdEEEl0VZU_tS
cache-control: public, max-age=31536000
cf-request-id: 07a39461e400002c2661993000000001
cf-ray: 611923496f522c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 2514.34c0377a.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 17ms
14ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2514.34c0377a.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

534d05fa17f099576f65a71988307744bea83ac1da27f36b1603722ff0df4d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 843294
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 8C4CA0B52D464B69
x-amz-id-2: zSiBrehiPco2BzaxBlDteLHjOsn/RRCpgRsEbJ8PqXQ6Jmdv6FsL5eCaK4k9Pwc8Zbxnl2j4SSc=
last-modified: Mon, 04 Jan 2021 23:22:17 GMT
server: cloudflare
etag: W/"4be7fa7228cbe69df7e1884964e43841"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: VWw4GPqhinWQrrvO2_th65qiw0EBeDRg
cache-control: public, max-age=31536000
cf-request-id: 07a39461ea00002c26c5114000000001
cf-ray: 611923497f7e2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 2602.6f7e7156.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 14 KB
5 KB 24ms
22ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2602.6f7e7156.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c10215fdbaf5c4c5fe4a15d2f037649b80dc17e9f82b7f0cc0bf56bccf64ab06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 170440
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F1E8FE086A510A23
x-amz-id-2: E37qGlzGJilw7X229gu2rL3uWT4E+e58BivyZFml4QStaAUnGzbccqaAWGjWQASYttjTlmmz+MI=
last-modified: Tue, 12 Jan 2021 18:12:14 GMT
server: cloudflare
etag: W/"4176a6a9e564eed750132d571ab4c0ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: jNWqmJWISRp9mFiuacsJGYHhXax.CRGC
cache-control: public, max-age=31536000
cf-request-id: 07a39461ea00002c26593c0000000001
cf-ray: 611923497f7f2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 1304.124bf019.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 10 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1304.124bf019.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e5403ab477bc5590ff20ac9f835fa03e6ff04837c4677ca4742a586a80f719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 159097
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D82245A4DC8F18F1
x-amz-id-2: dzhjdTA8hmSkHpf/N8od3JnZeOLlUtCjKxpgpOu2VtqcZtW5NOvkaGQrpoqdmC7Tw0nngibIux4=
last-modified: Tue, 12 Jan 2021 21:25:05 GMT
server: cloudflare
etag: W/"9dcc5a4405aac49084ca7eb914f3f508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gnkCW5P4kmR7Hc4qNBb8DEXqyBAiA2S_
cache-control: public, max-age=31536000
cf-request-id: 07a39461eb00002c269c031000000001
cf-ray: 611923497f852c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 6098.d8904caa.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6098.d8904caa.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b9073846763cad29185c3b4c6e80dd9de3bc29bd52c81effc6ae7524285638

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59643
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: F79A80001FE1F169
x-amz-id-2: HB4pG/mbNkrM5i9vnRkQ9hEI2SfVNuyyHYtGcOWmbFMPmHpE9u22T6/9C/Kt8qHH1+eGQ33Qf54=
last-modified: Thu, 14 Jan 2021 00:57:58 GMT
server: cloudflare
etag: W/"27d7cbde3a94a89fa9b22a93e81afb45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 8kHB1iv6j5408n4rn4IboX35xEF0XbFg
cache-control: public, max-age=31536000
cf-request-id: 07a39461fe00002c267837a000000001
cf-ray: 611923499fd42c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 592.a8379838.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 132 KB
35 KB 23ms
22ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/592.a8379838.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f31972a7b8d89050b3ccd58bbdbb275e2a998a8c4d2c4f17c35838d0da52939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86477
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: BE2CC58501C17D32
x-amz-id-2: i/FNZbDDmh1Q93iIFsrOXnv0m0QH7igpprG7k5KEq0x1B7ktxhpDuKWJuRboEp8aq3npkSO6ktY=
last-modified: Wed, 13 Jan 2021 17:31:21 GMT
server: cloudflare
etag: W/"b74d3557f5ff41759bb8f05f18000271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ZwMBQvLNHjVrY8ROeRjj3kvqN9.FVW6s
cache-control: public, max-age=31536000
cf-request-id: 07a39461fe00002c26593c2000000001
cf-ray: 611923499fd72c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 9889.45a0cfae.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
7 KB 24ms
24ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9889.45a0cfae.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c00badff335c92187112b972082b59c6af6755113752778b55d8000307b3c03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86745
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: AD8B7D41242C10DC
x-amz-id-2: z+KPF0v1su/xbATQQ+TNJFtdsa/sqVrYg8Bj3ioT31/xX5TsxpMX+XL5AN6XhySYR2T495K4kq8=
last-modified: Wed, 13 Jan 2021 17:26:16 GMT
server: cloudflare
etag: W/"f9d2ffe3e1176aa2ece1b1e6001da7d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vddTEuIrbGHQBDY4eHnZDKUcV7ttsntf
cache-control: public, max-age=31536000
cf-request-id: 07a39461fe00002c26b209c000000001
cf-ray: 611923499fd92c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 3981.14502e6d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 11 KB
4 KB 24ms
22ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3981.14502e6d.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

