seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Submission: On May 15 via api (May 15th 2020, 4:15:39 pm UTC) from US

Summary HTTP 263 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 28 domains to perform 263 HTTP transactions. The main IP is 2606:4700:3037::681b:bc6c, located in United States and belongs to CLOUDFLARENET, US. The main domain is seguranca-informatica.pt.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.

This is the only time seguranca-informatica.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
99	2606:4700:303... 2606:4700:3037::681b:bc6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	140.82.118.4 140.82.118.4	36459 (GITHUB) (GITHUB)
1 1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:4d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	185.199.109.154 185.199.109.154	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
86	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
263	28

99 2606:4700:3037::681b:bc6c (United States)

ASN13335 (CLOUDFLARENET, US)

seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feed.seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.118.4 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-118-4-ams.github.com

gist.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4d6 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.109.154 (United States)

ASN54113 (FASTLY, US)

github.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

seguranca-informatica.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	seguranca-informatica.pt seguranca-informatica.pt feed.seguranca-informatica.pt	7 MB
86	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	857 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	108 KB
8	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com q.addthis.com	198 KB
7	doubleclick.net googleads.g.doubleclick.net
7	gstatic.com fonts.gstatic.com	70 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	183 KB
6	disqus.com seguranca-informatica.disqus.com disqus.com links.services.disqus.com	32 KB
6	facebook.com www.facebook.com graph.facebook.com	1 KB
4	disquscdn.com c.disquscdn.com	226 KB
4	facebook.net connect.facebook.net	277 KB
2	pinterest.com widgets.pinterest.com	557 B
2	reddit.com www.reddit.com	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	github.com gist.github.com	7 KB
1	addthisedge.com v1.addthisedge.com	1 KB
1	w.org s.w.org	567 B
1	moatads.com z.moatads.com	1 KB
1	youtube.com www.youtube.com
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	githubassets.com github.githubassets.com	5 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	licensebuttons.net licensebuttons.net	2 KB
1	paypalobjects.com www.paypalobjects.com
1	paypal.com 1 redirects www.paypal.com	576 B
1	googleapis.com fonts.googleapis.com	2 KB
263	28

	Domain	Requested by
98	seguranca-informatica.pt	seguranca-informatica.pt pagead2.googlesyndication.com
59	pbs.twimg.com	seguranca-informatica.pt platform.twitter.com
24	abs.twimg.com	seguranca-informatica.pt platform.twitter.com
7	platform.twitter.com	seguranca-informatica.pt platform.twitter.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	fonts.gstatic.com	seguranca-informatica.pt
5	pagead2.googlesyndication.com	seguranca-informatica.pt pagead2.googlesyndication.com
4	c.disquscdn.com	seguranca-informatica.disqus.com
4	www.facebook.com	seguranca-informatica.pt connect.facebook.net
4	connect.facebook.net	seguranca-informatica.pt connect.facebook.net
4	s7.addthis.com	seguranca-informatica.pt s7.addthis.com
3	seguranca-informatica.disqus.com	seguranca-informatica.pt seguranca-informatica.disqus.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects seguranca-informatica.pt
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	api-public.addthis.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	disqus.com	seguranca-informatica.disqus.com
2	www.google-analytics.com	seguranca-informatica.pt
2	gist.github.com	seguranca-informatica.pt
1	links.services.disqus.com	c.disquscdn.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	q.addthis.com	s7.addthis.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	s.w.org	seguranca-informatica.pt
1	z.moatads.com	s7.addthis.com
1	www.youtube.com	seguranca-informatica.pt
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	github.githubassets.com	gist.github.com
1	cdn.onesignal.com	seguranca-informatica.pt
1	licensebuttons.net	seguranca-informatica.pt
1	www.paypalobjects.com	seguranca-informatica.pt
1	www.paypal.com	1 redirects
1	feed.seguranca-informatica.pt	seguranca-informatica.pt
1	fonts.googleapis.com	seguranca-informatica.pt
263	40

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
feed.seguranca-informatica.pt
twitter.com
www.embarcadero.com
malware.pt
gist.github.com
github.com
www.blockchain.com
www.shodan.io
www.virustotal.com
www.hybrid-analysis.com
www.joesandbox.com
analyze.intezer.com
tugatech.com.pt
www.linkedin.com
www.facebook.com
t.me
facebook.com
plus.google.com
youtube.com
www.pinterest.pt
www.trignosfera.pt
creativecommons.org
linkedin.com
www.reddit.com
www.addthis.com
v1.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.github.com DigiCert SHA2 High Assurance Server CA	`2019-07-08` - `2020-07-16`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.githubassets.com DigiCert SHA2 High Assurance Server CA	`2018-10-29` - `2020-11-02`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Frame ID: 8E1CEFB30519775FF200DA9E800CEBE3
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html
Frame ID: F139A8E24080C2F3D7FA7A29C6A57FA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=580740002&adf=2311144427&w=740&fwrn=4&lmt=1589559319&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&flash=0&wgl=1&adsid=NT&dt=1589559318844&bpp=31&bdt=827&fdt=277&idt=278&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7791676138794&frm=20&pv=2&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=550024249256&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rku0jYLgL7&p=https%3A//seguranca-informatica.pt&dtd=444
Frame ID: D5CA076498CB7AFFEBBFB2AB37BD6B14
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/eqyuAj9hvy4
Frame ID: B192AB35E65B2B9CCA1BC19039FA61E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559319&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559319703&bpp=6&bdt=1686&fdt=7&idt=7&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=62
Frame ID: 4AB3966866DC5E55D57195482DFF964E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df145d9a0c6784b8%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3409dce2e461e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: 4D91D244A5D5324043BC9A319803050C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DC6816E6C57DEB175B13E96426604790
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A81FB491976F682FC1E854B1C71830B3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Frame ID: ADB9583E7C3AB8D6E73967BB379EFFC8
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=7502%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7502&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&t_e=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&t_d=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&t_t=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&s_o=default
Frame ID: D7EB57EDB9188491546BFFBEEC141AC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=2818823524&w=740&fwrn=4&fwrnh=100&lmt=1589559320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320295&bpp=8&bdt=2278&fdt=8&idt=8&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2983&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=55vHJFGn9e&p=https%3A//seguranca-informatica.pt&dtd=368
Frame ID: C7D12A141E5771FD734DACA055FA04F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=4183343689&w=740&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320310&bpp=55&bdt=2292&fdt=761&idt=761&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=92&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4715&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=HNckWev3K9&p=https%3A//seguranca-informatica.pt&dtd=766
Frame ID: C60793F7266C3A9110D0C2FF4E27FCCC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3832473613&adf=1840210285&w=720&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=720x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320369&bpp=5&bdt=2352&fdt=744&idt=745&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=243&ady=6098&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=oNRXHBxEz9&p=https%3A//seguranca-informatica.pt&dtd=748
Frame ID: ABEE0CF1F3F41EBB5F18C0F9FE12B339
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559321&rafmt=1&to=qs&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559320477&bpp=6&bdt=2460&fdt=715&idt=715&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C720x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XqvBZwQTCf&p=https%3A//seguranca-informatica.pt&dtd=723
Frame ID: 0ECD6ECDD0098680DEC3A24574F74332
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f9d0.png
Frame ID: 2B4DA6D80FED6D66C5B120B31D4F026B
Requests: 90 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 4C3E846083719A9C490C93376634C48A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: BA1CB9CEC4D1798D4D1F40E97C7226AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

263
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

40
Subdomains

28
IPs

5
Countries

8761 kB
Transfer

11122 kB
Size

14
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/
Title: 0xSI_f33d

Search URL Search Domain Scan URL

URL: https://twitter.com/DJ_PRMF
Title: @DJ_PRMF

Search URL Search Domain Scan URL

URL: https://twitter.com/t14g0p
Title: @t14g0p

Search URL Search Domain Scan URL

URL: https://www.embarcadero.com/br/
Title: Embarcaredo

Search URL Search Domain Scan URL

URL: https://malware.pt/posts/banker_google_docs/
Title: publication

Search URL Search Domain Scan URL

URL: https://gist.github.com/t14g0p/a45d8cdef974742cdf0711987deb56fc/raw/40a94e88d2b5e252430db650d516b5e05c76ade4/deobfs.py
Title: view raw

Search URL Search Domain Scan URL

URL: https://gist.github.com/t14g0p/a45d8cdef974742cdf0711987deb56fc#file-deobfs-py
Title: deobfs.py

Search URL Search Domain Scan URL

URL: https://github.com/
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.blockchain.com/btc/address/18KdHi9CJea1AjEtrVQSfqyN6QXZvJZXqS
Title: bitcoin wallet

Search URL Search Domain Scan URL

URL: https://www.shodan.io/
Title: Shodan

Search URL Search Domain Scan URL

URL: https://twitter.com/cocaman
Title: @cocaman

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/3701d539821e5e68891d72cc1dd54f6ead592c3e277e92a4349f99b82e0cbcd3/detection
Title: https://www.virustotal.com/gui/file/3701d539821e5e68891d72cc1dd54f6ead592c3e277e92a4349f99b82e0cbcd3/detection

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/421d6d28978d687aee62ef539d4c2d24e9e4d2b0d74c70c2856d8f978e538d5a/5eb163ce3c3c05767b1bcc69
Title: https://www.hybrid-analysis.com/sample/421d6d28978d687aee62ef539d4c2d24e9e4d2b0d74c70c2856d8f978e538d5a/5eb163ce3c3c05767b1bcc69

Search URL Search Domain Scan URL

URL: https://www.joesandbox.com/analysis/227588/0/html
Title: https://www.joesandbox.com/analysis/227588/0/html

Search URL Search Domain Scan URL

URL: https://analyze.intezer.com/#/analyses/92fad8e8-a756-4a70-8a7f-3c0098cc200a
Title: https://analyze.intezer.com/#/analyses/92fad8e8-a756-4a70-8a7f-3c0098cc200a

Search URL Search Domain Scan URL

URL: https://gist.github.com/sirpedrotavares/bba17721b7102e01a3e452ea800de5ed/raw/7b7519cdb537e20d8f9131df68789762597cc254/brazilian_trojan_portugal_april2020.yar
Title: view raw

Search URL Search Domain Scan URL

URL: https://gist.github.com/sirpedrotavares/bba17721b7102e01a3e452ea800de5ed#file-brazilian_trojan_portugal_april2020-yar
Title: brazilian_trojan_portugal_april2020.yar

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares/SI-LAB-Yara_rules
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/sirpedrotavares/status/1256619456060669952
Title: https://twitter.com/sirpedrotavares/status/1256619456060669952

Search URL Search Domain Scan URL

URL: https://tugatech.com.pt/t33136-novo-ransomware-propaga-se-sobre-faturas-falsas-da-vodafone
Title: https://tugatech.com.pt/t33136-novo-ransomware-propaga-se-sobre-faturas-falsas-da-vodafone

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares/
Title: Pedro Tavares

Search URL Search Domain Scan URL

URL: https://www.facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://twitter.com/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.pdf

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png
Title: PNG

Search URL Search Domain Scan URL

URL: https://t.me/segurancainformatica

Search URL Search Domain Scan URL

URL: https://facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+PedroTavaresSir

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.pinterest.pt/sirpedrotavares/seguranca-informaticapt/

Search URL Search Domain Scan URL

URL: https://www.trignosfera.pt/

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+PedroTavaresSir
Title:

Search URL Search Domain Scan URL

URL: https://linkedin.com/in/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

URL: https://v1.addthis.com/live/redirect/?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F%23at_pco%3Dsmlwn-1.0%26at_si%3D5ebec01799f868a3%26at_ab%3Dper-2%26at_pos%3D0%26at_tot%3D1&uid=5ebec017e46d24e4&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&per=undefined&pco=smlwn-1.0

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image&utm_campaign=Sharing%20tools%20logo
Title: AddThis

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image&utm_campaign=Recommended%20content%20logo
Title: AddThis

Search URL Search Domain Scan URL

URL: https://v1.addthis.com/live/redirect/?url=http%3A%2F%2Fseguranca-informatica.pt%2Fsensitive-data-from-edp-group-is-now-published-by-criminals-on-the-darkweb%2F%23at_pco%3Djrcf-1.0%26at_si%3D5ebec01799f868a3%26at_ab%3Dper-2%26at_pos%3D0%26at_tot%3D3&uid=5ebec017ab668761&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&per=undefined&pco=jrcf-1.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.paypal.com/en_PT/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

Request Chain 268

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

263 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/ 131 KB
29 KB 1167ms
1138ms Document
text/html 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

064f35d0bc956d66821ce6aa62f2d040e0bb99ba5045c56a382873111f95e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: seguranca-informatica.pt
:scheme: https
:path: /brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 16:15:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6ae9cde4528009b796a4ed715014c2ac1589559316; expires=Sun, 14-Jun-20 16:15:16 GMT; path=/; domain=.seguranca-informatica.pt; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.5
x-pingback: https://seguranca-informatica.pt/xmlrpc.php
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/", <https://seguranca-informatica.pt/?p=7502>; rel=shortlink, </wp-content/cache/minify/398c6.css>; rel=preload; as=style, </wp-content/cache/minify/eabb6.css>; rel=preload; as=style, </wp-content/cache/minify/021e7.css>; rel=preload; as=style, </wp-content/cache/minify/c841a.css>; rel=preload; as=style
vary: Accept-Encoding
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 593e28227fbb05c4-FRA
content-encoding: br
cf-h2-pushed: </wp-content/cache/minify/398c6.css>,</wp-content/cache/minify/eabb6.css>,</wp-content/cache/minify/021e7.css>,</wp-content/cache/minify/c841a.css>
cf-request-id: 02bab7698e000005c4d031d200000001

GET
H2 200 398c6.css
seguranca-informatica.pt/wp-content/cache/minify/ 60 KB
9 KB 3ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/398c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0de0d4de1311eb99b9327550146b23da220725b6739baa3158eb12f12d358a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=63257
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76dfa000005c4d0398200000001
referrer-policy
last-modified: Tue, 12 May 2020 12:49:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e28299f8d05c4-FRA
cf-bgj: minify

GET
H2 200 eabb6.css
seguranca-informatica.pt/wp-content/cache/minify/ 43 KB
9 KB 4ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=45567
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76dfa000005c4d0399200000001
referrer-policy
last-modified: Tue, 12 May 2020 18:15:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e28299f8f05c4-FRA
cf-bgj: minify

GET
H2 200 021e7.css
seguranca-informatica.pt/wp-content/cache/minify/ 82 KB
10 KB 5ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/021e7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b867e89571d23202e9a1cf026372048737c930c3e0c6002231ef5729297e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=87101
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76dfa000005c4d039a200000001
referrer-policy
last-modified: Tue, 12 May 2020 09:18:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e28299f9105c4-FRA
cf-bgj: minify

GET
H2 200 c841a.css
seguranca-informatica.pt/wp-content/cache/minify/ 80 KB
15 KB 5ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41842b8a7787f30dd7c129b53b921da9705e8420e0926550013d0252822547ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=83892
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76dfa000005c4d039b200000001
referrer-policy
last-modified: Tue, 12 May 2020 12:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e28299f9205c4-FRA
cf-bgj: minify

