forum.anomali.com Open in urlscan Pro
52.207.129.120  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 2179 Show response forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/	102 KB 29 KB	582ms 372ms	Document text/html	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 7f62f7337d1924e4c05a66537277b9b480f54ed2fed0307dea6636a7475261a6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /t/malspam-delivers-pony-and-loki-bot/2179 pragma no-cache accept-encoding gzip, deflate upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 cache-control no-cache :authority forum.anomali.com :scheme https :method GET Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:33 GMT content-encoding gzip x-content-type-options nosniff status 200 x-discourse-route topics/show strict-transport-security max-age=31536000 x-xss-protection 1; mode=block x-request-id b29dea66-ffef-4431-8b18-20b56804e568 x-runtime 0.166276 referrer-policy no-referrer-when-downgrade server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=utf-8 x-discourse-trackview 1 cache-control no-store, must-revalidate, no-cache, private
GET H2	200	en-98176f4da8c1797408ad9d6a0b51c0ae7b728a455f6be9b9707442fc4d70f093.js Show response forum.anomali.com/assets/locales/	154 KB 48 KB	102ms 101ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/locales/en-98176f4da8c1797408ad9d6a0b51c0ae7b728a455f6be9b9707442fc4d70f093.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 38cdf1d07912aee933a6fc6f6561f69c44289a3b4e26ef513738c2d2b08bc0fc Request headers :path /assets/locales/en-98176f4da8c1797408ad9d6a0b51c0ae7b728a455f6be9b9707442fc4d70f093.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:34:26 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 49005 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Show response forum.anomali.com/assets/	574 KB 156 KB	204ms 203ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash b68f68f20182a8489877b5711511bff449d5e9a454d7f64f5e4928b721798215 Request headers :path /assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:23 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 159394 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	preload-store-ec90ffab9d7a6d9e507dda7cf7343e9d50b8bce624f7f44486ac8fd6b9814309.js Show response forum.anomali.com/assets/	677 B 678 B	204ms 203ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/preload-store-ec90ffab9d7a6d9e507dda7cf7343e9d50b8bce624f7f44486ac8fd6b9814309.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash d10dd5981101dad36439416d453d198a4aa277e9b763d0ba30e8f554319cc7b0 Request headers :path /assets/preload-store-ec90ffab9d7a6d9e507dda7cf7343e9d50b8bce624f7f44486ac8fd6b9814309.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:17 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 474 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	vendor-fdb742afd864f9f84db91d94e5062094725a112e57638bd5ba4229c0bceedacb.js Show response forum.anomali.com/assets/	226 KB 72 KB	204ms 203ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/vendor-fdb742afd864f9f84db91d94e5062094725a112e57638bd5ba4229c0bceedacb.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 54ef50868db69d437aea46ca6c10d040c1ab742977647490876b8039f486a8a6 Request headers :path /assets/vendor-fdb742afd864f9f84db91d94e5062094725a112e57638bd5ba4229c0bceedacb.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:12 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 73064 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	pretty-text-bundle-a3a2c0c7f597c426e9e94b495ef68499b25c8a36790e91ddfb268d804a6e30b3.js Show response forum.anomali.com/assets/	63 KB 22 KB	204ms 203ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/pretty-text-bundle-a3a2c0c7f597c426e9e94b495ef68499b25c8a36790e91ddfb268d804a6e30b3.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash c47d36223cbe2fe92adcd0b105f841406072ecb37f11a4de030e8d17c34af831 Request headers :path /assets/pretty-text-bundle-a3a2c0c7f597c426e9e94b495ef68499b25c8a36790e91ddfb268d804a6e30b3.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:25 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 22127 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	application-a97f3617ca7163180cf339e2fde294d080947e94701d9ff5bea4fb28e61e99e3.js Show response forum.anomali.com/assets/	2 MB 322 KB	204ms 203ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/application-a97f3617ca7163180cf339e2fde294d080947e94701d9ff5bea4fb28e61e99e3.