224cefb1b2cc86f6a5141dcf91be877037e406d1948e7ee5db66e76a91e7fb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 163228
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 2A9EA775889EE434
x-amz-id-2: D9wtBjLPvt5xydTeFa4aIDk7zvXgLF8Sp6w+1FisLucYplgzdraHWxrr1bwWfB4vl8X8PQX6W5E=
last-modified: Tue, 12 Jan 2021 20:12:07 GMT
server: cloudflare
etag: W/"908466203a4a9a8b131a3b24121834ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: KuKoNi3HArh6EqcWAdk9X6nHrTywuDqX
cache-control: public, max-age=31536000
cf-request-id: 07a394620400002c26cd37e000000001
cf-ray: 61192349afec2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

GET
H2 200 Post.8a4e777c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 25ms
23ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/Post.8a4e777c.chunk.js

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7668fcb1ba7203a2c0588a7db8edd499f34e9cefdb00ef10a7f76572fdeefb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 770801
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D3B758E880259E81
x-amz-id-2: od9S0scG0PNgO9BHXKTL+iu1PlyICsQHMwshgsnd9H+VcYB5ez8i5UTAs2aLlH9iQ9Msjs3Eq7c=
last-modified: Tue, 05 Jan 2021 19:26:32 GMT
server: cloudflare
etag: W/"77120b34e0f269026f8880e755f0d507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 95ZJ_Vcjh7krUCPlOjY_x8SWFY6hsBTK
cache-control: public, max-age=31536000
cf-request-id: 07a394620400002c265ab9b000000001
cf-ray: 61192349afed2c26-FRA
expires: Fri, 14 Jan 2022 17:39:41 GMT

POST
H2 200 graphql Show response
engineering.salesforce.com/_/ 94 B
384 B 229ms
229ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/4739.78fb2a04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a66f44496c5af129803ef06cfad4823a1da4d5299b32501a897aac6a06de9baf

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 3e247d462ae3d95c
Medium-Frontend-Path: /easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
Graphql-Operation: InteractivePostBodyQuery
content-type: application/json
accept: */*
Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
Medium-Frontend-App: lite/main-20210114-054250-0730e012e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20210114-054250-0730e012e2
ot-tracer-spanid: 172eef585132d275

Response headers

date: Thu, 14 Jan 2021 17:39:42 GMT
sepia-upstream: medium
server: nginx
etag: W/"5e-fOpxaKNz5KFH3dHvDlRqoe5sjAc"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, rito/main-20210114-154607-5ccd2c2a30, tutu/medium-43414
x-envoy-upstream-service-time: 118
content-length: 94
x-request-received-at: 1610645982355

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/ 48 KB
19 KB 87ms
26ms Script
application/x-javascript 65.9.71.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.160 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 13 Jan 2021 17:42:32 GMT
Content-Encoding: gzip
Age: 86192
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 02 Apr 2020 00:28:20 GMT
Server: nginx
ETag: W/"5e8531a4-c079"
Content-Type: application/x-javascript
Via: 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: LfrrotFJPsNrqGBggCzzBnQF_RVqfzJdWPYfxV9JMigEUQw9v1S3aQ==
Expires: Thu, 14 Jan 2021 17:42:32 GMT

POST
H2 200 /
engineering.salesforce.com/_/clientele/reports/performance/ 0
0 113ms
113ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:42 GMT
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, clientele/main-20210113-172837-b825ba5bcc
x-envoy-upstream-service-time: 7
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 78 KB
24 KB 82ms
26ms Script
text/javascript 143.204.215.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a?gi=68cc9787975e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI.
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 19 Nov 2020 17:43:28 GMT
Server: AmazonS3
Age: 174
ETag: "d4ba055ba82c0baa510053e92eb83211"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Thu, 14 Jan 2021 17:36:55 GMT
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 23541
X-Amz-Cf-Id: U8lPshKVkm2e-yffcq7XWr8aCaREmZ-gCGyNXz8ZnibE5o51konX8g==

POST
H2 200 /
engineering.salesforce.com/_/clientele/reports/performance/ 0
0 114ms
114ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:43 GMT
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, clientele/main-20210113-172837-b825ba5bcc
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
engineering.salesforce.com/_/clientele/reports/performance/ 0
0 113ms
113ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:43 GMT
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, clientele/main-20210113-172837-b825ba5bcc
x-envoy-upstream-service-time: 5
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

GET
H2 200 0*Mua4JH888Pr2AnEY
miro.medium.com/max/881/ 20 KB
20 KB 170ms
169ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/881/0*Mua4JH888Pr2AnEY

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff3287c77bedc048628e466adec64104ce5a7160cc8c4adca6765ff399644ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 36
content-length: 20046
cf-request-id: 07a394678b00002c26db992000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 6119235278722c26-FRA
expires: Sat, 13 Feb 2021 17:39:43 UTC