GET
H2 200 dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js Show response
seguranca-informatica.pt/cdn-cgi/apps/head/ 6 KB
2 KB 18ms
13ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/head/dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a12b82bb4b7e9b29fd41e3f22c394ee3d3737f8f9af9f7ae041d0bb895d8bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
x-amz-request-id: 5A6D031A65A7B0C2
x-amz-id-2: 4XbYJlareRgd91xRUSuuPE4CqNGm5f+IG/gdWfs+X50vzASXyUcegjznKMbnxmRdiQ/30sGoWaU=
last-modified: Sun, 05 Apr 2020 15:14:50 GMT
server: cloudflare
etag: W/"0393fdb4c7fd5923b28dfb50d125f8c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: lJHzaW_9htzRbalNZ7mokDHK2gBXM6Ql
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 02bab76e0e000005c4d039d200000001
cf-ray: 593e2829b80705c4-FRA

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Origin: https://seguranca-informatica.pt

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 16:15:18 GMT
server: ESF
date: Fri, 15 May 2020 16:15:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 16:15:18 GMT

GET
H2 200 jquery.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 95 KB
32 KB 249ms
244ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 21 May 2019 20:30:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b80b05c4-FRA
cf-request-id: 02bab76e0e000005c4d039e200000001

GET
H2 200 jquery-migrate.min.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 10 KB
4 KB 203ms
199ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 21 Jun 2016 18:04:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b80d05c4-FRA
cf-request-id: 02bab76e0e000005c4d039f200000001

GET
H2 200 frontend.min.js Show response
seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 204ms
200ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Thu, 27 Feb 2020 10:54:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b80e05c4-FRA
cf-request-id: 02bab76e0e000005c4d03a0200000001

GET
H2 200 nivo-lightbox.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/ 8 KB
2 KB 15ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76e0e000005c4d03a1200000001
referrer-policy
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2829b80f05c4-FRA

GET
H2 200 infinite-scroll.pkgd.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 25 KB
7 KB 202ms
198ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b81105c4-FRA
cf-request-id: 02bab76e0e000005c4d03a2200000001

GET
H2 200 front.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/ 26 KB
5 KB 203ms
199ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48555977de52a497e0dd8fe5aaf9ebf2df20bf16340340f4012baaa8153e490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b81405c4-FRA
cf-request-id: 02bab76e0e000005c4d03a3200000001

GET
H2 200 wpp-5.0.0.min.js Show response
seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/ 1 KB
902 B 206ms
203ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.1.0

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 31 Mar 2020 16:24:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2829b81605c4-FRA
cf-request-id: 02bab76e0e000005c4d03a4200000001

GET
H2 200 logotipox600.png
seguranca-informatica.pt/logotipo/ 20 KB
20 KB 155ms
117ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/logotipox600.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 20475
cf-request-id: 02bab76f49000005c4d03e1200000001
referrer-policy
last-modified: Tue, 13 Feb 2018 18:11:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baeec05c4-FRA

GET
H2 200 twitter_PNG28-e1517184971128.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 600 B
724 B 71ms
33ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/twitter_PNG28-e1517184971128.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 600
cf-request-id: 02bab76f49000005c4d03e2200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 00:16:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baeee05c4-FRA

GET
H2 200 icon-circle-150x150-youtube.png
seguranca-informatica.pt/ 7 KB
8 KB 71ms
34ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/icon-circle-150x150-youtube.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 7592
cf-request-id: 02bab76f49000005c4d03e3200000001
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baefe05c4-FRA

GET
H2 200 0xsi-f33d-2.png
seguranca-informatica.pt/wp-content/uploads/2020/04/ 874 B
989 B 71ms
34ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/0xsi-f33d-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c848f8748dcbd3ae9248bd4ef3309e931660b0ebd18b20b7c3989ac54144e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 874
cf-request-id: 02bab76f49000005c4d03e4200000001
referrer-policy
last-modified: Mon, 06 Apr 2020 13:02:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0005c4-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1615095a9e662d58ed44a7fc6c80c04b642ee9122a037e620680008463b3e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39297
x-xss-protection: 0
server: cafe
etag: 18167252803202742783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:15:18 GMT

GET
H2 200 02-template_phishing-768x467.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 105 KB
106 KB 71ms
35ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/02-template_phishing-768x467.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fa475ad9dd9c0bb2328beb67fcf6085332122077f3b535f9f2e3c65a1a26722

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 107898
cf-request-id: 02bab76f49000005c4d03e5200000001
referrer-policy
last-modified: Wed, 06 May 2020 19:41:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0505c4-FRA

GET
H2 200 03-trojan-banker-high-diagram-.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 259 KB
260 KB 75ms
39ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/03-trojan-banker-high-diagram-.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fdc456f04f1fc0810426165c11e0cb1e6c0cdc7e186b25b2be8100a1c69257f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 265489
cf-request-id: 02bab76f49000005c4d03e6200000001
referrer-policy
last-modified: Wed, 06 May 2020 19:42:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0805c4-FRA

GET
H2 200 02-template_phishing.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 41 KB
41 KB 76ms
40ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/02-template_phishing.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0f4f7cdf67f0adb696aac5b9bfc64d4f83ce63300eaeff781e8da2529f5a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 41565
cf-request-id: 02bab76f49000005c4d03e7200000001
referrer-policy
last-modified: Wed, 06 May 2020 19:41:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0a05c4-FRA

GET
H2 200 01-template_phishing.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 38 KB
39 KB 75ms
40ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/01-template_phishing.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8394fa4c884becaf16b858b07351f347291befcbc43bf61bd472e1a132aeccef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 39345
cf-request-id: 02bab76f49000005c4d03e8200000001
referrer-policy
last-modified: Wed, 06 May 2020 19:49:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0b05c4-FRA

GET
H2 200 4-zip-file-from-compromised-server.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 130 KB
130 KB 75ms
41ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/4-zip-file-from-compromised-server.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec6bb89fc1e8890c4c5ed5585f056c095c71b19cb32b9f4a67cba6c34adf70b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 133184
cf-request-id: 02bab76f49000005c4d03e9200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:05:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0d05c4-FRA

GET
H2 200 5-msi_downloading_2nd_stage.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 153 KB
153 KB 75ms
41ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/5-msi_downloading_2nd_stage.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a84a39ba8f7d4a16a477304a3a0a8dd86ffcd75683b3e3222c7a59661f9c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 156389
cf-request-id: 02bab76f49000005c4d03ea200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:07:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0e05c4-FRA

GET
H2 200 6-google-sites.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 33 KB
33 KB 75ms
41ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/6-google-sites.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b276423ec475f732888c695bb9e2f852868409cb99ae992200d57b3fde08ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 33522
cf-request-id: 02bab76f49000005c4d03eb200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:07:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf0f05c4-FRA

GET
H2 200 7-creating-file-startup-folder.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 81 KB
81 KB 75ms
42ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/7-creating-file-startup-folder.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7467c2e03239b2990273b1f57ba654dc7211e9244d3a86f838cc09790104193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 83011
cf-request-id: 02bab76f49000005c4d03ec200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:12:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1105c4-FRA

GET
H2 200 8-trojan-startup-folder.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 24 KB
25 KB 76ms
42ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/8-trojan-startup-folder.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce90d978164af230185a56b2420acc4439027772953d6b9a3079d4e8bebe9d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 24970
cf-request-id: 02bab76f49000005c4d03ed200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:13:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1305c4-FRA

GET
H2 200 embarcaredo.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 82 KB
82 KB 76ms
42ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/embarcaredo.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acd60b107c604bb10e4308dd5aa04d2f8bdb490d5c3a77981617dfa5c2a576d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 83614
cf-request-id: 02bab76f49000005c4d03ee200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:18:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1405c4-FRA

GET
H2 200 mapa.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 24 KB
24 KB 76ms
43ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/mapa.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac5c0cb194d016a5b86c0ebf341b176a9ea948b1d5c0b35074696039bdc9aba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 24517
cf-request-id: 02bab76f49000005c4d03ef200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:39:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1605c4-FRA

GET
H2 200 11-packer.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 5 KB
5 KB 76ms
43ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/11-packer.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6ad7e581d104b86cebc286fdab623582d9c62e3ede04ff60207ce02cbee95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 4778
cf-request-id: 02bab76f49000005c4d03f0200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:46:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1705c4-FRA

GET
H2 200 13-anti-dbg.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 48 KB
49 KB 76ms
43ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/13-anti-dbg.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8aafe0abf8b20593244ec20b5239f72a3d239abeaa943ee04bf4f32e9b8dc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 49594
cf-request-id: 02bab76f49000005c4d03f1200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:48:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1905c4-FRA

GET
H2 200 20-mutexes.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 17 KB
18 KB 76ms
44ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/20-mutexes.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20b68778dd2f83aea8f4c96b03c1fecf5d255ae53c86cd293968de3a6475568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 17745
cf-request-id: 02bab76f49000005c4d03f2200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1b05c4-FRA

GET
H2 200 14-sections.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 59 KB
59 KB 76ms
44ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/14-sections.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedbdc5e01fd1749ece5ad222243e3a27c2dfa5b8871328289d89aebd013ea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 60474
cf-request-id: 02bab76f49000005c4d03f3200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:54:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1d05c4-FRA

GET
H2 200 15-packed.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 27 KB
28 KB 76ms
45ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/15-packed.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc0c1397db71720dc6565ce306e033eba13f61a175e3e14ca3b5093204e1172

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 28066
cf-request-id: 02bab76f49000005c4d03f4200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:56:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf1f05c4-FRA

GET
H2 200 19-portex.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 55 KB
55 KB 76ms
45ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/19-portex.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9065ce3b15006e2211ffa09108571baf48e21db653a8098d53a0a828f10cd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 56281
cf-request-id: 02bab76f49000005c4d03f5200000001
referrer-policy
last-modified: Wed, 06 May 2020 20:58:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2005c4-FRA

GET
H2 200 clipboard_.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 318 KB
318 KB 76ms
46ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/clipboard_.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d57f3e484049e822c85edf524d5cef778fe769a8c10eec807c3f987009c9548

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 325368
cf-request-id: 02bab76f49000005c4d03f6200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:02:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2205c4-FRA

GET
H2 200 17-bpi-overlay.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 49 KB
49 KB 110ms
80ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/17-bpi-overlay.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7779b7dc26af3310711148c1acae9e02f631e368239e048597ce7ec6f7e05e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 49887
cf-request-id: 02bab76f49000005c4d03f7200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:05:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2305c4-FRA

GET
H2 200 21-santander-strings.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 56 KB
56 KB 146ms
116ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/21-santander-strings.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b75d3c01b481f0ccd00800a3dd803e9807d3fb1961f66a53fa0d0e091bb3cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 57477
cf-request-id: 02bab76f49000005c4d03f8200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:07:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2b05c4-FRA

GET
H2 200 22-overlay-banco.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 217 KB
217 KB 113ms
83ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/22-overlay-banco.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8410a075bea6718f549c25b3da4d714b8c262d8c029849748193f614b383631

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 221911
cf-request-id: 02bab76f49000005c4d03f9200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:08:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2e05c4-FRA

GET
H2 200 24-browser-overlay-1.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 147 KB
147 KB 75ms
46ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/24-browser-overlay-1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77304452b2274417b8a3476d75f1253e5d144edde5a269455d4d7a4ab5df0ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 150400
cf-request-id: 02bab76f49000005c4d03fa200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:11:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf2f05c4-FRA

GET
H2 200 25-positionin-overlay.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 24 KB
24 KB 75ms
46ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/25-positionin-overlay.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ac9409eaf87e270f1860f0aea0dfb7f74c31e18a0679a9d2ec44acade354cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 24070
cf-request-id: 02bab76f49000005c4d03fb200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3005c4-FRA

GET
H2 200 26-millenium.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 212 KB
213 KB 75ms
47ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/26-millenium.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa014d32cb2f0fed10084c403e677c10b0e7b77898f2bd790af112330ecc78d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 217253
cf-request-id: 02bab76f49000005c4d03fc200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:13:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3205c4-FRA

GET
H2 200 27-santander.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 213 KB
213 KB 112ms
84ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/27-santander.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74bce64b8642ede6c809586769d20a3bb3f69b7cbbf3edd32f81108a7767e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 218020
cf-request-id: 02bab76f49000005c4d03fd200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:14:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3605c4-FRA

GET
H2 200 28-montepio.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 335 KB
335 KB 105ms
77ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/28-montepio.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b8a0e5bf5a3a99353f90240d550078fee29d6df74fd47cc139f3bac73d865b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 342543
cf-request-id: 02bab76f49000005c4d03fe200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:16:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3805c4-FRA

GET
H2 200 29-bpi.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 319 KB
319 KB 105ms
78ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/29-bpi.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8995e173fbc28814420648e43c723f859473e3ee823575b0b32af64796620cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 326190
cf-request-id: 02bab76f49000005c4d03ff200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:16:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3a05c4-FRA

GET
H2 200 37-wireshark-gdocs.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 242 KB
243 KB 106ms
78ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/37-wireshark-gdocs.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53e15c9521875f1e3db0552ca297efd73bf3f649125e0467f5301338a345fc91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 248216
cf-request-id: 02bab76f49000005c4d0000200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:18:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf3d05c4-FRA

GET
H2 200 42-request.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 91 KB
91 KB 109ms
81ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/42-request.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84fdb44da06c6f70548aa4b4f73b439515775dc211d85b3f55721954e2329049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 93028
cf-request-id: 02bab76f49000005c4d0001200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:21:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4005c4-FRA

GET
H2 200 41-key-xor.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 19 KB
19 KB 143ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/41-key-xor.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048f480590ec0ca08fc57ba331065bc46fc3c36ac030a2feeb8b407db66f71ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 19508
cf-request-id: 02bab76f49000005c4d0002200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:22:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4105c4-FRA

GET
H2 200 email-decode.min.js Show response
seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
843 B 11ms
10ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76edc000005c4d03c4200000001
last-modified: Tue, 12 May 2020 16:13:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ebacb43-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 593e282afc4805c4-FRA
expires: Sun, 17 May 2020 16:15:18 GMT

GET
H/1.1 200
OK a45d8cdef974742cdf0711987deb56fc.js Show response
gist.github.com/t14g0p/ 7 KB
3 KB 251ms
185ms Script
text/javascript 140.82.118.4
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://gist.github.com/t14g0p/a45d8cdef974742cdf0711987deb56fc.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

140.82.118.4 , United States, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-118-4-ams.github.com

Software

GitHub.com /

Resource Hash

7d29213064fdf8bfceb38f5266f178f36fee29ef00140c7c6c3c0c086b00d307

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
status: 200 OK
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length: 1253
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: 5C74:3A988:1D25B3:28789A:5EBEC016
x-frame-options: deny
etag: W/"7d29213064fdf8bfceb38f5266f178f3"
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges: bytes