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 6be78210c37d13ca45152e3c0499effc9da08d9d7465bce1058727d8aed986c7 Request headers :path /assets/application-a97f3617ca7163180cf339e2fde294d080947e94701d9ff5bea4fb28e61e99e3.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:34:48 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 328989 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	plugin-f70295a176bf6d93b2ce19df53484d2399af9ff46fce95602c2a7d0982ad4a69.js Show response forum.anomali.com/assets/	107 KB 24 KB	204ms 204ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/plugin-f70295a176bf6d93b2ce19df53484d2399af9ff46fce95602c2a7d0982ad4a69.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 874ea57426ddb829f50120dadd982e2d03146c887f2c123044f6d3dd329e56ee Request headers :path /assets/plugin-f70295a176bf6d93b2ce19df53484d2399af9ff46fce95602c2a7d0982ad4a69.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:30 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 24414 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	plugin-third-party-339848ec8b00392a6824da7497dc155cf9c43b74aac16e096430b6ba86a461ed.js Show response forum.anomali.com/assets/	179 KB 38 KB	204ms 204ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/plugin-third-party-339848ec8b00392a6824da7497dc155cf9c43b74aac16e096430b6ba86a461ed.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 7f953c9f4b356deefa4df89b9de7d2c24b1ce0ec3f34999567e7a4dbf64edf91 Request headers :path /assets/plugin-third-party-339848ec8b00392a6824da7497dc155cf9c43b74aac16e096430b6ba86a461ed.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:31 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 38191 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2 forum.anomali.com/assets/	75 KB 76 KB	204ms 204ms	Font application/octet-stream	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2?https://forum.anomali.com&2&v=4.7.0 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers :path /assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2?https://forum.anomali.com&2&v=4.7.0 pragma no-cache origin https://forum.anomali.com accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Origin https://forum.anomali.com Response headers date Fri, 23 Mar 2018 07:34:34 GMT last-modified Fri, 09 Mar 2018 21:31:17 GMT server nginx status 200 content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000 public,immutable accept-ranges bytes content-length 77160 expires Sat, 23 Mar 2019 07:34:34 GMT
GET H2	200	desktop_1_c60021ec87b6b56b6be427417e6dafb3cf69a574.css forum.anomali.com/stylesheets/	281 KB 59 KB	203ms 203ms	Stylesheet text/css	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/stylesheets/desktop_1_c60021ec87b6b56b6be427417e6dafb3cf69a574.css?__ws=forum.anomali.com Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 8ad0004ab2b00f1e39d99b923ee6fd31672136c3e87d10eb294e9b4e593bd53f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /stylesheets/desktop_1_c60021ec87b6b56b6be427417e6dafb3cf69a574.css?__ws=forum.anomali.com pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip x-content-type-options nosniff content-transfer-encoding binary status 200 x-discourse-route stylesheets/show content-disposition inline; filename="desktop_1_c60021ec87b6b56b6be427417e6dafb3cf69a574.css" x-xss-protection 1; mode=block x-request-id ef834789-8fca-4395-8c53-37c6826b1bdc x-runtime 0.032889 last-modified Fri, 09 Mar 2018 21:34:52 GMT server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31556952, public, immutable
GET H2	200	desktop_theme_1_9c68e204fa03842f5d4000b47df7bd3b207aff89.css forum.anomali.com/stylesheets/	90 B 518 B	203ms 203ms	Stylesheet text/css	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/stylesheets/desktop_theme_1_9c68e204fa03842f5d4000b47df7bd3b207aff89.css?__ws=forum.anomali.com Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 35dd6b2b1e5d4fb16b9264aea07e1652398a1152313efc8bfe8e9c846066ecbb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /stylesheets/desktop_theme_1_9c68e204fa03842f5d4000b47df7bd3b207aff89.css?__ws=forum.anomali.com pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip x-content-type-options nosniff content-transfer-encoding binary status 200 x-discourse-route stylesheets/show content-disposition inline; filename="desktop_theme_1_9c68e204fa03842f5d4000b47df7bd3b207aff89.css" x-xss-protection 1; mode=block x-request-id fa32d0c0-7e1c-4a54-be41-d089d4c71041 x-runtime 0.033726 last-modified Fri, 09 Mar 2018 21:36:04 GMT server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31556952, public, immutable