GET
H2 200 a16180790160.html
a16180790160.cdn.optimizely.com/client_storage/ Frame 32B6 0
0 87ms
23ms Document
text/html 184.30.223.23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://a16180790160.cdn.optimizely.com/client_storage/a16180790160.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.30.223.23 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-30-223-23.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a16180790160.cdn.optimizely.com
:scheme: https
:path: /client_storage/a16180790160.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a

Response headers

x-amz-id-2: RwT1BTYt0vOhl2DOdgV9rcgoT90R3lLbPXntVbDRzViSTh+hXXkf+/NnaKxoPunw/pQzh2GmR+I=
x-amz-request-id: F2400EFA5B9F3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Jan 2021 17:02:07 GMT
etag: "96951076050b7ecaec6be5ad4679a28b"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: XlWfgG.84zrO85S0wFaI15W3AImeQxS7
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 781
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 14 Jan 2021 17:39:43 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="9";dur=0,cdnip;desc="184.30.223.23";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK /
srv-2021-01-14-17.pixel.parsely.com/plogger/ 43 B
229 B 418ms
102ms Image
image/gif 3.208.40.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2021-01-14-17.pixel.parsely.com/plogger/?rand=1610645983775&plid=60537941&idsite=medium.com&url=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fengineering.salesforce.com%2Feasily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a&sref=&sts=1610645983768&slts=0&title=Easily+Identify+Malicious+Servers+on+the+Internet+with+JARM+%7C+by+John+Althouse+%7C+Nov%2C+2020+%7C+Salesforce+Engineering&date=Thu+Jan+14+2021+18%3A39%3A43+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=89643164&u=pid%3D7aa7d78279b73503efd70140e6466152
Requested by: Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.40.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-40-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 17:39:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
738 B 194ms
178ms Script
text/javascript 2600:9000:2057:2600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.57.1&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty / Express

Resource Hash

d770dffc79010ca8edcdaa13478edf04abbc0b12263cae280358fd7d8bfa28d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 17:39:43 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty
X-Amz-Cf-Pop: FRA6-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-Brp7lalN7FQoiMi39TiaiYcfxKo"
X-Amz-Cf-Id: KEM1HEQSnhLk4Umyzy17j7x7givpRsUSca5LnUIW-Ct3fjmwavEN9Q==

GET
H2 200 0*Mua4JH888Pr2AnEY
miro.medium.com/max/700/ 53 KB
54 KB 144ms
144ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/max/700/0*Mua4JH888Pr2AnEY

Requested by

Host: engineering.salesforce.com
URL: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c0d8e03c0f9c3b63b3fc349cd261f48be392545b704df2b3c5ba860b6912310

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 24
content-length: 54662
cf-request-id: 07a3946a2d00002c2664af4000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 61192356ac602c26-FRA
expires: Sat, 13 Feb 2021 17:39:43 UTC

POST
H2 200 open Show response
api2.branch.io/v1/ 312 B
627 B 209ms
182ms XHR
application/json 2600:9000:214f:c800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7b296335857ee4b620aae30898ba8e34d73d8c3c24da17918b4cb7c6cc136d8

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 4c73416d888641bb9129aad5192ef029-2021011417
content-length: 312
x-amz-cf-id: kijBGPYpAAWGA-VESHdAExbMYMjbDrDjzBkHc0gyh4qi4Htr4W4_WQ==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
371 B 420ms
106ms XHR
text/plain 18.206.80.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16180790160.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.206.80.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-80-215.compute-1.amazonaws.com
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 17:39:44 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://engineering.salesforce.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 84b35359-e3c1-4372-9cdc-6ff7eb3c8440

POST
H2 200 profile Show response
api2.branch.io/v1/ 180 B
563 B 196ms
196ms XHR
application/json 2600:9000:214f:c800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/profile

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:c800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

7903987e72f4a9bddecf088bdb1417211f2482b7f2666c543e3278a763078fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"b4-RmA6AUIqgwRHmhcKTx4vVo41lxc"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: e9fa175ed8594ed5bdca4ee8c33053ee-2021011417
content-length: 180
x-amz-cf-id: G8Ep1urfIzxP-UEi2NYyHYsbUvDDtBAANT-iIKirnl4_cRAVvJmvQg==

POST
H2 200 /
engineering.salesforce.com/_/clientele/reports/performance/ 0
0 114ms
114ms Fetch
application/octet-stream 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/clientele/reports/performance/
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, clientele/main-20210113-172837-b825ba5bcc
x-envoy-upstream-service-time: 6
sepia-upstream: medium
server: nginx
content-length: 0
content-type: application/octet-stream

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
391 B 112ms
111ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd5427cf25855d0c46f4720dbfcca19b0771ec42c56bb15aa67ad3349e795fa