GET
H2 200 30-google-doc1.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 20 KB
21 KB 157ms
130ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/30-google-doc1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0999fade5a38c3dfbc134a8f2a3733281ed22974b02813f8cc88dc8f12d34c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 20951
cf-request-id: 02bab76f49000005c4d0003200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:36:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4205c4-FRA

GET
H2 200 31-googledoc2.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 21 KB
21 KB 111ms
85ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/31-googledoc2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f7d67cfa34ceb2c89c3654c49bb1b9c64f3f0bcbd8f42bda3d29eeb1208dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 21057
cf-request-id: 02bab76f49000005c4d0004200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:37:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4405c4-FRA

GET
H2 200 32-googledoc3.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 24 KB
24 KB 112ms
85ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/32-googledoc3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6fa87c387d5db09c4ca0b7a5b9c22c064787488c8eec63a7f173101cbbbbc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 24668
cf-request-id: 02bab76f49000005c4d0005200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:38:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4705c4-FRA

GET
H2 200 33-btc-768x360.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 90 KB
90 KB 142ms
116ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/33-btc-768x360.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

369e456b46d16a544d65269fcaae1c1edc9d75edca11e324cde573943c240072

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 92139
cf-request-id: 02bab76f49000005c4d0006200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:39:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4905c4-FRA

GET
H2 200 34-btc2-768x626.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 159 KB
160 KB 105ms
79ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/34-btc2-768x626.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd9885e28a8bab88f38cc1d62a3b5aae4f3508420abe3242ac4bbed30e5204d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 163281
cf-request-id: 02bab76f49000005c4d0007200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:40:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4a05c4-FRA

GET
H2 200 shodan.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 297 KB
298 KB 143ms
117ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/shodan.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8262dd29fd6d3274eab1dc2c06a77a0cb803358ef1512416b5497239ee09cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 304506
cf-request-id: 02bab76f49000005c4d0008200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4b05c4-FRA

GET
H2 200 38-c2-server.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 98 KB
98 KB 106ms
80ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/38-c2-server.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c2cc4ca2c334a2b67bbc3f9a550682887c8c2831cc338299e01192257645545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 100199
cf-request-id: 02bab76f49000005c4d0009200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:46:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4c05c4-FRA

GET
H2 200 mitre-attackmatrix.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 155 KB
156 KB 104ms
79ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/mitre-attackmatrix.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c347a51497091ee71f5a8e9edda0eb728ebee53336051447c66838997e8aa734

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 159174
cf-request-id: 02bab76f49000005c4d000a200000001
referrer-policy
last-modified: Wed, 06 May 2020 21:47:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf4f05c4-FRA

GET
H/1.1 200
OK bba17721b7102e01a3e452ea800de5ed.js Show response
gist.github.com/sirpedrotavares/ 7 KB
3 KB 343ms
168ms Script
text/javascript 140.82.118.4
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://gist.github.com/sirpedrotavares/bba17721b7102e01a3e452ea800de5ed.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

140.82.118.4 , United States, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-118-4-ams.github.com

Software

GitHub.com /

Resource Hash

9bd8c19f3d4f5fdd60b123818f5df4fc1d4fc3bb7f18a23faa50a7ee0278b909

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
status: 200 OK
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
Content-Length: 1176
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
X-GitHub-Request-Id: 5C76:12336:15B568:1E3D7B:5EBEC016
x-frame-options: deny
etag: W/"9bd8c19f3d4f5fdd60b123818f5df4fc"
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Accept-Ranges: bytes

GET
H2 200 pedro-tavares-300x200.jpg
seguranca-informatica.pt/wp-content/uploads/2018/11/ 80 KB
80 KB 139ms
114ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/11/pedro-tavares-300x200.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 82070
cf-request-id: 02bab76f49000005c4d000b200000001
referrer-policy
last-modified: Fri, 02 Nov 2018 14:44:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5105c4-FRA

GET
H2 200 si_f33d.png
seguranca-informatica.pt/wp-content/uploads/2020/04/ 5 KB
5 KB 103ms
78ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/si_f33d.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

575593b187efc8e164cf80d79952d18b79ecad5fb42a81b1711dedf7a2af46b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 5308
cf-request-id: 02bab76f49000005c4d000c200000001
referrer-policy
last-modified: Mon, 06 Apr 2020 14:06:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5205c4-FRA

GET
H2 200 Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png
feed.seguranca-informatica.pt/reports/2020/ 192 KB
192 KB 154ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0154bc5c5f57538a82d600332062423bc61361a127b27cb1be7077c07e34fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 196135
cf-request-id: 02bab76f61000005c4d0020200000001
last-modified: Sun, 19 Apr 2020 23:20:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7f05c4-FRA

GET
H2 200 blog-cover.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 589 KB
590 KB 109ms
84ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/blog-cover.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caace78c6f887ecbf780bdf5b71e57a02776d7ef5a0e54e797e3e007130262e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 603351
cf-request-id: 02bab76f49000005c4d000d200000001
referrer-policy
last-modified: Wed, 06 May 2020 22:18:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5505c4-FRA

GET
H2 200 cover_lampion-768x315.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 261 KB
261 KB 138ms
114ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/cover_lampion-768x315.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 266845
cf-request-id: 02bab76f49000005c4d000e200000001
referrer-policy
last-modified: Sat, 28 Dec 2019 02:40:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5605c4-FRA

GET
H2 200 blog-cover__.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 86 KB
86 KB 106ms
82ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/blog-cover__.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8742843c9c346c419f6a487e08a8f6d6c5f3200d4f7a7c0e15dab4a4a7c0c65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 87653
cf-request-id: 02bab76f49000005c4d000f200000001
referrer-policy
last-modified: Mon, 11 May 2020 21:38:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5805c4-FRA

GET
H2 200 emotet-ryuk-portugal-768x425.png
seguranca-informatica.pt/wp-content/uploads/2020/01/ 361 KB
361 KB 107ms
84ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/01/emotet-ryuk-portugal-768x425.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 369542
cf-request-id: 02bab76f49000005c4d0010200000001
referrer-policy
last-modified: Thu, 30 Jan 2020 14:44:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5905c4-FRA

GET
H2 200 youtube-subscribe-button-2.png
seguranca-informatica.pt/ 4 KB
5 KB 106ms
83ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/youtube-subscribe-button-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 4586
cf-request-id: 02bab76f49000005c4d0011200000001
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5a05c4-FRA

GET
H2 200 telegram.jpg
seguranca-informatica.pt/wp-content/uploads/2018/12/ 11 KB
11 KB 135ms
113ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/12/telegram.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 11537
cf-request-id: 02bab76f49000005c4d0012200000001
referrer-policy
last-modified: Thu, 27 Dec 2018 12:10:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf5c05c4-FRA

GET
H2 200 if_60-rss_104443.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 106ms
84ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_60-rss_104443.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 2265
cf-request-id: 02bab76f49000005c4d0013200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 13:11:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6205c4-FRA

GET
H2 200 if_1_Media_social_website_facebook_2657542.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 135ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_1_Media_social_website_facebook_2657542.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 1792
cf-request-id: 02bab76f49000005c4d0014200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6305c4-FRA

GET
H2 200 if_18_Media_social_website_in_2657551.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 135ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_18_Media_social_website_in_2657551.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 2141
cf-request-id: 02bab76f49000005c4d0015200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6505c4-FRA

GET
H2 200 if_12_Media_social_website_Twitter_2657545.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 135ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_12_Media_social_website_Twitter_2657545.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 2756
cf-request-id: 02bab76f49000005c4d0016200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6805c4-FRA

GET
H2 200 if_5_Media_social_website_gmail_2657573.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 137ms
116ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_5_Media_social_website_gmail_2657573.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 2512
cf-request-id: 02bab76f49000005c4d0017200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6c05c4-FRA

GET
H2 200 if_11_Media_social_website_youtube_2657544.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 150ms
130ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_11_Media_social_website_youtube_2657544.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 2502
cf-request-id: 02bab76f49000005c4d0018200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282baf6e05c4-FRA

GET
H2 200 if_14_Media_social_website_pinterest_2657547.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 99ms
79ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_14_Media_social_website_pinterest_2657547.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 3147
cf-request-id: 02bab76f61000005c4d0019200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7305c4-FRA

GET
H2 200 trignosfera.png
seguranca-informatica.pt/logotipo/partners/ 45 KB
45 KB 99ms
80ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/partners/trignosfera.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 46166
cf-request-id: 02bab76f61000005c4d001a200000001
referrer-policy
last-modified: Fri, 16 Feb 2018 16:25:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7605c4-FRA

GET
H2 200 81231ea4f1f1574817ce729145adde5b.gif
seguranca-informatica.pt/wp-content/uploads/2018/07/ 7 KB
7 KB 99ms
80ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/07/81231ea4f1f1574817ce729145adde5b.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 7181
cf-request-id: 02bab76f61000005c4d001b200000001
referrer-policy
last-modified: Mon, 30 Jul 2018 13:41:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7805c4-FRA

GET
H2 200 scam.gif
seguranca-informatica.pt/wp-content/uploads/2019/01/ 22 KB
23 KB 148ms
129ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/01/scam.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 22962
cf-request-id: 02bab76f61000005c4d001c200000001
referrer-policy
last-modified: Wed, 23 Jan 2019 10:49:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7905c4-FRA

GET
H2 200 coffepaypal.png
seguranca-informatica.pt/wp-content/uploads/2019/02/ 52 KB
52 KB 100ms
82ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/02/coffepaypal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
content-length: 53007
cf-request-id: 02bab76f61000005c4d001d200000001
referrer-policy
last-modified: Mon, 11 Feb 2019 23:55:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e282bcf7b05c4-FRA

GET
H2

404

pixel.gif
www.paypalobjects.com/en_PT/i/scr/
Redirect Chain

https://www.paypal.com/en_PT/i/scr/pixel.gif
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

0
0

195ms
150ms

Image
text/html

151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency: 15
date: Fri, 15 May 2020 16:15:18 GMT
x-edgeconnect-midmile-rtt: 143
status: 301
location: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: fe06903fcf4ff
strict-transport-security: max-age=63072000
dc: phx-origin-www-1.paypal.com
content-length: 0

GET
H2 200 88x31.png
licensebuttons.net/l/by/4.0/ 1 KB
2 KB 135ms
79ms Image
image/png 2606:4700:20::681a:4d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by/4.0/88x31.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:4d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3287
cf-polished: origSize=4739
status: 200
vary: Accept-Encoding
content-length: 1283
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
x-frame-options: deny
etag: "5eab4a31-1283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=432000
cf-request-id: 02bab76f720000d6f109370200000001
accept-ranges: bytes
cf-ray: 593e282beae2d6f1-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cherry-js-core.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/ 994 B
573 B 270ms
223ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/cherry-js-core.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baec505c4-FRA
cf-request-id: 02bab76f49000005c4d03d2200000001

GET
H2 200 comment_count.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 889 B
460 B 270ms
224ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baecf05c4-FRA
cf-request-id: 02bab76f49000005c4d03d3200000001

GET
H2 200 comment_embed.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 828 B
440 B 76ms
30ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=1150
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03d4200000001
referrer-policy
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baed105c4-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 2 KB
758 B 74ms
31ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/main.js?ver=20170211

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=2332
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03d5200000001
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baed205c4-FRA
cf-bgj: minify

GET
H2 200 jquery.sticky.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 7 KB
2 KB 270ms
227ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/jquery.sticky.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baed605c4-FRA
cf-request-id: 02bab76f49000005c4d03d6200000001

GET
H2 200 sticky-setting.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 289 B
261 B 268ms
225ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/sticky-setting.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f523ff657175b7cb8d2667602adb77ccebf5e5c5c987e32800d2698b6bb0286e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baed805c4-FRA
cf-request-id: 02bab76f49000005c4d03d7200000001

GET
H2 200 comment-reply.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 2 KB
1 KB 266ms
224ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/comment-reply.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Wed, 01 Apr 2020 14:18:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baedb05c4-FRA
cf-request-id: 02bab76f49000005c4d03d8200000001

GET
H2 200 cherry-handler.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/ 3 KB
1 KB 270ms
227ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/cherry-handler.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baedd05c4-FRA
cf-request-id: 02bab76f49000005c4d03d9200000001

GET
H2 200 validate.js Show response
seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/ 1 KB
433 B 268ms
226ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/validate.js?ver=6.6.5

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 12 May 2020 09:10:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baee005c4-FRA
cf-request-id: 02bab76f49000005c4d03da200000001

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 194ms
23ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 13:56:52 GMT
server: nginx/1.15.8
etag: W/"5e8dd824-582c2"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Fri, 15 May 2020 16:15:18 GMT
x-host: s7.addthis.com
content-length: 116281

GET
H2 200 enlighterjs.min.js Show response
seguranca-informatica.pt/wp-content/plugins/enlighter/resources/enlighterjs/ 55 KB
15 KB 72ms
31ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/enlighter/resources/enlighterjs/enlighterjs.min.js?ver=4.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a20b3be7d4327e93b19c5f9294f18c262e209b1831db3daee58a82baf8f96ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03db200000001
referrer-policy
last-modified: Wed, 29 Apr 2020 21:38:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baee305c4-FRA

GET
H2 200 wp-embed.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
937 B 266ms
225ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-embed.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Wed, 01 Apr 2020 14:18:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baee405c4-FRA
cf-request-id: 02bab76f49000005c4d03dc200000001

GET
H2 200 scripts.js Show response
seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/ 2 KB
912 B 72ms
32ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
cf-polished: origSize=2960
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03dd200000001
referrer-policy
last-modified: Fri, 01 May 2020 13:59:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baee605c4-FRA
cf-bgj: minify

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 135ms
91ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.1
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2162
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 593e282bdfee650f-FRA
cf-request-id: 02bab76f650000650fc3a90200000001
expires: Mon, 18 May 2020 16:15:18 GMT

GET
H2 200 underscore.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 16 KB
6 KB 71ms
32ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/underscore.min.js?ver=1.8.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03de200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baee805c4-FRA

GET
H2 200 wp-util.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
649 B 71ms
33ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-util.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
cf-request-id: 02bab76f49000005c4d03df200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e282baee905c4-FRA

GET
H2 200 cherry-search.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/ 2 KB
1014 B 263ms
224ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/cherry-search.min.js?ver=1.1.5

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baeeb05c4-FRA
cf-request-id: 02bab76f49000005c4d03e0200000001

GET
H2 200 qNcmPTj79EMUOrzZ4I-EprFF7Y8.js Show response
seguranca-informatica.pt/cdn-cgi/apps/body/ 28 KB
6 KB 100ms
83ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/body/qNcmPTj79EMUOrzZ4I-EprFF7Y8.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/cdn-cgi/apps/head/dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 142
status: 200
vary: Accept-Encoding
x-amz-request-id: B1A34C54B00795F5
x-amz-id-2: VyLprAeAEHyQzkdWParS9BRVX3BWymAqexBJx0ZGlHXKZwc6m6gjUnNVfnZNXvKti8lSly16zlo=
last-modified: Sun, 05 Apr 2020 15:14:50 GMT
server: cloudflare
etag: W/"2f0664ac054357af08048b56dbb23ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 39Vrrl1hwaQV.tQQHe0gpcneNyDq0WPl
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 02bab76f61000005c4d001e200000001
cf-ray: 593e282bcf7c05c4-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5803
date: Fri, 15 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 16:38:35 GMT