GET H2	200	browser-update-f57286e74ddbc53aa899689b01ef467078911e4138050c561939955849af35dd.js Show response forum.anomali.com/assets/	1 KB 1 KB	201ms 200ms	Script application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/assets/browser-update-f57286e74ddbc53aa899689b01ef467078911e4138050c561939955849af35dd.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 3a65867e4b8b4fac5da41d75dbb56a543e599a7ee3954d85c57fd31f7f40be30 Request headers :path /assets/browser-update-f57286e74ddbc53aa899689b01ef467078911e4138050c561939955849af35dd.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept */* cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:33:17 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 public,immutable content-length 829 expires Sat, 23 Mar 2019 07:34:34 GMT
GET S	200	css fonts.googleapis.com/	5 KB 759 B	15ms 15ms	Stylesheet text/css	216.58.207.74 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,500,700 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol SPDY Server 216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s25-in-f10.1e100.net Software ESF / Resource Hash b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip last-modified Fri, 23 Mar 2018 07:34:34 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" x-xss-protection 1; mode=block expires Fri, 23 Mar 2018 07:34:34 GMT
GET S	200	gtm.js Show response www.googletagmanager.com/	42 KB 16 KB	51ms 51ms	Script application/javascript	216.58.207.72 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T5W76RQ Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol SPDY Server 216.58.207.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s25-in-f8.1e100.net Software Google Tag Manager (scaffolding) / Resource Hash 0e0e76ad8fb498841b7fadebad642ce75072a1f4dfb0dbeeb12474397f2d89c3 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:34 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" content-length 16724 x-xss-protection 1; mode=block expires Fri, 23 Mar 2018 07:34:34 GMT
GET H2	500	find_ticket Show response forum.anomali.com/zendesk/	46 B 177 B	113ms 112ms	XHR application/json	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/zendesk/find_ticket?external_id=forum-2179&_=1521790474511 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash d7e6fda7f55a85a52f7291073b2424fa859faf95c5b69f88f924d020b2817880 Request headers :path /zendesk/find_ticket?external_id=forum-2179&_=1521790474511 pragma no-cache accept-encoding gzip, deflate x-csrf-token undefined discourse-track-view true discourse-visible true user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept application/json, text/javascript, */*; q=0.01 cache-control no-cache :authority forum.anomali.com x-requested-with XMLHttpRequest :scheme https referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :method GET Discourse-Track-View true Accept application/json, text/javascript, */*; q=0.01 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 X-CSRF-Token undefined Discourse-Visible true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 X-Requested-With XMLHttpRequest Response headers status 500 x-runtime 0.009610 date Fri, 23 Mar 2018 07:34:34 GMT server nginx content-length 46 x-request-id 51ed2a2d-2b6e-45ca-9117-341761dd4ed5 content-type application/json; charset=utf-8
GET S	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	172.217.23.131 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol SPDY Server 172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s18-in-f3.1e100.net Software sffe / Resource Hash fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:400,500,700 Origin https://forum.anomali.com Response headers date Fri, 23 Feb 2018 23:12:25 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:39 GMT server sffe age 2362929 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" content-length 8800 x-xss-protection 1; mode=block expires Sat, 23 Feb 2019 23:12:25 GMT
GET S	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 5ms	Font font/woff2	172.217.23.131 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol SPDY Server 172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s18-in-f3.1e100.net Software sffe / Resource Hash 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:400,500,700 Origin https://forum.anomali.com Response headers date Mon, 05 Mar 2018 04:56:27 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:46 GMT server sffe age 1564687 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" content-length 8892 x-xss-protection 1; mode=block expires Tue, 05 Mar 2019 04:56:27 GMT