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dzy9wB7k7uIWSM7zKsR84rfH%2FAbnXzl94xsyhstLDgA0cUbxo%2BfzDwwzEJlMaxYL5ZK9cDhP%2BmU8aa16TkJ6ToxwFgubzyVlihvYhhD6pNtcDpaO6EBR%2Fair6QtWbX2fyuSHwwo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 6119235acd7f062d-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 07a3946cbe0000062de5257000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 131ms
112ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
cf-cache-status: DYNAMIC
cf-request-id: 07a3946c4b0000062dc50e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DeldGkkryVe2vQ2uUzYB78ccS%2FIcwm3Hd3IcJGMMR2qsSOk8aXamYAvh5VvZPTe%2FOf5xGjROKn6AsCXU82fAtYVednVZycs3JAAr4dIk4z%2FQvWHfMKPM5WzxYWkrasgImYbbbLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6119235a1b78062d-FRA

OPTIONS
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed
browser-http-intake.logs.datadoghq.com/v1/input/ Frame 0
0 278ms
88ms Other 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Protocol: H2
Server: 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: x-logmatic-add-useragent,x-logmatic-add-ip,content-type
access-control-max-age: 0

POST
H2 200 pub853ea8d17ad6821d9f8f11861d23dfed Show response
browser-http-intake.logs.datadoghq.com/v1/input/ 2 B
93 B 143ms
142ms Fetch
application/json 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-http-intake.logs.datadoghq.com/v1/input/pub853ea8d17ad6821d9f8f11861d23dfed
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 17:39:44 GMT
content-length: 2
content-type: application/json

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
389 B 197ms
196ms XHR
application/json 2600:9000:214f:c800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 67006e8e175440c093eb8953ca448cba-2021011417
content-length: 28
x-amz-cf-id: BBJG4iaLnY-KXUNvMEFYNXH8QikAJiRlTG-9Ue80HyZ4qFB6NvRirQ==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
388 B 192ms
191ms XHR
application/json 2600:9000:214f:c800:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 8fe3e02aee994ec8a73f04f3a3d335cf-2021011417
content-length: 28
x-amz-cf-id: IzVO88qNmbuvGt4zeC9yxnYm1uowbj1EXgle6w3Vw_OsCWg3BEqbXQ==

GET
H2 200 responses.editor.1488c922.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 12 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/responses.editor.1488c922.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.438cab86.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f05e6da5b427eb84cedaf32f7a47e5f0be658d908cebf7a9cc091017634690b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671113
content-type: application/javascript
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FB95D930073F13B8
x-amz-id-2: dopbmLZa1gcv8A+ZVKaPBXgv0O29ayPlUggVGpa8ptWXtJqVHOk8yUzrztq8PYnERqQ0qHJcJrA=
last-modified: Tue, 05 Jan 2021 20:03:24 GMT
server: cloudflare
etag: W/"4d61f68129c580ecd3835a4130c7bf51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5pm0cAE.liWtJn_eepDjMYeJDMIhL0TS
cache-control: public, max-age=31536000
cf-request-id: 07a3946dc300002c266c38b000000001
cf-ray: 6119235c6c172c26-FRA
expires: Fri, 14 Jan 2022 17:39:44 GMT

POST
H2 200 graphql Show response
engineering.salesforce.com/_/ 13 KB
3 KB 293ms
293ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/graphql
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/4739.78fb2a04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3d4eeab3dc5ba3b537dafe9b39a13169aa45e63faa6bb38ae87bb2c10eb84eeb

Request headers

apollographql-client-name: lite
Medium-Frontend-Route: post
ot-tracer-sampled: true
ot-tracer-traceid: 3e247d462ae3d95c
Medium-Frontend-Path: /easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
Graphql-Operation: PagedThreadedPostResponsesQuery
content-type: application/json
accept: */*
Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
Medium-Frontend-App: lite/main-20210114-054250-0730e012e2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
apollographql-client-version: main-20210114-054250-0730e012e2
ot-tracer-spanid: 172eef585132d275

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
content-encoding: gzip
sepia-upstream: medium
server: nginx
etag: W/"3309-TtNOgY+A5Bfqh5w3pHW2nRfi8cs"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2, rito/main-20210114-154607-5ccd2c2a30, tutu/medium-43414
x-envoy-upstream-service-time: 182
x-request-received-at: 1610645984885

GET
H2 200 unbound.css
glyph.medium.com/css/ 10 KB
1 KB 33ms
25ms Stylesheet
text/css 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/4739.78fb2a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2678
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e4900002c2657873000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6119235d4e902c26-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Thu, 14 Jan 2021 21:39:44 GMT

GET
H2 200 fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 14 KB
15 KB 38ms
22ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1282942
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7c00002c22f42ad000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd22c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 36ms
23ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1282942
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7d00002c22d5bd0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd72c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 67ms
55ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1282942
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7c00002c22cb0b4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd62c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 43ms
33ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66303
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7c00002c22ac86c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd52c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 40ms
32ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/be78681/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 435331
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7c00002c22bb3d2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd42c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
10 KB 38ms
35ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1181904
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e7d00002c22d2141000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9bd82c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

GET
H2 200 charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 10 KB
11 KB 28ms
28ms Font
application/font-woff 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://engineering.salesforce.com
Referer: https://glyph.medium.com/css/unbound.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33434
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-request-id: 07a3946e8000002c22a8804000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6119235d9be72c22-FRA
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires: Fri, 14 Jan 2022 17:39:44 GMT