GET
H2 200 wp-emoji-release.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 14 KB
4 KB 244ms
227ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
last-modified: Wed, 01 Apr 2020 14:18:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282bcf7d05c4-FRA
cf-request-id: 02bab76f61000005c4d001f200000001

POST
H2 201 popular-posts Show response
seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/ 55 B
505 B 562ms
562ms XHR
application/json 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

f79b35bfccf95903f352072c396ca866bffbfd206198112c7ee524e0d0421a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.5
status: 201
vary: Origin,Accept-Encoding
cf-request-id: 02bab76f1b000005c4d03ca200000001
referrer-policy
access-control-allow-headers: Authorization, Content-Type
allow: GET, POST
server: cloudflare
x-wp-nonce: d87d90e536
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://seguranca-informatica.pt
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 593e282b5d8305c4-FRA
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 31ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: MfqN/iV09V6NBZ7PAC9pANU4soeeU2kYdqc0kkiKo+atAR7AYOjEPkYCfm/w6IriuT6ITMv3yxKqfyKzGhmWeg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 15 May 2020 16:15:18 GMT, Fri, 15 May 2020 16:15:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7/M7HcdSABtYBNj/dvVQRg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "8fb486b9c804808d762fe05a985a4fac"
x-fb-debug: ls2SpChS2BBu9rMFqy1Xcn3v/XPmiOZcUXkpT1GkC/XIIWlv7bx5dvCiQ5XTjyflRFSuaGHBhvHgG9pThlrq3Q==
x-fb-trip-id: 664085054
x-fb-content-md5: 4e2ac3d85fd9e47184840fd03051d43f
x-frame-options: DENY
date: Fri, 15 May 2020 16:15:18 GMT, Fri, 15 May 2020 16:15:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:24:47 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Wed, 06 May 2020 00:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 833101
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 06 May 2021 00:50:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2475927
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 17 Apr 2021 00:29:51 GMT

GET
H2 200 simple-line-icons.ttf
seguranca-informatica.pt/wp-content/themes/xmag/fonts/ 18 KB
12 KB 254ms
240ms Font
font/ttf 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/fonts/simple-line-icons.ttf?v=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: br
referrer-policy
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e282baec305c4-FRA
cf-request-id: 02bab76f49000005c4d03d1200000001

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 28ms
14ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 10 Apr 2020 06:12:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 3060163
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 10 Apr 2021 06:12:35 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 17ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Thu, 09 Apr 2020 23:10:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:15 GMT
server: sffe
age: 3085490
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9416
x-xss-protection: 0
expires: Fri, 09 Apr 2021 23:10:28 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 16ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Thu, 09 Apr 2020 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 3156120
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Fri, 09 Apr 2021 03:33:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 16ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Wed, 13 May 2020 20:33:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 157309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 13 May 2021 20:33:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 08 May 2020 19:19:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 593773
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 08 May 2021 19:19:05 GMT

GET
H2 200 gist-embed-31007ea0d3bd9f80540adfbc55afc7bd.css
github.githubassets.com/assets/ 23 KB
5 KB 56ms
22ms Stylesheet
text/css 185.199.109.154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/gist-embed-31007ea0d3bd9f80540adfbc55afc7bd.css
Requested by: Host: gist.github.com
URL: https://gist.github.com/t14g0p/a45d8cdef974742cdf0711987deb56fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.109.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa06051b1c939145f22a163564c3b9d5a3e5b95151c11d675fee25a5ac272a18

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: c639ff03d5ed800c7693203918a31dd18512b46e
date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
age: 6098110
x-cache: HIT, HIT
status: 200
access-control-max-age: 3600
content-length: 4953
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad2124-IAD, cache-ams21050-AMS
last-modified: Fri, 06 Mar 2020 02:17:54 GMT
server: AmazonS3
x-timer: S1589559319.844574,VS0,VE0
etag: "251755a24392f37def7c7d714f49c2e4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 10719

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 395 KB
115 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=edf0f15c033aa2529b37e0789fcc1c9b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Origin: https://seguranca-informatica.pt

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BVBccG0Oxjyz1acP5fS4YA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 117433
etag: "b65851d51456c6eaf72c44587b25f8c4"
x-fb-debug: Y6SgFuOZaMgcqOkbZPAMf64Boaz91S+Iq+oHVcFyW+/MzPco4PbsICn2XqwTIHGLenuJnCNDIsUdoMT66eiJbw==
x-fb-trip-id: 664085054
x-fb-content-md5: d5b0dc6beb43a6929dabe2b6b9d31a0e
x-frame-options: DENY
date: Fri, 15 May 2020 16:15:18 GMT, Fri, 15 May 2020 16:15:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 15 May 2021 16:04:47 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
108 B 13ms
13ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1736978782&t=pageview&_s=1&dl=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&ul=en-us&de=UTF-8&dt=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAUABC~&jid=1743566738&gjid=1073219199&cid=260783375.1589559319&tid=UA-100437516-1&_gid=1199548304.1589559319&_r=1&z=15967313

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:15:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/ 218 KB
82 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84031
x-xss-protection: 0
server: cafe
etag: 11558267481566639666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:15:18 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/ Frame F139 0
0 8ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 12 May 2020 03:57:00 GMT
expires: Tue, 26 May 2020 03:57:00 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 303498
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 134215180689421 Show response
connect.facebook.net/signals/config/ 516 KB
129 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/134215180689421?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee855adef8d74ff58e90a1c1c1efcf2550e3ba6d0db5a80a417b0dc22a3efb94

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131653
x-xss-protection: 0
pragma: public
x-fb-debug: 2MbA23EwaH8Jaz54q3/kb6JPyE6zBIRuYkzC8xK2FfXifZMsa6mRkvw4yc5JBEfPwBMgYia4Wc9DKszHxwvYog==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 15 May 2020 16:15:18 GMT, Fri, 15 May 2020 16:15:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D5CA 0
0 241ms
240ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=580740002&adf=2311144427&w=740&fwrn=4&lmt=1589559319&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&flash=0&wgl=1&adsid=NT&dt=1589559318844&bpp=31&bdt=827&fdt=277&idt=278&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7791676138794&frm=20&pv=2&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=550024249256&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rku0jYLgL7&p=https%3A//seguranca-informatica.pt&dtd=444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=580740002&adf=2311144427&w=740&fwrn=4&lmt=1589559319&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&flash=0&wgl=1&adsid=NT&dt=1589559318844&bpp=31&bdt=827&fdt=277&idt=278&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7791676138794&frm=20&pv=2&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=550024249256&dssz=30&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1142&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Rku0jYLgL7&p=https%3A//seguranca-informatica.pt&dtd=444
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:20 GMT
server: cafe
content-length: 15358
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 15-May-2020 16:30:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 15 May 2020 16:15:20 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589369616634380"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 15 May 2020 16:15:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134215180689421&ev=PageView&dl=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&rl=&if=false&ts=1589559319372&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589559319372.413375886&it=1589559318886&coo=false&rqm=GET

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT, Fri, 15 May 2020 16:15:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 May 2020 16:15:19 GMT

GET
H2 200 eqyuAj9hvy4
www.youtube.com/embed/ Frame B192 0
0 174ms
173ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/eqyuAj9hvy4

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/eqyuAj9hvy4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Fri, 15 May 2020 16:15:20 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=W0wTE9R-Nyg; path=/; domain=.youtube.com; secure; expires=Wed, 11-Nov-2020 16:15:20 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=W0wTE9R-Nyg; path=/; domain=.youtube.com; secure; expires=Wed, 11-Nov-2020 16:15:20 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 15-May-2020 16:45:20 GMT YSC=lT3dhRsJ7B0; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 E-mail-Icon-co%CC%81pia-e1515360297525.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 1009 B
1 KB 20ms
19ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/E-mail-Icon-co%CC%81pia-e1515360297525.png

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
status: 200
vary: Accept-Encoding
content-length: 1009
cf-request-id: 02bab77366000005c4d00af200000001
referrer-policy
last-modified: Wed, 24 Jan 2018 22:17:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e28323d1705c4-FRA

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 78ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29223
x-served-by: cache-bwi5121-BWI, cache-fra19151-FRA
last-modified: Tue, 12 May 2020 17:25:55 GMT
etag: "580310dcde7e145486d79be6e5257680+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK count.js Show response
seguranca-informatica.disqus.com/ 1 KB
1 KB 84ms
39ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:15:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2486188
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 16 Apr 2020 19:48:14 GMT
Server: nginx
ETag: "5e98b67e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
seguranca-informatica.disqus.com/ 66 KB
22 KB 383ms
339ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/embed.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

1b1837263ad163b61aec8ebfa551ea7eaa6f1cae2aa2181773fbaab694329b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:15:19 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22116

GET
H2 200 fontawesome-webfont.woff2
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/ 70 KB
70 KB 257ms
256ms Font
font/woff2 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 15 May 2020 16:15:19 GMT
referrer-policy
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 593e2832ef9205c4-FRA
content-length: 71896
cf-request-id: 02bab773cf000005c4d0102200000001

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 91ms
27ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: CD83941857724976
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=8270
accept-ranges: bytes
content-length: 948
x-amz-id-2: 0ZTpgIpnUMxQCBXeH9ew/82I9oq7GJ2Gfze78bXzMcqS1BRoWTIwh8fvZ+vN96IwbFGZ6f5C0Hk=

GET
H2 200 2764.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 368 B
567 B 71ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/2764.svg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Fri, 15 May 2020 16:15:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4AB3 0
0 44ms
44ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559319&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559319703&bpp=6&bdt=1686&fdt=7&idt=7&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=62

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559319&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559319703&bpp=6&bdt=1686&fdt=7&idt=7&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=62
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:20 GMT
server: cafe
content-length: 1052
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 15-May-2020 16:30:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 15 May 2020 16:15:20 GMT
cache-control: private

GET
H2 200 page.php
www.facebook.com/v2.12/plugins/ Frame 4D91 0
0 60ms
60ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df145d9a0c6784b8%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3409dce2e461e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=edf0f15c033aa2529b37e0789fcc1c9b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df145d9a0c6784b8%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3409dce2e461e%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0rJlPBHGxNY7lcews..BevsAX...1.0.BevsAX.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: En1Drdjl93bxzfD4C/dLje6DO5oMQK2WLheGDKzuxx6oRkZi0FLxngk5fmRdhT5n/JxzpPVEWKHF59foMi0MlQ==
date: Fri, 15 May 2020 16:15:20 GMT Fri, 15 May 2020 16:15:20 GMT
alt-svc: h3-27=":443"; ma=3600

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DC68 0
0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/ 7 KB
1 KB 210ms
208ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:20 GMT
content-encoding: gzip
etag: -713750497--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1214

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 197ms
196ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ebec01799f868a3&bkl=0&bl=5&pdt=1185&sid=5ebec01799f868a3&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=seguranca-informatica.pt&fp=brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&fr=&fcu=Xr7AF9OxX0M&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1589559319820&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-1c09be8100890cf963a4479ddde30a88%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=129&uvs=5ebec017feff3f21000&skipb=1&callback=addthis.cbs.jsonp__088026202462530680
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e8d36a0ecc1a7f35886c6a829a5a98ea86cce4fd532f634aedf0e44d95564a9

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 15 May 2020 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A81F 0
0 24ms
24ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Fri, 15 May 2020 16:15:20 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 95ms
53ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Fri, 15 May 2020 16:15:19 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134215180689421&ev=PageView&dl=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&rl=&if=false&ts=1589559319812&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589559319372.413375886&it=1589559318886&coo=false&rqm=GET

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:19 GMT, Fri, 15 May 2020 16:15:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 May 2020 16:15:19 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
89 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaWvpoKPWLjZwBLon

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 15 May 2020 16:15:19 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://seguranca-informatica.pt
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK count-data.js Show response
seguranca-informatica.disqus.com/ 281 B
820 B 72ms
72ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count-data.js?1=7502%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7502

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6087407f28cbfab23e3c6e98e180dec583e1725fb522f414946e08e3c2a6d93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:15:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 143
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 281
X-XSS-Protection: 1; mode=block

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 32ms
29ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 15 May 2020 16:15:20 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/ 142 KB
52 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c6c8175c556f53109ae8579fcd763478eb74c8b756e98f1f651ccf58732aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52596
x-xss-protection: 0
server: cafe
etag: 4912600474625003837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:15:20 GMT

GET
H2 200 lounge.db072b7d11b56c5c060394cab39e75c5.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 107ms
14ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.db072b7d11b56c5c060394cab39e75c5.css

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167115
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 21979
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 13 May 2020 17:13:15 GMT
server: cloudflare
etag: "5ebc2aab-55db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02bab778ca000005f97eb78200000001
accept-ranges: bytes
cf-ray: 593e283adfc505f9-FRA
expires: Thu, 13 May 2021 17:50:03 GMT

GET
H2 200 common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js
c.disquscdn.com/next/embed/ 0
89 KB 181ms
88ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2482507
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 90432
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 16 Apr 2020 22:27:00 GMT
server: cloudflare
etag: "5e98dbb4-16140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02bab778cb000005f97eb79200000001
accept-ranges: bytes
cf-ray: 593e283adfc905f9-FRA
expires: Fri, 16 Apr 2021 22:40:09 GMT

GET
H2 200 lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js
c.disquscdn.com/next/embed/ 0
109 KB 176ms
83ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84211
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 111169
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 14 May 2020 16:45:12 GMT
server: cloudflare
etag: "5ebd7598-1b241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02bab778cb000005f97eb7a200000001
accept-ranges: bytes
cf-ray: 593e283adfcc05f9-FRA
expires: Fri, 14 May 2021 16:51:48 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
7 KB 190ms
15ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:15:20 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 6232
X-XSS-Protection: 1; mode=block

GET
H2 200 widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame ADB9 0
0 43ms
40ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fseguranca-informatica.pt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
last-modified: Tue, 12 May 2020 17:24:25 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 15 May 2020 16:15:20 GMT
x-served-by: cache-bwi5136-BWI, cache-fra19151-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame D7EB 0
0 198ms
145ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=7502%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7502&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&t_e=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&t_d=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&t_t=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay&s_o=default

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

Connection: keep-alive
Content-Length: 2646
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 06 May 2020 22:29:24 GMT
ETag: W/"lounge:view:8011033060.e872d7a7e2c13f8bb3d669b80af3f2af.2"
Content-Encoding: gzip
Date: Fri, 15 May 2020 16:15:21 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js Show response
platform.twitter.com/js/ 24 KB
8 KB 27ms
26ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c677df6c0eccea7dfe6231398ee68e1e1fcd0061912fb23275f631d8c1c8bae