GET H2	200	jquery.magnific-popup.min.js Show response forum.anomali.com/javascripts/	20 KB 7 KB	102ms 102ms	XHR application/javascript	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/javascripts/jquery.magnific-popup.min.js Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Request headers :path /javascripts/jquery.magnific-popup.min.js pragma no-cache accept-encoding gzip, deflate x-csrf-token undefined discourse-visible true discourse-script true user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 cache-control no-cache :authority forum.anomali.com x-requested-with XMLHttpRequest :scheme https referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :method GET Discourse-Script true Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 X-CSRF-Token undefined Discourse-Visible true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 23 Mar 2018 07:34:35 GMT content-encoding gzip last-modified Fri, 09 Mar 2018 21:31:19 GMT server nginx vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=86400 public,immutable expires Sat, 24 Mar 2018 07:34:35 GMT
GET H2	200	topics.json Show response forum.anomali.com/babble/	13 B 395 B	114ms 114ms	XHR application/json	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/babble/topics.json?_=1521790474512 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash d5eea23a2f7ca3f36d2a5dbf3ab2532a3de3a797ded388afb816068c2863a152 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /babble/topics.json?_=1521790474512 pragma no-cache accept-encoding gzip, deflate x-csrf-token undefined discourse-visible true user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept application/json, text/javascript, */*; q=0.01 cache-control no-cache :authority forum.anomali.com x-requested-with XMLHttpRequest :scheme https referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :method GET Accept application/json, text/javascript, */*; q=0.01 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 X-CSRF-Token undefined Discourse-Visible true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 X-Requested-With XMLHttpRequest Response headers x-runtime 0.011405 date Fri, 23 Mar 2018 07:34:35 GMT content-encoding gzip x-content-type-options nosniff server nginx x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 status 200 cache-control no-store, must-revalidate, no-cache, private x-discourse-route topics/index x-request-id ad59798f-e75b-4771-8aa7-0d9d399d83c0 vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade
GET H2	200	a41d85c8f2b0423b06edff141d53fdbb81c426c0_1_690x64.png forum.anomali.com/uploads/default/optimized/1X/	13 KB 13 KB	102ms 102ms	Image image/png	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://forum.anomali.com/uploads/default/optimized/1X/a41d85c8f2b0423b06edff141d53fdbb81c426c0_1_690x64.png Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash d273825c072114ea92e8ed40ec33c09c7ce1508940645e712c3ae2587802d172 Request headers :path /uploads/default/optimized/1X/a41d85c8f2b0423b06edff141d53fdbb81c426c0_1_690x64.png pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 23 Mar 2018 07:34:35 GMT last-modified Wed, 23 Aug 2017 18:52:25 GMT server nginx content-type image/png status 200 cache-control max-age=31536000 public,immutable accept-ranges bytes content-length 12929 expires Sat, 23 Mar 2019 07:34:35 GMT
GET H2	200	269_1.png forum.anomali.com/user_avatar/forum.anomali.com/intel_acquisition_team/45/	6 KB 6 KB	103ms 102ms	Image image/png	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://forum.anomali.com/user_avatar/forum.anomali.com/intel_acquisition_team/45/269_1.png Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash b502360122df6a44a9b37cab803c0b31174af8b6109fe7c82148129d28089b3e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /user_avatar/forum.anomali.com/intel_acquisition_team/45/269_1.png pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method GET Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers x-runtime 0.016011 date Fri, 23 Mar 2018 07:34:35 GMT x-content-type-options nosniff last-modified Fri, 09 Mar 2018 21:31:24 GMT server nginx x-frame-options SAMEORIGIN content-type image/png status 200 x-discourse-route user_avatars/show cache-control max-age=31556952, public, immutable content-transfer-encoding binary content-length 5984 x-xss-protection 1; mode=block