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
486 B 119ms
119ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aed6662753bfab1741b4a022b02429f72e476ab32d15017085c1aa7a367af4d0

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xhyuzxGbcE2vdDCHDokYwkkcI71MZfckyUQE%2BbRgL8KWnxkoqebq2Sj%2BkBYvC%2FJ23XFRngis%2Bzhoy4yQeNoBBXHIPKP25AmtlULUJT7YGcDNvEoLL02n77xpWOgRuEqjBH8VVH4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 6119235e5a6a062d-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 07a3946eff0000062dc880c000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 107ms
107ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 07a3946e8c0000062ddf36a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=84p0AOvX5Ce6IXxPmlOMuiGYfZbdrTJkGw1Tnpp%2FXMe502qh8p81khyi4tKcBZsYUGUIbXkPD2J8Yq7Eg%2FHiSRYaZTLpy%2F3tgCqGvT12IPAU%2FjTMc9HSB18dHv3VYBgFSecTkLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6119235daf84062d-FRA

GET
H2 200 1*weIfgnNE4z6y1XmFzacJJA.jpeg
miro.medium.com/fit/c/32/32/ 1 KB
2 KB 21ms
21ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*weIfgnNE4z6y1XmFzacJJA.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57caccf53aee7fb9e0d05c08ec818f9e699d82e0df7f50cad4c2ea29b40a77d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 407268
x-envoy-upstream-service-time: 75
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1246
cf-request-id: 07a3946faf00002c26bc1ec000000001
pragma: public
sepia-upstream: medium
cf-bgj: h2pri
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 6119235f7d9b2c26-FRA
expires: Sat, 13 Feb 2021 17:39:45 GMT

GET
H2 200 0*INSS7eXocfAfCnqF.
miro.medium.com/fit/c/32/32/ 2 KB
3 KB 137ms
137ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/0*INSS7eXocfAfCnqF.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c057b8358e2b013bdc5189c90e916c38da79d463e0290b9419ea75da83f55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 23
content-length: 2478
cf-request-id: 07a3946fb000002c26af31a000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 6119235f8da12c26-FRA
expires: Sat, 13 Feb 2021 17:39:45 UTC

GET
H2 200 1*zPTn0iuk4_kUApqoap4aiA.png
miro.medium.com/fit/c/32/32/ 1 KB
1 KB 131ms
131ms Image
image/png 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/1*zPTn0iuk4_kUApqoap4aiA.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5be07cb52a3c1f0db42851adce776107adb087139bb089506d5d7621b5c4934

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-envoy-upstream-service-time: 85
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1085
cf-request-id: 07a3946fb100002c267a8fd000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 6119235f8da72c26-FRA
expires: Sat, 13 Feb 2021 17:39:45 GMT

GET
H2 200 0*qmEsVhfoW1v4nImq
miro.medium.com/fit/c/32/32/ 822 B
918 B 149ms
148ms Image
image/jpeg 2606:4700::6812:1cd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/fit/c/32/32/0*qmEsVhfoW1v4nImq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21b16a335f0f10a6042f894ce1f27910bdf1a0987d0919dc87ee8df02788bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 16
content-length: 822
cf-request-id: 07a3946fb600002c266522c000000001
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20201209-194421-2f3bd69bbf
accept-ranges: bytes
cf-ray: 6119235f8daf2c26-FRA
expires: Sat, 13 Feb 2021 17:39:45 UTC

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
373 B 108ms
108ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadaab716c8869e3aee273651112ba082fedf34a0452c9757c8c8d1f0c4210fd

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MNSP1EtfZFg%2FwbSyT%2F4d3LLCwHLBOS7KrPkUyfj4SuNDgIQmy%2BG39hRVArxHADnpOEbKEWhpWtD8mwZZjDcKxsyRcXtqf%2FeddUN%2Bz9c90qacu8GRDNCRhcGXXwhziHMadfbgGcI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 61192362988d062d-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 07a39471a10000062db0a72000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 106ms
105ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 07a39471360000062d81949000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=heeVeOutfnNp89%2BjdyQQUPesB8cLTylAVSCXzZ6ioBvKLoWsoC2gnocxrtttA11%2FsG7ipjmafqDQbBhi4N760EwQmsQO25Hbyduv2Zz55dFx3v7or4thR8OdZKmeKmbq%2F3n%2Fyp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 61192361fdd3062d-FRA

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
612 B 119ms
119ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778d751abf27c7ea95fbaa005bdf1dd6b47bb59e39a1358a4cee2f0697de8b9c

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=edxa%2BhJmPoRWNJVxhAX1GYvzxSCrHRHG5g%2Bd5T0WnXFnK69g3CKDa5i418Eqjiept9i4DKxhSfsMvhxEo1tcrlJ1fmGZLwqLKWxVS5yBbttjPedrLaLJ%2B4tyX%2FR4pfkfOY4%2BCJM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 611923667d03062d-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 07a394740c0000062da10da000000001