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7868
x-served-by: cache-bwi5135-BWI, cache-fra19151-FRA
last-modified: Tue, 12 May 2020 17:24:16 GMT
etag: "8d1aa2559c6c7464859f2e6be8063257+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.dcd659352714d721a9f3457b8601524a.js Show response
platform.twitter.com/js/ 21 KB
7 KB 25ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.dcd659352714d721a9f3457b8601524a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 6659
x-served-by: cache-bwi5145-BWI, cache-fra19151-FRA
last-modified: Tue, 12 May 2020 17:24:16 GMT
etag: "035c82c5b07090eda0eec374cd2886c7+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 / Show response
graph.facebook.com/ 150 B
334 B 61ms
47ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_jdnp0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

244c8f68febdc9cf838e0936ba3150a663e1c3abf1b12c0c2d6c9612a1bea90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "08c198c51772a04a4d17367d182ec7d9c53d5d21"
status: 200
x-fb-rev: 1002132105
alt-svc: h3-27=":443"; ma=3600
content-length: 150
pragma: no-cache
x-fb-debug: KbsOc8OuAK2BH53uPt5Etc3D7Y2QAquY0HYqFl5ChsfRTCV0L/A9nBFFdbYzPBsAD65TSBUOFEour5RX8shnSg==
x-fb-trace-id: EkIUQwebwEl
date: Fri, 15 May 2020 16:15:21 GMT, Fri, 15 May 2020 16:15:21 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AT6hRx2pHpOXCIts8unJUMP
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
342 B 249ms
247ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&callback=_ate.cbs.rcb_6p2i0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

84cf009b95c7cae6ce77a5356cf93b6d78b8481c1d6ce979eb1bd56b37e68383

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
last-modified: Fri, 15 May 2020 16:15:21 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:15:21 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
H2 200 / Show response
graph.facebook.com/ 149 B
554 B 52ms
39ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_a8ny0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54828de87bc016777dbbc92272b2e98548a8696df494cff0f095caa4bc201d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "2041a89c64db5b8cd449b55199506cadecad1459"
status: 200
x-fb-rev: 1002132105
alt-svc: h3-27=":443"; ma=3600
content-length: 149
pragma: no-cache
x-fb-debug: +ivYzZB0/00w7exZpZ1A73NUrk5TJdHjTVqWQqTH8d+8u4oY197dyXThujcsw3qIyKgOEvKtKLgojq31eELdFg==
x-fb-trace-id: ES6wv907961
date: Fri, 15 May 2020 16:15:21 GMT, Fri, 15 May 2020 16:15:21 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A3tRVOxKBk1aw8L45_U0Ybk
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
342 B 215ms
214ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&callback=_ate.cbs.rcb_1ylb0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

db7402409462dbca9ed9eb79e1bf8e575d915e9803386dda45ce71f9c54fbfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
last-modified: Fri, 15 May 2020 16:15:21 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:15:21 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 info.json Show response
www.reddit.com/api/ 3 KB
1 KB 445ms
388ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&jsonp=_ate.cbs.rcb_d5ft0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

57bde77df45e0fa386276a8e90d21845ea5abf1e5a2669ae902ccede4babcc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 1173
x-xss-protection: 1; mode=block
x-served-by: cache-man4139-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1589559321.097938,VS0,VE362
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 155 B
188 B 52ms
16ms Script
application/javascript 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&callback=window._ate.cbs.rcb_s1x0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

10d14fabfa351d23e8216909d20aed80913c1b1396d7975ec648d7d2dd923100

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 4441440637966509
expires: Fri, 15 May 2020 16:28:11 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
669 B 230ms
174ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&jsonp=_ate.cbs.rcb_9vpm0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

c9eb00995d41835de50d5f645da835d3837205846c23779e88ad888b1cc55796

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-man4139-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1589559321.097915,VS0,VE140
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 155 B
369 B 51ms
15ms Script
application/javascript 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F&callback=window._ate.cbs.rcb_h1620

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f515acecc2fb5ce917f776ca75148d77b34501a2c2c3c810f25c8ba548a25a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 0
accept-ranges: none
x-pinterest-rid: 8246257342473027
expires: Fri, 15 May 2020 16:28:11 GMT

GET
H2 200 views2.json Show response
q.addthis.com/feeds/1.0/ 34 KB
5 KB 27ms
26ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://q.addthis.com/feeds/1.0/views2.json?pubid=ra-5a74cca42a90a07e&domain=seguranca-informatica.pt&limit=50&callback=_ate.cbs.fds_ra5a74cca42a90a07eviews2json0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

629df1def5e236ed0725d530df2de471a917221677057d58baa8686f4456308c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ra-5a74cca42a90a07e
last-modified: Fri, 15 May 2020 16:13:11 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:15:21 GMT
vary: Accept-Encoding
cache-tag: ra-5a74cca42a90a07e
status: 200
cache-control: max-age=0, s-maxage=3600
content-type: application/javascript;charset=UTF-8
content-length: 4803

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C7D1 0
0 461ms
461ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=2818823524&w=740&fwrn=4&fwrnh=100&lmt=1589559320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320295&bpp=8&bdt=2278&fdt=8&idt=8&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2983&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=55vHJFGn9e&p=https%3A//seguranca-informatica.pt&dtd=368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=2818823524&w=740&fwrn=4&fwrnh=100&lmt=1589559320&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320295&bpp=8&bdt=2278&fdt=8&idt=8&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2983&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=55vHJFGn9e&p=https%3A//seguranca-informatica.pt&dtd=368
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkTbXfuyw1if8Q7WGxK8jeiRgscqZajwnf5dPQs_zayknJ0sh2GkLSWZaPK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:21 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame C607 0
0 447ms
447ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=4183343689&w=740&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320310&bpp=55&bdt=2292&fdt=761&idt=761&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=92&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4715&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=HNckWev3K9&p=https%3A//seguranca-informatica.pt&dtd=766

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1863295039&adf=4183343689&w=740&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320310&bpp=55&bdt=2292&fdt=761&idt=761&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=143675245936447&dssz=92&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4715&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=HNckWev3K9&p=https%3A//seguranca-informatica.pt&dtd=766
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkTbXfuyw1if8Q7WGxK8jeiRgscqZajwnf5dPQs_zayknJ0sh2GkLSWZaPK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:21 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 190 KB
16 KB 229ms
226ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_sirpedrotavares_old&dnt=false&domain=seguranca-informatica.pt&lang=pt&screen_name=sirpedrotavares&suppress_response_codes=true&t=1766177&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

478e89099e0fddf654e7590276191089e55570461d34a1b50a2abefd95019b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 15666
x-xss-protection: 0
x-response-time: 203
last-modified: Fri, 15 May 2020 16:15:21 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
expires: Fri, 15 May 2020 16:20:21 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: a273e980b6a91442ddc15b3256aa99a2
timing-allow-origin: *
x-transaction: 003cce15005ed659
access-contol-allow-origin: platform.twitter.com

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 126ms
125ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1589559321095%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Fri, 15 May 2020 16:15:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fa3149ba9292c16e8772029caa59a901
x-transaction: 0066243a002717c4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame ABEE 0
0 407ms
406ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3832473613&adf=1840210285&w=720&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=720x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320369&bpp=5&bdt=2352&fdt=744&idt=745&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=243&ady=6098&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=oNRXHBxEz9&p=https%3A//seguranca-informatica.pt&dtd=748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3832473613&adf=1840210285&w=720&fwrn=4&fwrnh=100&lmt=1589559321&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=720x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559320369&bpp=5&bdt=2352&fdt=744&idt=745&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=243&ady=6098&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=144&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=oNRXHBxEz9&p=https%3A//seguranca-informatica.pt&dtd=748
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkTbXfuyw1if8Q7WGxK8jeiRgscqZajwnf5dPQs_zayknJ0sh2GkLSWZaPK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:21 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3f36146f67554b989421cd2be6d58d97fc92f7c6e130d6152a0659a770f8fc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cover_lampion.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 333 KB
334 KB 15ms
14ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/cover_lampion.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7642ee69bfb367b8471fa2ce3c750c0e9a672acb55c268abd5e541ecfe16bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130
status: 200
vary: Accept-Encoding
content-length: 341315
cf-request-id: 02bab77a54000005c4d01c3200000001
referrer-policy
last-modified: Sat, 28 Dec 2019 02:40:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e283d5da405c4-FRA

GET
H2 200 edp_capa-720x417-1.jpg
seguranca-informatica.pt/wp-content/uploads/2020/04/ 89 KB
90 KB 13ms
13ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/edp_capa-720x417-1.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b61cfa99526a09cd475d413ab0e20615b78081883a4d64d19b3af025eacea54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 130
status: 200
vary: Accept-Encoding
content-length: 91561
cf-request-id: 02bab77a54000005c4d01c4200000001
referrer-policy
last-modified: Mon, 13 Apr 2020 21:31:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e283d5da805c4-FRA

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0ECD 0
0 755ms
755ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559321&rafmt=1&to=qs&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559320477&bpp=6&bdt=2460&fdt=715&idt=715&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C720x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XqvBZwQTCf&p=https%3A//seguranca-informatica.pt&dtd=723

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559321&rafmt=1&to=qs&pwprc=7674192041&psa=0&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559320477&bpp=6&bdt=2460&fdt=715&idt=715&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C720x280&nras=4&correlator=7791676138794&frm=20&pv=1&ga_vid=260783375.1589559319&ga_sid=1589559319&ga_hid=1736978782&ga_fc=0&iag=0&icsg=574700983745788&dssz=93&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532%2C21065926%2C21066085%2C21066124&oid=3&psts=AGkb-H9JWuTrSvfPOYF0wMCO-kuGai2y7Q8b33dUdGGOy1VeoBkPunuyefdk89L_dMEN&pvsid=1688279154569100&pem=345&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=XqvBZwQTCf&p=https%3A//seguranca-informatica.pt&dtd=723
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkTbXfuyw1if8Q7WGxK8jeiRgscqZajwnf5dPQs_zayknJ0sh2GkLSWZaPK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:15:21 GMT
server: cafe
content-length: 26518
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 1 KB
1 KB 12ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 26863842
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 715 B
856 B 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 21830287
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7f221139df6ccec7082a82d479eaf700
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 595 B
750 B 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 12199193
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:19 GMT

GET
H2 200 2622.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 755 B
883 B 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2622.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28572717
x-ton-expected-size: 755
x-cache: HIT
status: 200
content-length: 755
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/4190)
etag: "noPKYKGFNOZUq+jtdn1H7Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c8e143c7c44c839e0b908883c3b7c016
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 2B4D 4 KB
5 KB 13ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 98648
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 bOXSAGDp
pbs.twimg.com/card_img/1260880527042777090/ Frame 2B4D 2 KB
2 KB 14ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260880527042777090/bOXSAGDp?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 106977
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1260880527042777090
last-modified: Thu, 14 May 2020 10:29:58 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d467480b3cee22e40d7be671cd223fc
accept-ranges: bytes

GET
H2 200 iRaKib4f
pbs.twimg.com/card_img/1260727687439618048/ Frame 2B4D 55 KB
55 KB 14ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260727687439618048/iRaKib4f?format=jpg&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 124313
x-cache: HIT
status: 200
content-length: 56026
x-response-time: 149
surrogate-key: card_img card_img/bucket/5 card_img/1260727687439618048
last-modified: Thu, 14 May 2020 00:22:38 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c4647d244ff72f7fd01c22cfe1e1709
accept-ranges: bytes

GET
H2 200 2623.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 1 KB
1 KB 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2623.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

91d4207e7c66e4f58b75db09d4bf19e44186e48913d9f9fb8a15823019ea143b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 24898633
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/40D4)
etag: "RmsuVSL5GfkT0nAdRbywqg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 33e481a24c36c56d6e4675eb63f696be
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 27a1.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 363 B
507 B 12ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/27a1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 30876077
x-ton-expected-size: 363
x-cache: HIT
status: 200
content-length: 363
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40D1)
etag: "80IPnYtwZPbD8vd5/RBI8A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 4dbe75df63108177785b2cb63a49f9f6
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f4b3.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 439 B
582 B 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E9) /

Resource Hash

66a1646024f0fd58b7fbc8f674b9c097d9e9a96ab0dbb11b92bb377a2eccfa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28664705
x-ton-expected-size: 439
x-cache: HIT
status: 200
content-length: 439
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECS (fcn/40E9)
etag: "ZL78/npQ0q6CVv3uroQDcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 32d2858c50357697ee3892e072942f68
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 525 B
688 B 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 12053114
x-ton-expected-size: 525
x-cache: HIT
status: 200
content-length: 525
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E4)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b4a7deb331d83726a6482563cdaa204
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 Bj3eS0F8
pbs.twimg.com/card_img/1260313571361042433/ Frame 2B4D 6 KB
6 KB 10ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260313571361042433/Bj3eS0F8?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 240109
x-cache: HIT
status: 200
content-length: 6408
x-response-time: 152
surrogate-key: card_img card_img/bucket/9 card_img/1260313571361042433
last-modified: Tue, 12 May 2020 20:57:05 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 060b725ecae9640d7f5632c45fa259a3
accept-ranges: bytes

GET
H2 200 1f3ac.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 697 B
862 B 10ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3ac.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

0952427c6f4fa6f960b8954afbf10c45ab099876ec25e748b73ade0757e88207

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28668023
x-ton-expected-size: 697
x-cache: HIT
status: 200
content-length: 697
x-response-time: 19
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:31 GMT
server: ECS (fcn/40E5)
etag: "aXu0aU2odwMElU/npBtK3w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 251b256d854f56d742e225ad4f2bd243
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f41e.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 998 B
1 KB 10ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f41e.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

e69c8d33258983d26a64c123163df7cccdccffc8178e8c4365ae5c58e48040d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 30973792
x-ton-expected-size: 998
x-cache: HIT
status: 200
content-length: 998
x-response-time: 66
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:12:54 GMT
server: ECS (fcn/40DE)
etag: "wQtQ1Npn7ccQl1w0b/vQIA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2587fb3ccab86103942acaac20d85f01
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f3e6.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 526 B
669 B 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3e6.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

18f1e1f4fe5585108349cf029e48ad91a12dae4627be962667fb0b4933c69bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 20631127
x-ton-expected-size: 526
x-cache: HIT
status: 200
content-length: 526
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECS (fcn/40FA)
etag: "7oybjS8/zWyVdOorER5KGA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 31a9e160c2975bee464fb1c3db1dd792
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f1ef-1f1f5.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 335 B
531 B 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ef-1f1f5.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 21480864
x-ton-expected-size: 335
x-cache: HIT
status: 200
content-length: 335
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/40DE)
etag: "i1up/RvmEhvPjzMdgrv7nw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b79638f44ecd55bcf6b3e20f597fcde
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 7uHJC-KV
pbs.twimg.com/card_img/1259974755957997570/ Frame 2B4D 4 KB
4 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1259974755957997570/7uHJC-KV?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 322942
x-cache: HIT
status: 200
content-length: 4303
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1259974755957997570
last-modified: Mon, 11 May 2020 22:30:45 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09fefbe59989eaba26df6deb730afe00
accept-ranges: bytes