POST H2	200	report_js_error Show response forum.anomali.com/logs/	2 B 170 B	108ms 102ms	XHR text/plain	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/logs/report_js_error Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /logs/report_js_error pragma no-cache origin https://forum.anomali.com accept-encoding gzip, deflate x-csrf-token undefined user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept */* cache-control no-cache :authority forum.anomali.com x-requested-with XMLHttpRequest :scheme https referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 content-length 114 :method POST Accept */* Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Origin https://forum.anomali.com X-CSRF-Token undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 X-Requested-With XMLHttpRequest Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers status 200 x-runtime 0.000302 date Fri, 23 Mar 2018 07:34:35 GMT referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000 x-request-id 4fc8335f-cdb3-435f-9d84-4d220ac9e58a
GET S	200	analytics.js Show response www.google-analytics.com/	35 KB 14 KB	9ms 8ms	Script text/javascript	216.58.207.78 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T5W76RQ Protocol SPDY Server 216.58.207.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s25-in-f14.1e100.net Software Golfe2 / Resource Hash f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 13 Nov 2017 20:19:12 GMT server Golfe2 age 3148 date Fri, 23 Mar 2018 06:42:07 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" content-length 14597 expires Fri, 23 Mar 2018 08:42:07 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	15ms 15ms	Image image/gif	216.58.207.78 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1671758940&t=pageview&_s=1&dl=https%3A%2F%2Fforum.anomali.com%2Ft%2Fmalspam-delivers-pony-and-loki-bot%2F2179&dp=%2Ft%2Fmalspam-delivers-pony-and-loki-bot%2F2179&ul=en-us&de=UTF-8&dt=Malspam%20Delivers%20Pony%20and%20Loki-Bot%20-%20Discussions%20%2F%20Trending%20Threats%20-%20Anomali%20Forum&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2043354315&gjid=829651780&cid=707353819.1521790475&tid=UA-100898168-1&_gid=1526923256.1521790475&_r=1&gtm=G3kT5W76RQ&z=1721793660 Requested by Host: forum.anomali.com URL: https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 Protocol SPDY Server 216.58.207.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s25-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers pragma no-cache date Fri, 23 Mar 2018 07:34:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	poll forum.anomali.com/message-bus/9de9cf7760f94af196e32e16e4566c0f/	236 B 0	110ms 110ms	XHR text/plain	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/message-bus/9de9cf7760f94af196e32e16e4566c0f/poll Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers cookie _ga=GA1.2.707353819.1521790475; _gid=GA1.2.1526923256.1521790475; _gat_UA-100898168-1=1 origin https://forum.anomali.com accept-encoding gzip, deflate x-csrf-token undefined discourse-visible true x-silence-logger true x-requested-with XMLHttpRequest content-length 197 :path /message-bus/9de9cf7760f94af196e32e16e4566c0f/poll pragma no-cache user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept text/plain, */*; q=0.01 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method POST Origin https://forum.anomali.com X-CSRF-Token undefined Discourse-Visible true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 X-SILENCE-LOGGER true Accept text/plain, */*; q=0.01 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 X-Requested-With XMLHttpRequest Response headers pragma no-cache date Fri, 23 Mar 2018 07:34:35 GMT x-content-type-options nosniff server nginx status 200 access-control-allow-methods GET, POST content-type text/plain; charset=utf-8 access-control-allow-origin https://forum.anomali.com cache-control must-revalidate, private, max-age=0 access-control-allow-headers X-SILENCE-LOGGER, X-Shared-Session-Key, Dont-Chunk, Discourse-Visible expires 0