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 106ms
105ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
cf-request-id: 07a39473a30000062d85b96000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SCLvceXYXQJhcVhDkxyv%2BFoZzj0LeRwpbWRAdBzlp7X4Et8utb9smE4LiDia3tUrss3vi085xyu2tK8ahQYC2MgpuyXge0S3BX8d92rXtF57bNN0OJpsdc0sKEDusgkI6UP7ivU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 61192365dae2062d-FRA

POST
H2 200 batch Show response
engineering.salesforce.com/_/ 17 B
245 B 283ms
283ms Fetch
application/json 52.1.119.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engineering.salesforce.com/_/batch
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.1.119.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-119-170.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
x-xsrf-token: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:47 GMT
medium-fulfilled-by: valencia/main-20210114-054250-0730e012e2
x-envoy-upstream-service-time: 148
sepia-upstream: medium
server: nginx
content-length: 17
content-type: application/json

OPTIONS
H2 200 reports
lightstep.medium.systems/api/v0/ Frame 0
0 131ms
131ms Other 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Protocol: H2
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,lightstep-access-token
Origin: https://engineering.salesforce.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 17:39:49 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: LightStep-Access-Token, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
cf-cache-status: DYNAMIC
cf-request-id: 07a3947f3f0000062dd093f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=maT18tHAblklY6YMq735f6Qn6lW%2BsbrzAfJwZlu9Ed%2F%2FnGRCM5%2FAwUc2nSvFX4BQivmUnzdHMJwUYv3CCELV8CxQP05NYH80aVPiYMHN6KHMCFl0LgnLB%2B0OTSioYJor6VnFoqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 611923786ab6062d-FRA

POST
H2 200 reports Show response
lightstep.medium.systems/api/v0/ 96 B
390 B 258ms
257ms XHR
application/json 2606:4700:e2::ac40:8a24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lightstep.medium.systems/api/v0/reports
Requested by: Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/5573.159bf40f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f08c80c08724ac8208a86a211c4fc8bb27adcb02e3a4b70195245642277242ec

Request headers

Referer: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a
LightStep-Access-Token: ce5be895bef60919541332990ac9fef2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 17:39:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QR%2F%2BeTlWAVmrRRVUiszpFDXfT2%2B1SgT8niyRkuD4AK%2FVSpwqJ9KpiMcFg6ymqWz4E8NUpFEmb6%2FLSrVfHxayF8xZsvlxdQinzA0yVI2V1cpnEPrHmuJjAdaQXf53v0kKiU3MqRw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 611923793d15062d-FRA
access-control-allow-headers: LightStep-Access-Token, Content-Type
cf-request-id: 07a3947fc40000062de50c3000000001

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.salesforce.com/	1970-01-20 00:53:29	Name: _parsely_visitor Value: {%22id%22:%22pid=7aa7d78279b73503efd70140e6466152%22%2C%22session_count%22:1%2C%22last_session_ts%22:1610645983768}
.salesforce.com/	1970-01-19 15:24:07	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a%22%2C%22sref%22:%22%22%2C%22sts%22:1610645983768%2C%22slts%22:0}
engineering.salesforce.com/	1969-12-31 23:59:59	Name: Value: test