GET
H2 200 Ut37ZGRp
pbs.twimg.com/card_img/1257322194239025158/ Frame 2B4D 5 KB
5 KB 10ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1257322194239025158/Ut37ZGRp?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 226143
x-cache: HIT
status: 200
content-length: 4867
x-response-time: 143
surrogate-key: card_img card_img/bucket/5 card_img/1257322194239025158
last-modified: Mon, 04 May 2020 14:50:25 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 794e6d1d4d98dc958a6bd2265bf03a85
accept-ranges: bytes

GET
H2 200 timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ Frame 2B4D 52 KB
12 KB 26ms
25ms Stylesheet
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5146-BWI, cache-fra19151-FRA
last-modified: Tue, 12 May 2020 17:24:12 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 29ms
28ms Image
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5146-BWI, cache-fra19151-FRA
last-modified: Tue, 12 May 2020 17:24:12 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 1 KB
1 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 26863842
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 715 B
856 B 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 21830287
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7f221139df6ccec7082a82d479eaf700
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 595 B
750 B 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 12199193
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:19 GMT

GET
H2 200 2622.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 755 B
899 B 11ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2622.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28572717
x-ton-expected-size: 755
x-cache: HIT
status: 200
content-length: 755
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/4190)
etag: "noPKYKGFNOZUq+jtdn1H7Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c8e143c7c44c839e0b908883c3b7c016
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 2B4D 4 KB
4 KB 12ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 98648
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 bOXSAGDp
pbs.twimg.com/card_img/1260880527042777090/ Frame 2B4D 2 KB
2 KB 12ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260880527042777090/bOXSAGDp?format=png&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 106977
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1260880527042777090
last-modified: Thu, 14 May 2020 10:29:58 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d467480b3cee22e40d7be671cd223fc
accept-ranges: bytes

GET
H2 200 iRaKib4f
pbs.twimg.com/card_img/1260727687439618048/ Frame 2B4D 55 KB
55 KB 12ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260727687439618048/iRaKib4f?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 124313
x-cache: HIT
status: 200
content-length: 56026
x-response-time: 149
surrogate-key: card_img card_img/bucket/5 card_img/1260727687439618048
last-modified: Thu, 14 May 2020 00:22:38 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c4647d244ff72f7fd01c22cfe1e1709
accept-ranges: bytes

GET
H2 200 2623.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 1 KB
1 KB 15ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2623.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

91d4207e7c66e4f58b75db09d4bf19e44186e48913d9f9fb8a15823019ea143b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 24898633
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/40D4)
etag: "RmsuVSL5GfkT0nAdRbywqg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 33e481a24c36c56d6e4675eb63f696be
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 27a1.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 363 B
573 B 15ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/27a1.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 30876077
x-ton-expected-size: 363
x-cache: HIT
status: 200
content-length: 363
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40D1)
etag: "80IPnYtwZPbD8vd5/RBI8A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 4dbe75df63108177785b2cb63a49f9f6
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f4b3.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 439 B
582 B 13ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b3.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E9) /

Resource Hash

66a1646024f0fd58b7fbc8f674b9c097d9e9a96ab0dbb11b92bb377a2eccfa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28664705
x-ton-expected-size: 439
x-cache: HIT
status: 200
content-length: 439
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECS (fcn/40E9)
etag: "ZL78/npQ0q6CVv3uroQDcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 32d2858c50357697ee3892e072942f68
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 525 B
665 B 14ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 12053114
x-ton-expected-size: 525
x-cache: HIT
status: 200
content-length: 525
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E4)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b4a7deb331d83726a6482563cdaa204
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 Bj3eS0F8
pbs.twimg.com/card_img/1260313571361042433/ Frame 2B4D 6 KB
6 KB 14ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260313571361042433/Bj3eS0F8?format=png&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 240109
x-cache: HIT
status: 200
content-length: 6408
x-response-time: 152
surrogate-key: card_img card_img/bucket/9 card_img/1260313571361042433
last-modified: Tue, 12 May 2020 20:57:05 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 060b725ecae9640d7f5632c45fa259a3
accept-ranges: bytes

GET
H2 200 1f3ac.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 697 B
847 B 14ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3ac.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

0952427c6f4fa6f960b8954afbf10c45ab099876ec25e748b73ade0757e88207

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 28668023
x-ton-expected-size: 697
x-cache: HIT
status: 200
content-length: 697
x-response-time: 19
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:31 GMT
server: ECS (fcn/40E5)
etag: "aXu0aU2odwMElU/npBtK3w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 251b256d854f56d742e225ad4f2bd243
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f41e.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 998 B
1 KB 14ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f41e.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

e69c8d33258983d26a64c123163df7cccdccffc8178e8c4365ae5c58e48040d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 30973792
x-ton-expected-size: 998
x-cache: HIT
status: 200
content-length: 998
x-response-time: 66
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:12:54 GMT
server: ECS (fcn/40DE)
etag: "wQtQ1Npn7ccQl1w0b/vQIA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2587fb3ccab86103942acaac20d85f01
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f3e6.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 526 B
669 B 13ms
11ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3e6.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

18f1e1f4fe5585108349cf029e48ad91a12dae4627be962667fb0b4933c69bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 20631127
x-ton-expected-size: 526
x-cache: HIT
status: 200
content-length: 526
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECS (fcn/40FA)
etag: "7oybjS8/zWyVdOorER5KGA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 31a9e160c2975bee464fb1c3db1dd792
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 1f1ef-1f1f5.png
abs.twimg.com/emoji/v2/72x72/ Frame 2B4D 335 B
465 B 13ms
11ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ef-1f1f5.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 21480864
x-ton-expected-size: 335
x-cache: HIT
status: 200
content-length: 335
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/40DE)
etag: "i1up/RvmEhvPjzMdgrv7nw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b79638f44ecd55bcf6b3e20f597fcde
accept-ranges: bytes
expires: Sat, 15 May 2021 16:15:21 GMT

GET
H2 200 7uHJC-KV
pbs.twimg.com/card_img/1259974755957997570/ Frame 2B4D 4 KB
4 KB 14ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1259974755957997570/7uHJC-KV?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 322942
x-cache: HIT
status: 200
content-length: 4303
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1259974755957997570
last-modified: Mon, 11 May 2020 22:30:45 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09fefbe59989eaba26df6deb730afe00
accept-ranges: bytes

GET
H2 200 Ut37ZGRp
pbs.twimg.com/card_img/1257322194239025158/ Frame 2B4D 5 KB
5 KB 12ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1257322194239025158/Ut37ZGRp?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 226143
x-cache: HIT
status: 200
content-length: 4867
x-response-time: 143
surrogate-key: card_img card_img/bucket/5 card_img/1257322194239025158
last-modified: Mon, 04 May 2020 14:50:25 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 794e6d1d4d98dc958a6bd2265bf03a85
accept-ranges: bytes

GET
H2 200 TB7O3TW0_normal.jpg
pbs.twimg.com/profile_images/1058367083518529536/ Frame 2B4D 2 KB
2 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1058367083518529536/TB7O3TW0_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 5099
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 128
surrogate-key: profile_images profile_images/bucket/1 profile_images/1058367083518529536
last-modified: Fri, 02 Nov 2018 14:33:50 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a20ebe630e0c8de244ed1ce3e4ae49c9
accept-ranges: bytes

GET
H2 200 rAT-5Sgb_normal.jpg
pbs.twimg.com/profile_images/1250537180499509250/ Frame 2B4D 2 KB
2 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1250537180499509250/rAT-5Sgb_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f403b8185a2a6777d3ca85a914289b03522d148b1f12d4087b564a35417a1f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 152554
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/3 profile_images/1250537180499509250
last-modified: Wed, 15 Apr 2020 21:29:12 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 81d219c5e3dc28c96b5202b0b1cf750e
accept-ranges: bytes

GET
H2 200 ETgkedSV_normal.jpg
pbs.twimg.com/profile_images/838808063163396096/ Frame 2B4D 2 KB
2 KB 11ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/838808063163396096/ETgkedSV_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

7c4d72e2d472e7e06026bb5d0015364bf5592cce84d6e747af34f90227b15821

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 238013
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/5 profile_images/838808063163396096
last-modified: Mon, 06 Mar 2017 17:44:41 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a363f0f181614d5ccff05ee7a5b58d3c
accept-ranges: bytes

GET
H2 200 hIimMJ6R_normal.jpg
pbs.twimg.com/profile_images/1216860398118371329/ Frame 2B4D 2 KB
2 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1216860398118371329/hIimMJ6R_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

78f1e4753f574162c7ab58a2ab05779e44cb50b8c53ef59852e4d801597abfaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 296459
x-cache: HIT
status: 200
content-length: 2339
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/3 profile_images/1216860398118371329
last-modified: Mon, 13 Jan 2020 23:09:41 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3af2a2587c4691a4556f23c969fd2f09
accept-ranges: bytes

GET
H2 200 1cjg0aMs_normal.png
pbs.twimg.com/profile_images/594161373703188480/ Frame 2B4D 2 KB
2 KB 11ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/594161373703188480/1cjg0aMs_normal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

2cf6e3735711cb747ba8bdf53c78cf954bf3579d10d691dfefefd243f1a5dd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 131462
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/6 profile_images/594161373703188480
last-modified: Fri, 01 May 2015 15:26:05 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 03c68d6bc089fcc504ed639b2f3aea18
accept-ranges: bytes

GET
H2 200 4ae724ea6ed248d871bc9d523ae1c24e_normal.png
pbs.twimg.com/profile_images/3703513695/ Frame 2B4D 7 KB
7 KB 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 197379
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/2 profile_images/3703513695
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0ef0ec2689378102f0278e97c3c402e
accept-ranges: bytes

GET
H2 200 EYAlJ8fWAAElsTX
pbs.twimg.com/media/ Frame 2B4D 49 KB
50 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYAlJ8fWAAElsTX?format=jpg&name=small

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

174d3edd8918d63b407da0dd216c05ed0f8c7a1844b835825b96d8501c9744b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 20521
x-cache: HIT
status: 200
content-length: 50645
x-response-time: 121
surrogate-key: media media/bucket/1 media/1261048748450381825
last-modified: Thu, 14 May 2020 21:38:25 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 47b1e588ff566dc68d7aee5493f1055d
accept-ranges: bytes

GET
H2 200 EX7m9-PXsAMDE_k
pbs.twimg.com/media/ Frame 2B4D 19 KB
20 KB 9ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7m9-PXsAMDE_k?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

7a5de508f163596415bb264f8f130f70d18ca0deddfcbc0fd7312de00214f9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 149994
x-cache: HIT
status: 200
content-length: 19852
x-response-time: 172
surrogate-key: media media/bucket/8 media/1260698898064191491
last-modified: Wed, 13 May 2020 22:28:14 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ce895ded0dbb6a630227bc97a33dac8e
accept-ranges: bytes

GET
H2 200 EXxYHQHXQAAL52C
pbs.twimg.com/media/ Frame 2B4D 37 KB
37 KB 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXxYHQHXQAAL52C?format=png&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

7c7399d32456ccf860fbaee43cbfb0b746f6efcffc5537851eab271e73b5b7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 321548
x-cache: HIT
status: 200
content-length: 37452
x-response-time: 154
surrogate-key: media media/bucket/0 media/1259978877365075968
last-modified: Mon, 11 May 2020 22:47:08 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 540e1cb874ecb45a422bf931ee942c57
accept-ranges: bytes

GET
H2 200 EYDWXn7XQAAsqXC
pbs.twimg.com/media/ Frame 2B4D 14 KB
14 KB 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYDWXn7XQAAsqXC?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

53056a4566d25ac95d51f9927a5e328358a9726a7800a2c36f05910f710cce85

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 20121
x-cache: HIT
status: 200
content-length: 14542
x-response-time: 142
surrogate-key: media media/bucket/5 media/1261243597007044608
last-modified: Fri, 15 May 2020 10:32:40 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 709494882b5cd07e5c1989344c48501a
accept-ranges: bytes

GET
H2 200 EYDWahLWsAIiXnw
pbs.twimg.com/media/ Frame 2B4D 48 KB
48 KB 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYDWahLWsAIiXnw?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

4135944d69b30495fe01a8d8474077055a055c913489125cb52a675841ab2e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 20121
x-cache: HIT
status: 200
content-length: 48719
x-response-time: 144
surrogate-key: media media/bucket/3 media/1261243646734675970
last-modified: Fri, 15 May 2020 10:32:52 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2d9e46d3d95902287b0101f0846e40c
accept-ranges: bytes

GET
H2 200 EX_gzcRWAAM-nmk
pbs.twimg.com/media/ Frame 2B4D 4 KB
4 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_gzcRWAAM-nmk?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

ba0250e71d8796cbd2f3310cdac52c8c1723c611df9a0f5b747934945d49140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 76518
x-cache: HIT
status: 200
content-length: 4304
x-response-time: 138
surrogate-key: media media/bucket/9 media/1260973595053916163
last-modified: Thu, 14 May 2020 16:39:47 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7159b3118a8027ec427ae709105bf841
accept-ranges: bytes

GET
H2 200 EX_gzmaXsAA1sAc
pbs.twimg.com/media/ Frame 2B4D 9 KB
9 KB 23ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_gzmaXsAA1sAc?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

adef2af3bc521b5d2171f199574fdfc7421d81323511fb82c60d89ae0ae6fcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 84626
x-cache: HIT
status: 200
content-length: 9261
x-response-time: 172
surrogate-key: media media/bucket/5 media/1260973597776130048
last-modified: Thu, 14 May 2020 16:39:48 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fb8431f0a24f18017a7b7a869ac983ae
accept-ranges: bytes

GET
H2 200 EX_g0DsXgAIfGOI
pbs.twimg.com/media/ Frame 2B4D 10 KB
10 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_g0DsXgAIfGOI?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

5d5bf22bef8cf97bbeba3a744967690de92394ed356ba77b908f854fd4671422

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 84625
x-cache: HIT
status: 200
content-length: 9932
x-response-time: 152
surrogate-key: media media/bucket/0 media/1260973605636243458
last-modified: Thu, 14 May 2020 16:39:49 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c9bb48473bb00c3378e427217b8450a
accept-ranges: bytes

GET
H2 200 EX_Gi6xXYAAKpSA
pbs.twimg.com/media/ Frame 2B4D 10 KB
11 KB 28ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_Gi6xXYAAKpSA?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

2a8cadd71f7dc844a929c41d81858be70df79038a44bd25e7e6a3956c7fdf85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 89264
x-cache: HIT
status: 200
content-length: 10631
x-response-time: 192
surrogate-key: media media/bucket/7 media/1260944723881189376
last-modified: Thu, 14 May 2020 14:45:04 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 79461f57eb42577f5b47507bbdf7cc02
accept-ranges: bytes

GET
H2 200 EX_GjZdWkAAJ7vZ
pbs.twimg.com/media/ Frame 2B4D 4 KB
4 KB 26ms
24ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GjZdWkAAJ7vZ?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

3dfc92728cb060fb00769ef2d288e623c76b9ee1e7b6d9540b2e37c6aeac5889

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 89264
x-cache: HIT
status: 200
content-length: 4455
x-response-time: 128
surrogate-key: media media/bucket/7 media/1260944732118749184
last-modified: Thu, 14 May 2020 14:45:06 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9cd0dc89573ffffcc019cbcc804bf93b
accept-ranges: bytes