POST H2	200	poll forum.anomali.com/message-bus/9de9cf7760f94af196e32e16e4566c0f/	236 B 0	110ms 109ms	XHR text/plain	52.207.129.120 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://forum.anomali.com/message-bus/9de9cf7760f94af196e32e16e4566c0f/poll Requested by Host: forum.anomali.com URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.129.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-207-129-120.compute-1.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers cookie _ga=GA1.2.707353819.1521790475; _gid=GA1.2.1526923256.1521790475; _gat_UA-100898168-1=1 origin https://forum.anomali.com accept-encoding gzip, deflate x-csrf-token undefined discourse-visible true x-silence-logger true x-requested-with XMLHttpRequest content-length 197 :path /message-bus/9de9cf7760f94af196e32e16e4566c0f/poll pragma no-cache user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept text/plain, */*; q=0.01 cache-control no-cache :authority forum.anomali.com referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 :scheme https :method POST Origin https://forum.anomali.com X-CSRF-Token undefined Discourse-Visible true User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 X-SILENCE-LOGGER true Accept text/plain, */*; q=0.01 Referer https://forum.anomali.com/t/malspam-delivers-pony-and-loki-bot/2179 X-Requested-With XMLHttpRequest Response headers pragma no-cache date Fri, 23 Mar 2018 07:34:35 GMT x-content-type-options nosniff server nginx status 200 access-control-allow-methods GET, POST content-type text/plain; charset=utf-8 access-control-allow-origin https://forum.anomali.com cache-control must-revalidate, private, max-age=0 access-control-allow-headers X-SILENCE-LOGGER, X-Shared-Session-Key, Dont-Chunk, Discourse-Visible expires 0

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| EmberENV function| checkExtras object| I18n object| MessageFormat function| moment function| define function| requirejs object| ENV function| $ function| jQuery object| Ember object| Em function| require function| requireModule object| Markdown object| bootbox object| div function| endDrag undefined| grip number| lastMousePos number| min function| mousePosition undefined| originalDivHeight undefined| originalPos function| performDrag function| startDrag undefined| wrappedEndDrag undefined| wrappedPerformDrag object| clone function| getCaret object| Logster object| Discourse object| probes object| Handlebars object| MessageBus object| Select2 function| Favcount function| _ object| html5 object| Modernizr function| yepnope function| Mousetrap object| RSVP function| BreakString object| BufferedProxy string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| virtualDom object| Tautologistics function| filterCSS function| filterXSS object| dataLayer undefined| $bu object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.anomali.com/	1970-01-18 14:43:10	Name: _gat_UA-100898168-1 Value: 1
			.anomali.com/	1970-01-18 14:44:36	Name: _gid Value: GA1.2.1526923256.1521790475
			.anomali.com/	1970-01-19 08:14:22	Name: _ga Value: GA1.2.707353819.1521790475

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://forum.anomali.com/assets/ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js(Line 11) Message: undefined
console-api	log	URL: https://forum.anomali.com/assets/plugin-third-party-339848ec8b00392a6824da7497dc155cf9c43b74aac16e096430b6ba86a461ed.js(Line 2) Message: No topics available!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forum.anomali.com
www.google-analytics.com
www.googletagmanager.com
172.217.23.131
216.58.207.72
216.58.207.74
216.58.207.78
52.207.129.120
0e0e76ad8fb498841b7fadebad642ce75072a1f4dfb0dbeeb12474397f2d89c3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35dd6b2b1e5d4fb16b9264aea07e1652398a1152313efc8bfe8e9c846066ecbb
38cdf1d07912aee933a6fc6f6561f69c44289a3b4e26ef513738c2d2b08bc0fc
3a65867e4b8b4fac5da41d75dbb56a543e599a7ee3954d85c57fd31f7f40be30
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
54ef50868db69d437aea46ca6c10d040c1ab742977647490876b8039f486a8a6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6be78210c37d13ca45152e3c0499effc9da08d9d7465bce1058727d8aed986c7
7f62f7337d1924e4c05a66537277b9b480f54ed2fed0307dea6636a7475261a6
7f953c9f4b356deefa4df89b9de7d2c24b1ce0ec3f34999567e7a4dbf64edf91
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874ea57426ddb829f50120dadd982e2d03146c887f2c123044f6d3dd329e56ee
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8ad0004ab2b00f1e39d99b923ee6fd31672136c3e87d10eb294e9b4e593bd53f
b3dd58a587d33c5200140cee13c1332ac4d7f59b2551d3a8b841738616e54eee
b502360122df6a44a9b37cab803c0b31174af8b6109fe7c82148129d28089b3e
b68f68f20182a8489877b5711511bff449d5e9a454d7f64f5e4928b721798215
c47d36223cbe2fe92adcd0b105f841406072ecb37f11a4de030e8d17c34af831
d10dd5981101dad36439416d453d198a4aa277e9b763d0ba30e8f554319cc7b0
d273825c072114ea92e8ed40ec33c09c7ce1508940645e712c3ae2587802d172
d5eea23a2f7ca3f36d2a5dbf3ab2532a3de3a797ded388afb816068c2863a152
d7e6fda7f55a85a52f7291073b2424fa859faf95c5b69f88f924d020b2817880
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be