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js(Line 1) Message: ... .,ok000Oxc. 'oxo, .' ,kWMMMMMMMMXo;. ;KMWMX: lK, ,0MMMMMMMMMMMWNd'xMMMMMO;xWl lWMMMMMMMMMMMMM0lOMMMMMKoOMo cNMMMMMMMMMMMMMk:OMMMMM0lkWl .dNMMMMMMMMMMKx; lWMMMWd.dN: ;kXWMMMMWKd' .oXWXx. ;o. .;ccc:,. .,.
console-api	log	URL: https://cdn-client.medium.com/lite/static/js/main.a6c21203.js(Line 1) Message: We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	allow-from medium.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a16180790160.cdn.optimizely.com
api2.branch.io
app.link
browser-http-intake.logs.datadoghq.com
cdn-client.medium.com
cdn.branch.io
cdn.optimizely.com
d1z2jf7jlzjs58.cloudfront.net
engineering.salesforce.com
glyph.medium.com
lightstep.medium.systems
logx.optimizely.com
medium.com
miro.medium.com
srv-2021-01-14-17.pixel.parsely.com
www.google-analytics.com
143.204.215.33
18.206.80.215
184.30.223.23
2600:1f18:24e6:b901:a87e:afca:8dc0:9dc1
2600:9000:2057:2600:19:9934:6a80:93a1
2600:9000:214f:c800:11:f728:3040:93a1
2606:4700::6812:1cd4
2606:4700::6812:1dd4
2606:4700:e2::ac40:8a24
2a00:1450:4001:808::200e
2a00:1450:4001:816::200e
2a02:26f0:6c00:2a0::13b8
3.208.40.114
52.1.119.170
65.9.71.160
0357757d215a441af27d78652a98ec905b6a1853e9c56fd5964d1c95e32b7d76
03b509deaa0a59db74bc7d9630a073c16e0afa6c5b3d0fe0f73f016c31dc7c07
0a58704c37f8960f7e93e21a79d3e02877de4efe16c0bd1f182d40866a9c712f
0beb7954e8ea024028ede985c5adb28864000baddf786fa43cbf5a1e0f8fb415
0e4a43ce3ea047cb1774e2b80eb2bc0baad62043a18a5cc889b941b288fdc684
0e86fe8c1606e924a4e97954c26536fa5e607a8e80245236f29fc2dd94451107
1d88636b4f6cb3ffb38d63efaa4211718f17525235b4173f7e735a305b29a1ba
20e5403ab477bc5590ff20ac9f835fa03e6ff04837c4677ca4742a586a80f719
224cefb1b2cc86f6a5141dcf91be877037e406d1948e7ee5db66e76a91e7fb75
27dc4f27d67ecf878270e49f7ce84b8e54d9e5d3bd8708ac1a64ef414a7039a5
2cf065a4b2a11096a80d324c360020729ebcb29e3c5c2622a8f6aae687ac2884
3642d3805e9ba66fb550403766a10734052136d07789afe554763dc5658d41f0
387b4e6c558481b50671dfc3fc34b5eba703960fd2e5327776783ea4874358e3
38a2b82c53e5cef1fa53d57cd031d1138581845c396b3faba4770d13ae26eec1
3906a6f5289f1841d5f6c1664a8bf4ba19e272ea7743183baea77f61c6fbf64b
3a8645d9fd3372021901b8c4e43adaeedc8dcdb11821960bcbfdff46030aabeb
3d4eeab3dc5ba3b537dafe9b39a13169aa45e63faa6bb38ae87bb2c10eb84eeb
3f967640b084b03c8f25fc52173114d976c173fc273d31c128cf2c553e15b89c
3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44dbabd8ad9d452865f22041a9ab8dbd71fa6918c34378f71b989ed921a8201e
454acda42c088d128eb706669de5ca2f00d2494a3ecc521108cf0b4090a886a8
484a8fab25e8b8ff16dd09e2cf6e4b380bb74464ad1d21b73d9d5d5e52d4c206
4ac0b9586f3643987e1328d4c39e3edda5f41353877822404a021540c5dd80e9
4b50ca84b3ab702701a878a20f64a29dc1eccc4f5a308440814e01a9721395f9
4f31972a7b8d89050b3ccd58bbdbb275e2a998a8c4d2c4f17c35838d0da52939
521fc7ed31a9b3bf4aaf51ad52ca16362a8535c90d242fcbc425848dd6054019
534d05fa17f099576f65a71988307744bea83ac1da27f36b1603722ff0df4d16
57caccf53aee7fb9e0d05c08ec818f9e699d82e0df7f50cad4c2ea29b40a77d1
5b75ea6add95847bdd76fbfc7c22f5f07b1a8eb3dd7bf5a3d25e47cfd0419d08
5eaa22845dc493d6c01a0a51c9fdcf52895e99d0150413f5abd018d726c24f6e
5f4022f1b61a4bdac656711f12083b0aad56d61fa9bec60819a51cd2f3c450cb
62a617a7ca2de1f06c979f2e6503c8f4a751b1cfc821c5c632ea287b7043abfb
6af8730be3a3646069ac3338f5d7cd0dac0a5da59bfb57e3a527c41c7022daae
6e91b4a4ed9c6479812f7efdb90270e7d651a637078819aa2ebf36e4e8c20ecb
6ea7ba3f44868041b822fa00ad2fad8cd6aa9320242d35e0489442d501f0054c
6f6032fb4948e924c44a930b3f450b7b96e0a85bec49cbf743ee4d060333bb85
6ff3287c77bedc048628e466adec64104ce5a7160cc8c4adca6765ff399644ac
761fd463c8762233c23b6a014bf24c231a08006326bfd3a32ad62de5ea63d110
778d751abf27c7ea95fbaa005bdf1dd6b47bb59e39a1358a4cee2f0697de8b9c
7903987e72f4a9bddecf088bdb1417211f2482b7f2666c543e3278a763078fd9
7c0d8e03c0f9c3b63b3fc349cd261f48be392545b704df2b3c5ba860b6912310
7c641f892f22057d280574902211a972b66f21887b9605d6373420616c2998b3
8b0c060701a878582fead05b30ef2d4786ef2dd4f61d58b56f1edd52fe91781b