GET
H2 200 EX_GjjuXYAAL7mP
pbs.twimg.com/media/ Frame 2B4D 14 KB
14 KB 25ms
24ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GjjuXYAAL7mP?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

eb2717f24569d4ff3b4ab9000a0e36ef758c2764baac864e6bb4167eeae08728

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 89264
x-cache: HIT
status: 200
content-length: 14559
x-response-time: 162
surrogate-key: media media/bucket/4 media/1260944734874460160
last-modified: Thu, 14 May 2020 14:45:06 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 281b44ad2172c66aabaf10e78bb59ec1
accept-ranges: bytes

GET
H2 200 EX_GkGnXgAAhmyd
pbs.twimg.com/media/ Frame 2B4D 13 KB
13 KB 26ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GkGnXgAAhmyd?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

30f3b038c341bc4064e2a6591307c99fc2b60105a4c6a45ec511f54137c34d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 89250
x-cache: HIT
status: 200
content-length: 13498
x-response-time: 165
surrogate-key: media media/bucket/6 media/1260944744240349184
last-modified: Thu, 14 May 2020 14:45:08 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6b218949971d47afd554dc8f480f2c94
accept-ranges: bytes

GET
H2 200 EX-Tqe6XQAEZ1F9
pbs.twimg.com/media/ Frame 2B4D 8 KB
8 KB 10ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-Tqe6XQAEZ1F9?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418B) /

Resource Hash

4e838cf2ce665e2208aa8515065b3c524003a16034b5b759f36a4b982e4c2501

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 104666
x-cache: HIT
status: 200
content-length: 8166
x-response-time: 133
surrogate-key: media media/bucket/4 media/1260888778748674049
last-modified: Thu, 14 May 2020 11:02:45 GMT
server: ECS (fcn/418B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7fc958c2f887b667f1bc9063a3fc94d4
accept-ranges: bytes

GET
H2 200 EX-TsFOXsAIvhsh
pbs.twimg.com/media/ Frame 2B4D 49 KB
49 KB 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-TsFOXsAIvhsh?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

39c4be699458b5a63bec979d0bc7fe44c0b152a4c57dac6631b07ee6d4dfdb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 104666
x-cache: HIT
status: 200
content-length: 50480
x-response-time: 170
surrogate-key: media media/bucket/6 media/1260888806213005314
last-modified: Thu, 14 May 2020 11:02:52 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 268da6735b15a111851588b99608654d
accept-ranges: bytes

GET
H2 200 EX-Tsy7WoAMMdan
pbs.twimg.com/media/ Frame 2B4D 27 KB
27 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-Tsy7WoAMMdan?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

7c372b7c48b31724a9536ee4ba3fda2ba092916acb6c6be3c6b445d91597bd87

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 104666
x-cache: HIT
status: 200
content-length: 27826
x-response-time: 144
surrogate-key: media media/bucket/7 media/1260888818481274883
last-modified: Thu, 14 May 2020 11:02:55 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0eb7a83d9724ab3e5bf956fe4b940c85
accept-ranges: bytes

GET
H2 200 EX-TtjeXsAAHRPJ
pbs.twimg.com/media/ Frame 2B4D 3 KB
3 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-TtjeXsAAHRPJ?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

978bbde57b292c60c62b0d2c26d51be6460dd1b1cc7afbeab4b8810cc9fb8f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 104505
x-cache: HIT
status: 200
content-length: 2603
x-response-time: 137
surrogate-key: media media/bucket/1 media/1260888831513047040
last-modified: Thu, 14 May 2020 11:02:58 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e975b797a6b10b554cc2631f6117754
accept-ranges: bytes

GET
H2 200 EX7gR7yWAAM0eCj
pbs.twimg.com/media/ Frame 2B4D 10 KB
11 KB 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gR7yWAAM0eCj?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

0a3fb128fef97ba127eda81efa18c16dca145031f3729cb2e58557faf08bc05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 151127
x-cache: HIT
status: 200
content-length: 10643
x-response-time: 157
surrogate-key: media media/bucket/0 media/1260691544421564419
last-modified: Wed, 13 May 2020 21:59:01 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2aaf621457e88463ff4be012c957194d
accept-ranges: bytes

GET
H2 200 EX7gdecXYAE7biR
pbs.twimg.com/media/ Frame 2B4D 4 KB
4 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gdecXYAE7biR?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

393be40f33765f8293a512c338e92e31d467d6ce2e5d5a64fa1cfae498e72cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 151127
x-cache: HIT
status: 200
content-length: 4088
x-response-time: 144
surrogate-key: media media/bucket/7 media/1260691742703181825
last-modified: Wed, 13 May 2020 21:59:48 GMT
server: ECS (fcn/4190)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0fe3924b3e8881aa76a10e8c0711e257
accept-ranges: bytes

GET
H2 200 EX7gjifXYAkKkg7
pbs.twimg.com/media/ Frame 2B4D 5 KB
5 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gjifXYAkKkg7?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

c6a75664bb6f5dad258104bb7c11dba4eeebad12aa673fe9f93c199a7e04133c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 151127
x-cache: HIT
status: 200
content-length: 4974
x-response-time: 144
surrogate-key: media media/bucket/3 media/1260691846868721673
last-modified: Wed, 13 May 2020 22:00:13 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9a08a0a7224ac1a6019e696eaf4e3e33
accept-ranges: bytes

GET
H2 200 EX7g5XNWkAEyp6s
pbs.twimg.com/media/ Frame 2B4D 19 KB
19 KB 9ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7g5XNWkAEyp6s?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

5c31698e0cf01f68fe45381e6359de5c5beff2371359e413267729a88b1cca01

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 151127
x-cache: HIT
status: 200
content-length: 19119
x-response-time: 147
surrogate-key: media media/bucket/2 media/1260692221797502977
last-modified: Wed, 13 May 2020 22:01:42 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89260f49c0d45110a129e9494faaa0ae
accept-ranges: bytes

GET
H2 200 EX7blEuXsAAzONE
pbs.twimg.com/media/ Frame 2B4D 4 KB
4 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7blEuXsAAzONE?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

2dc6b608f38ecbf65f6942da886e4a746f003ea35da562ef85fcbcd4369dc62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 152461
x-cache: HIT
status: 200
content-length: 4450
x-response-time: 131
surrogate-key: media media/bucket/4 media/1260686375680192512
last-modified: Wed, 13 May 2020 21:38:29 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5dbfd8602afd2821e6299d6c7f51b0fa
accept-ranges: bytes

GET
H2 200 EX7cfvHWoAAY4e_
pbs.twimg.com/media/ Frame 2B4D 3 KB
4 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7cfvHWoAAY4e_?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

4124e9739c0a68290bb7c4437b303b57eed7b32ea383ba28936dbb3d98aea1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 152461
x-cache: HIT
status: 200
content-length: 3511
x-response-time: 135
surrogate-key: media media/bucket/7 media/1260687383491682304
last-modified: Wed, 13 May 2020 21:42:29 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1a27c6604afdb65e4001d6cbf686311f
accept-ranges: bytes

GET
H2 200 EX7dyWhWkAcPLir
pbs.twimg.com/media/ Frame 2B4D 3 KB
3 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7dyWhWkAcPLir?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

64b0515dac3562cf5137c0775b2a3631cc10ef36a62f96b8590c800f794ce4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 152460
x-cache: HIT
status: 200
content-length: 3121
x-response-time: 145
surrogate-key: media media/bucket/5 media/1260688802818985991
last-modified: Wed, 13 May 2020 21:48:07 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d34b853d3a320cf37cc48dc4c5f7f675
accept-ranges: bytes

GET
H2 200 EX5jGvBXsAAozzx
pbs.twimg.com/media/ Frame 2B4D 14 KB
14 KB 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5jGvBXsAAozzx?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

31e50406a9f34d791065021db1990af9fc39ad5f4654e28a2b388cfcb17fee05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 182692
x-cache: HIT
status: 200
content-length: 14452
x-response-time: 147
surrogate-key: media media/bucket/4 media/1260553913062895616
last-modified: Wed, 13 May 2020 12:52:07 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5207cb47a3e8c7b635f598d24f3b76fb
accept-ranges: bytes

GET
H2 200 EX5lrFLXsAEvv1-
pbs.twimg.com/media/ Frame 2B4D 8 KB
9 KB 10ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5lrFLXsAEvv1-?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

080d2c31f5785db73fbb77cd8b33a3e0be5a9534588eb202b5998587a61a5a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 183894
x-cache: HIT
status: 200
content-length: 8693
x-response-time: 130
surrogate-key: media media/bucket/0 media/1260556736508964865
last-modified: Wed, 13 May 2020 13:03:20 GMT
server: ECS (fcn/4199)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c4e3063e7f7e0d5b9670d1881bd1d46
accept-ranges: bytes

GET
H2 200 EX5mIVuXQAAJ5JK
pbs.twimg.com/media/ Frame 2B4D 16 KB
16 KB 10ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5mIVuXQAAJ5JK?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

15718a43bc0e65eb765d930a5adb586af8cbf57f26f29f79ce85fd90a31ead3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 183894
x-cache: HIT
status: 200
content-length: 16305
x-response-time: 143
surrogate-key: media media/bucket/1 media/1260557239166910464
last-modified: Wed, 13 May 2020 13:05:20 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f6a529887ecc659e634d235e0de4c91d
accept-ranges: bytes

GET
H2 200 EX1tiDdX0AIbpVK
pbs.twimg.com/media/ Frame 2B4D 7 KB
8 KB 11ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1tiDdX0AIbpVK?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

5111a42826ba8b50d8f02fb189cf6c24b1a91710eb639d695437498997a30f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 243003
x-cache: HIT
status: 200
content-length: 7621
x-response-time: 136
surrogate-key: media media/bucket/7 media/1260283902545088514
last-modified: Tue, 12 May 2020 18:59:11 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d32a4e140d24570b3fb63bcfd67d2f65
accept-ranges: bytes

GET
H2 200 EX1tiaUXgAEf59-
pbs.twimg.com/media/ Frame 2B4D 9 KB
9 KB 11ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1tiaUXgAEf59-?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

0c962688ca1fdc38ae8fa9955d146abeb0e504be807bd08009280ca3f14b1fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 243003
x-cache: HIT
status: 200
content-length: 9477
x-response-time: 159
surrogate-key: media media/bucket/0 media/1260283908681334785
last-modified: Tue, 12 May 2020 18:59:13 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c5c486455aec2ba0ce9c3639a6883b9
accept-ranges: bytes

GET
H2 200 EX1ti2_WsAINOlg
pbs.twimg.com/media/ Frame 2B4D 11 KB
11 KB 12ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1ti2_WsAINOlg?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

3708af56382d5c8ab19f6816ff04b48b15abea4896cfc28decf48d26d4e3c3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 243002
x-cache: HIT
status: 200
content-length: 10851
x-response-time: 184
surrogate-key: media media/bucket/4 media/1260283916377829378
last-modified: Tue, 12 May 2020 18:59:15 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aa5901db1132b0429e5e8e3e77909e42
accept-ranges: bytes

GET
H2 200 EX0YABGXYAMgAhT
pbs.twimg.com/media/ Frame 2B4D 7 KB
8 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YABGXYAMgAhT?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

4508ed282e22c46c28e17901b281d40056792ded8d2282eb16617bf6f66dbf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 270668
x-cache: HIT
status: 200
content-length: 7570
x-response-time: 162
surrogate-key: media media/bucket/5 media/1260189859307806723
last-modified: Tue, 12 May 2020 12:45:30 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3e29b0596c7d458d0aa861d8ef24f8d
accept-ranges: bytes

GET
H2 200 EX0YHAZWkAATMkQ
pbs.twimg.com/media/ Frame 2B4D 19 KB
19 KB 11ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YHAZWkAATMkQ?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B4) /

Resource Hash

6c67afdaf9f3aa20008089c39b35ffce9ae635db7bbe0d53be99792e170adc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 270668
x-cache: HIT
status: 200
content-length: 19361
x-response-time: 147
surrogate-key: media media/bucket/1 media/1260189979378094080
last-modified: Tue, 12 May 2020 12:45:58 GMT
server: ECS (fcn/40B4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 63223d068b63bcf8696c6740543203eb
accept-ranges: bytes

GET
H2 200 EX0YN06XQAApk6g
pbs.twimg.com/media/ Frame 2B4D 16 KB
16 KB 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YN06XQAApk6g?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

fb9c61f90626f09bdeed4fb101e70f3303096693a89670958cd13edd3db22b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 270668
x-cache: HIT
status: 200
content-length: 16685
x-response-time: 132
surrogate-key: media media/bucket/6 media/1260190096554409984
last-modified: Tue, 12 May 2020 12:46:26 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11f8e74232534656c307244b2e967855
accept-ranges: bytes

GET
H2 200 EX0aKkjXkAEvf_Q
pbs.twimg.com/media/ Frame 2B4D 21 KB
21 KB 12ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0aKkjXkAEvf_Q?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4189) /

Resource Hash

26f43788d6f24ed01133b2a18ee170b4e1ba2af7c81d633840fb8a05bdca6e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 270668
x-cache: HIT
status: 200
content-length: 21155
x-response-time: 150
surrogate-key: media media/bucket/8 media/1260192239646642177
last-modified: Tue, 12 May 2020 12:54:57 GMT
server: ECS (fcn/4189)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fc0a27d6259b0d37bb5a2fe1812dd151
accept-ranges: bytes

GET
H2 200 EXr7QMbWAAIPWbM
pbs.twimg.com/media/ Frame 2B4D 14 KB
14 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXr7QMbWAAIPWbM?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

beec1a102eeef34452d715d74e9e76d9bf3ac64171d98f301345c0780578f96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 411164
x-cache: HIT
status: 200
content-length: 14625
x-response-time: 142
surrogate-key: media media/bucket/3 media/1259595301435867138
last-modified: Sun, 10 May 2020 21:22:56 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ab80d633e3075f1ccdf32e1cf399d979
accept-ranges: bytes

GET
H2 200 EXr7T9lWkAUB_ax
pbs.twimg.com/media/ Frame 2B4D 5 KB
5 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXr7T9lWkAUB_ax?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

013763bcd11aee4296dec2332b0cd4194330e17b1b3785ed23b56ed59a8a2652

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 411164
x-cache: HIT
status: 200
content-length: 5411
x-response-time: 143
surrogate-key: media media/bucket/2 media/1259595366170791941
last-modified: Sun, 10 May 2020 21:23:12 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f1019f9a02ba7d7df3ce6f344330b8d
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 2B4D 44 KB
7 KB 17ms
12ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561919
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: aae4135ed66c6a503050b8ae0bdcd456
accept-ranges: bytes
expires: Fri, 22 May 2020 16:15:21 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 8ms
7ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561919
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: aae4135ed66c6a503050b8ae0bdcd456
accept-ranges: bytes
expires: Fri, 22 May 2020 16:15:21 GMT