910b3b46085736858067eef2ffe4a754acc32d8b42515f06a1b70f9eabfa970c
95cc70038425fa5ac3e6a2e48186200f7ae34f585b5244fe86f66d879ec48231
97d2a047b01321f69dda95f33968ab16bf913a73ca34ebda4069d1fb2844a520
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a21b16a335f0f10a6042f894ce1f27910bdf1a0987d0919dc87ee8df02788bad
a2e644a1d50dbd459f1d1b004c92709506ea51a181f1933b78a245fae2342607
a311996acaacf247fa72d2290c7a896a160d3f01e92a6b3038e4b54a41b32c13
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a66f44496c5af129803ef06cfad4823a1da4d5299b32501a897aac6a06de9baf
a738dda6e96583650f66d31009a2909e8b44b8be0894dea3e365471cd1ec1138
a7618d2e62c31f249fe0b407123035441af2a2d8bb05cbf4dfe1790041ca20f7
a80c4741f2b7df1c1f597f93c58afc36b16ca20d89b7a43ee0bd1c91b484e72e
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ad2241f69060f75c612f89a803a0d5a92f9373336a54b156aaecf9b38fc61691
aed6662753bfab1741b4a022b02429f72e476ab32d15017085c1aa7a367af4d0
b10f3dec70f4e719e85b24b37ea65b269ee5d1f0b2e1207b60314209407f0e65
b289d637fcf7c062cf1f6ef392de4ce2818d6a1a867d4e6e0bcb6d7086c59a57
b3eb34a7a7bd37aa05c4fb8e2f5d061e1440886170039808b7d0d495edd27f47
b5be07cb52a3c1f0db42851adce776107adb087139bb089506d5d7621b5c4934
b5e89b4d56b524ca2ee06cda6345e56dbf1f698edf7b69ecbd5ee7ac9a962d81
b8f16c5a5cf88c225a7b495f6a1645b3480396b7f23f1e03fa59668f82b2cd4f
baa1608956128abccbe669efecc9bb3f3942ac84b41f3401c5ce674447feca66
bcb9a8036b691e18acc1b2c9d263e42579eb0dbb2c91d3e3066f5b0b4fd1c56d
bdb8433799a5600cb40b8120f9648a09e83199b6a79eaaae0d3b399fbefa44a5
bdd5427cf25855d0c46f4720dbfcca19b0771ec42c56bb15aa67ad3349e795fa
bf82e37aae137150bfc80621a879de82cd75b3a3188289dd5dc8883b5903357b
c00badff335c92187112b972082b59c6af6755113752778b55d8000307b3c03d
c10215fdbaf5c4c5fe4a15d2f037649b80dc17e9f82b7f0cc0bf56bccf64ab06
c1e4d3d8b145ea47dc884dd6aba8c572cd95ff832f57fb70cb7939da8d8eb73f
c2ca20d2091ca25899eaec96fae31faef0ee05138657e5c5ad037d702b11be3f
c65c8b8f992d0ad7dbf4eb387f33722ae1adc80498376619290a02b9a9684f92
c7668fcb1ba7203a2c0588a7db8edd499f34e9cefdb00ef10a7f76572fdeefb1
c7bf0369f514b505df2a666e0e49e29c7bebc245c34fd843d120b2df0530b8b9
c91611bbeba53d744d5533e444174ec2cc59f1955bbd9480374073fd92842737
cadaab716c8869e3aee273651112ba082fedf34a0452c9757c8c8d1f0c4210fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02f7e4f8648fdc9e9e1123348fe176aa66b75029ea220fc066c64cf72bfacfb
d770dffc79010ca8edcdaa13478edf04abbc0b12263cae280358fd7d8bfa28d4
dbdcb77942e20d9fc7aa034d0fc81554522b87b55f4309c76d1c01a377b87746
dd7a65a0e7e009b73e12e84c3063e28f7fe62db3497295b435ba8e3ba56ed969
de734b8e6595ce48b70090b3d1b0cc145dd958ad7a6ae5f0e70b25a113a90968
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9073846763cad29185c3b4c6e80dd9de3bc29bd52c81effc6ae7524285638
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4ae9db72e4f1080ac11d81a9c3407e16ac5defddf532f9249aae4a3cc3d37e2
e7b296335857ee4b620aae30898ba8e34d73d8c3c24da17918b4cb7c6cc136d8
e94f5c9ab17624e0617356aa0ce9b87c16a4a62e48ff8ccaabe6963072b76ef8
e9c057b8358e2b013bdc5189c90e916c38da79d463e0290b9419ea75da83f55e
f05e6da5b427eb84cedaf32f7a47e5f0be658d908cebf7a9cc091017634690b9
f08c80c08724ac8208a86a211c4fc8bb27adcb02e3a4b70195245642277242ec
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
f5a0971765ccaf2128cb41840f669bcbb61632eddb41c59a1c71afa0dbbae1dd
f69fb1f1bdac04c805e171640feeb26af4c57592cf81f5bbfb4421403e4c9c62
f97424dd27ef89748ae1cd058fe7094a6d0548d9a9aaf23814bdb7cdb703f2b5
fbb156f7f389a0857df74733e6be806d5b16d2c08eecf7eb36990b6f377255b0

engineering.salesforce.com Open in urlscan Pro 52.1.119.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

100 %HTTPS

60 %IPv6

10 Domains

16 Subdomains

15 IPs

4 Countries

1087 kBTransfer

3069 kBSize

3 Cookies

58 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

engineering.salesforce.com Open in urlscan Pro
52.1.119.170 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1087 kB
Transfer

3069 kB
Size

3
Cookies

114 HTTP transactions
0 data transactions