GET
DATA 200
OK truncated
/ Frame 2B4D 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2B4D 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2B4D 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2B4D 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2B4D 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25518458
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 6605
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 15 May 2019 00:01:52 GMT
server: cloudflare
etag: "5cdb56f0-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02bab77c43000005f97ebe0200000001
accept-ranges: bytes
cf-ray: 593e28406b6005f9-FRA
expires: Tue, 19 May 2020 02:07:22 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 287 B
921 B 124ms
79ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fseguranca-informatica.pt%2Fbrazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay%2F%23.Xr7AF9OxX0M&subId=5368311&v=1&jsonp=vglnk_jsonp_15895593217250
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0bb5e6cadeb03a01e138c3bcdb665ba6f0dc19524d5184957851bb3213467745

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 May 2020 16:15:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://seguranca-informatica.pt
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 287
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 2B4D 4 KB
4 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 98648
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 bOXSAGDp
pbs.twimg.com/card_img/1260880527042777090/ Frame 2B4D 2 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260880527042777090/bOXSAGDp?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 106977
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1260880527042777090
last-modified: Thu, 14 May 2020 10:29:58 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d467480b3cee22e40d7be671cd223fc
accept-ranges: bytes

GET
H2 200 iRaKib4f
pbs.twimg.com/card_img/1260727687439618048/ Frame 2B4D 55 KB
55 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260727687439618048/iRaKib4f?format=jpg&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 124313
x-cache: HIT
status: 200
content-length: 56026
x-response-time: 149
surrogate-key: card_img card_img/bucket/5 card_img/1260727687439618048
last-modified: Thu, 14 May 2020 00:22:38 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c4647d244ff72f7fd01c22cfe1e1709
accept-ranges: bytes

GET
H2 200 Bj3eS0F8
pbs.twimg.com/card_img/1260313571361042433/ Frame 2B4D 6 KB
6 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260313571361042433/Bj3eS0F8?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 240109
x-cache: HIT
status: 200
content-length: 6408
x-response-time: 152
surrogate-key: card_img card_img/bucket/9 card_img/1260313571361042433
last-modified: Tue, 12 May 2020 20:57:05 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 060b725ecae9640d7f5632c45fa259a3
accept-ranges: bytes

GET
H2 200 7uHJC-KV
pbs.twimg.com/card_img/1259974755957997570/ Frame 2B4D 4 KB
4 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1259974755957997570/7uHJC-KV?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 322942
x-cache: HIT
status: 200
content-length: 4303
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1259974755957997570
last-modified: Mon, 11 May 2020 22:30:45 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09fefbe59989eaba26df6deb730afe00
accept-ranges: bytes

GET
H2 200 Ut37ZGRp
pbs.twimg.com/card_img/1257322194239025158/ Frame 2B4D 5 KB
5 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1257322194239025158/Ut37ZGRp?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:21 GMT
x-content-type-options: nosniff
age: 226143
x-cache: HIT
status: 200
content-length: 4867
x-response-time: 143
surrogate-key: card_img card_img/bucket/5 card_img/1257322194239025158
last-modified: Mon, 04 May 2020 14:50:25 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 794e6d1d4d98dc958a6bd2265bf03a85
accept-ranges: bytes

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 23ms
22ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200511&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff38dfe2354924cd34f0c40f822d50b49a4799ee21a8822b567d708e4349f3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 15 May 2020 16:15:22 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4C3E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 15 May 2020 15:44:03 GMT
expires: Sat, 15 May 2021 15:44:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1879
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

jot.html
platform.twitter.com/ Frame BA1C
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

25ms
24ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://seguranca-informatica.pt
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 12 May 2020 17:25:54 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 15 May 2020 16:15:22 GMT
x-served-by: cache-bwi5120-BWI, cache-fra19151-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 15 May 2020 16:15:22 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 15 May 2020 16:15:22 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: fa3149ba9292c16e8772029caa59a901
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 122
x-transaction: 007b4b3700325c95
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200511&jk=1688279154569100&bg=!zM-lz9dYp_6K5pYvs_YCAAAAWlIAAAATmQGAoPWVuXn97opv71A88Z4wvp6HXlABOAWCp0Z_FRcQxk28iwWSre5gk-dkoLQWvz6CBkqlr-C4jeNu4RuDKclNOqUcuUz6OBdYuPlphVEgVgfwauiKadAmV0-s_EPVbMIob2HZAQp88nAZA_VHd0o_Y7y8lNWNSU9rFd7La3lKsR5p0SXy6SPBS6Rx_N8O7GltL_qHA8MEP_6jGG2ymujfdKgxz3MAN2sRjH7f6nxUBXlvqLsLv6XzRcl8L47dZ0cnaYRMtwmEGzdHTifjEZk75TTTSOjEZHq4bEz6kUWrlHFSBIB9wfXMmcq2WobxNsmHqJOwct-6-BX7IL_mSSQiPuJkZCiTLuO3QbYpPylthcoBVKYN7SKr7CWWqIlcnR4Hxkxh_R7E1H7UvLuWylrX3BoPLju_22cacN9Ziy9CACJtJDGl3EvRYd2deEB05CUAa4NsgaubM8lIpIqVDMJffP3MulEp03LsvmY1_Yc9M0iC7E2fdtHM-by_37FNAPww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:15:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 19:02:53	Name: uvc Value: 1%7C20
.facebook.com/	1970-01-19 11:42:15	Name: fr Value: 0rJlPBHGxNY7lcews..BevsAX...1.0.BevsAX.
.youtube.com/	1970-01-19 13:51:51	Name: VISITOR_INFO1_LIVE Value: W0wTE9R-Nyg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lT3dhRsJ7B0
.doubleclick.net/	1970-01-19 18:54:15	Name: IDE Value: AHWqTUkTbXfuyw1if8Q7WGxK8jeiRgscqZajwnf5dPQs_zayknJ0sh2GkLSWZaPK
seguranca-informatica.pt/	1970-01-19 09:32:41	Name: __atuvs Value: 5ebec017feff3f21000
seguranca-informatica.pt/	1970-01-19 19:02:53	Name: __atuvc Value: 1%7C20
.seguranca-informatica.pt/	1970-01-19 09:34:05	Name: _gid Value: GA1.2.1199548304.1589559319
.youtube.com/	1970-01-19 09:32:41	Name: GPS Value: 1
.addthis.com/	1970-01-19 19:02:53	Name: loc Value: MDAwMDBFVU5MWkUyMzE0MTgzNjAwMDAwMDBDSA==
.seguranca-informatica.pt/	1970-01-19 11:42:15	Name: _fbp Value: fb.1.1589559319372.413375886
.seguranca-informatica.pt/	1970-01-19 09:32:39	Name: _gat Value: 1
.seguranca-informatica.pt/	1970-01-19 10:15:51	Name: __cfduid Value: d94ea74c1817fef625adf979ab23a8ed91589559318
.seguranca-informatica.pt/	1970-01-20 03:03:51	Name: _ga Value: GA1.2.260783375.1589559319

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.1(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
api-public.addthis.com
c.disquscdn.com
cdn.onesignal.com
cdn.syndication.twimg.com
connect.facebook.net
disqus.com
feed.seguranca-informatica.pt
fonts.googleapis.com
fonts.gstatic.com
gist.github.com
github.githubassets.com
googleads.g.doubleclick.net
graph.facebook.com
licensebuttons.net
links.services.disqus.com
m.addthis.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
q.addthis.com
s.w.org
s7.addthis.com
seguranca-informatica.disqus.com
seguranca-informatica.pt
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
www.reddit.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.111.228.123
104.244.42.136
140.82.118.4
151.101.112.134
151.101.112.64
151.101.114.133
151.101.12.157
151.101.192.134
151.101.36.84
185.199.109.154
192.0.77.48
199.232.53.140
23.210.248.44
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::681a:4d6
2606:4700:3037::681b:bc6c
2606:4700::6812:a813
2606:4700::6812:e134
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:814::2002
2a00:1450:4001:817::2001
2a00:1450:4001:819::200e
2a00:1450:4001:820::2003
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
72.247.226.64
013763bcd11aee4296dec2332b0cd4194330e17b1b3785ed23b56ed59a8a2652
01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931
02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
048f480590ec0ca08fc57ba331065bc46fc3c36ac030a2feeb8b407db66f71ef
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
064f35d0bc956d66821ce6aa62f2d040e0bb99ba5045c56a382873111f95e7da
066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963
079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b
080d2c31f5785db73fbb77cd8b33a3e0be5a9534588eb202b5998587a61a5a9f
0952427c6f4fa6f960b8954afbf10c45ab099876ec25e748b73ade0757e88207
0999fade5a38c3dfbc134a8f2a3733281ed22974b02813f8cc88dc8f12d34c2d
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0a3fb128fef97ba127eda81efa18c16dca145031f3729cb2e58557faf08bc05d
0bb5e6cadeb03a01e138c3bcdb665ba6f0dc19524d5184957851bb3213467745
0c6ad7e581d104b86cebc286fdab623582d9c62e3ede04ff60207ce02cbee95f
0c962688ca1fdc38ae8fa9955d146abeb0e504be807bd08009280ca3f14b1fa2
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d14fabfa351d23e8216909d20aed80913c1b1396d7975ec648d7d2dd923100
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
15718a43bc0e65eb765d930a5adb586af8cbf57f26f29f79ce85fd90a31ead3d
174d3edd8918d63b407da0dd216c05ed0f8c7a1844b835825b96d8501c9744b4
18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145
18f1e1f4fe5585108349cf029e48ad91a12dae4627be962667fb0b4933c69bba
191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b
1b1837263ad163b61aec8ebfa551ea7eaa6f1cae2aa2181773fbaab694329b8a
1b75d3c01b481f0ccd00800a3dd803e9807d3fb1961f66a53fa0d0e091bb3cb7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3
1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2
241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb
244c8f68febdc9cf838e0936ba3150a663e1c3abf1b12c0c2d6c9612a1bea90c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354
26f43788d6f24ed01133b2a18ee170b4e1ba2af7c81d633840fb8a05bdca6e9b
28f7d67cfa34ceb2c89c3654c49bb1b9c64f3f0bcbd8f42bda3d29eeb1208dc6
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
2a12b82bb4b7e9b29fd41e3f22c394ee3d3737f8f9af9f7ae041d0bb895d8bd1
2a8cadd71f7dc844a929c41d81858be70df79038a44bd25e7e6a3956c7fdf85e
2cf6e3735711cb747ba8bdf53c78cf954bf3579d10d691dfefefd243f1a5dd6e
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
2dc6b608f38ecbf65f6942da886e4a746f003ea35da562ef85fcbcd4369dc62b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30f3b038c341bc4064e2a6591307c99fc2b60105a4c6a45ec511f54137c34d55
31e50406a9f34d791065021db1990af9fc39ad5f4654e28a2b388cfcb17fee05
32c6c8175c556f53109ae8579fcd763478eb74c8b756e98f1f651ccf58732aff
343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
369e456b46d16a544d65269fcaae1c1edc9d75edca11e324cde573943c240072
36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c
3708af56382d5c8ab19f6816ff04b48b15abea4896cfc28decf48d26d4e3c3d2
393be40f33765f8293a512c338e92e31d467d6ce2e5d5a64fa1cfae498e72cc9
39c4be699458b5a63bec979d0bc7fe44c0b152a4c57dac6631b07ee6d4dfdb95
3b61cfa99526a09cd475d413ab0e20615b78081883a4d64d19b3af025eacea54
3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f
3dfc92728cb060fb00769ef2d288e623c76b9ee1e7b6d9540b2e37c6aeac5889
3fa475ad9dd9c0bb2328beb67fcf6085332122077f3b535f9f2e3c65a1a26722
3fdc456f04f1fc0810426165c11e0cb1e6c0cdc7e186b25b2be8100a1c69257f
4124e9739c0a68290bb7c4437b303b57eed7b32ea383ba28936dbb3d98aea1c7
4135944d69b30495fe01a8d8474077055a055c913489125cb52a675841ab2e25
41842b8a7787f30dd7c129b53b921da9705e8420e0926550013d0252822547ec
44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4508ed282e22c46c28e17901b281d40056792ded8d2282eb16617bf6f66dbf9c
46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7
478e89099e0fddf654e7590276191089e55570461d34a1b50a2abefd95019b40
48555977de52a497e0dd8fe5aaf9ebf2df20bf16340340f4012baaa8153e490b
48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4acd60b107c604bb10e4308dd5aa04d2f8bdb490d5c3a77981617dfa5c2a576d
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d57f3e484049e822c85edf524d5cef778fe769a8c10eec807c3f987009c9548
4e838cf2ce665e2208aa8515065b3c524003a16034b5b759f36a4b982e4c2501
4e8d36a0ecc1a7f35886c6a829a5a98ea86cce4fd532f634aedf0e44d95564a9
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5111a42826ba8b50d8f02fb189cf6c24b1a91710eb639d695437498997a30f69
53056a4566d25ac95d51f9927a5e328358a9726a7800a2c36f05910f710cce85
53e15c9521875f1e3db0552ca297efd73bf3f649125e0467f5301338a345fc91
544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17
54828de87bc016777dbbc92272b2e98548a8696df494cff0f095caa4bc201d2c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
575593b187efc8e164cf80d79952d18b79ecad5fb42a81b1711dedf7a2af46b9
57bde77df45e0fa386276a8e90d21845ea5abf1e5a2669ae902ccede4babcc62
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5b276423ec475f732888c695bb9e2f852868409cb99ae992200d57b3fde08ba3
5c31698e0cf01f68fe45381e6359de5c5beff2371359e413267729a88b1cca01
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d5bf22bef8cf97bbeba3a744967690de92394ed356ba77b908f854fd4671422
6087407f28cbfab23e3c6e98e180dec583e1725fb522f414946e08e3c2a6d93d
622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35
629df1def5e236ed0725d530df2de471a917221677057d58baa8686f4456308c
64b0515dac3562cf5137c0775b2a3631cc10ef36a62f96b8590c800f794ce4cd
659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3
66a1646024f0fd58b7fbc8f674b9c097d9e9a96ab0dbb11b92bb377a2eccfa4e
67a84a39ba8f7d4a16a477304a3a0a8dd86ffcd75683b3e3222c7a59661f9c6d
6c2cc4ca2c334a2b67bbc3f9a550682887c8c2831cc338299e01192257645545
6c67afdaf9f3aa20008089c39b35ffce9ae635db7bbe0d53be99792e170adc0a
6c848f8748dcbd3ae9248bd4ef3309e931660b0ebd18b20b7c3989ac54144e5b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864
717c288dc6b91d3c1774be2fcf06f0eccd923966e3df65bef32b78e26cc18b75
74bce64b8642ede6c809586769d20a3bb3f69b7cbbf3edd32f81108a7767e1e4
77304452b2274417b8a3476d75f1253e5d144edde5a269455d4d7a4ab5df0ec3
7779b7dc26af3310711148c1acae9e02f631e368239e048597ce7ec6f7e05e98
78f1e4753f574162c7ab58a2ab05779e44cb50b8c53ef59852e4d801597abfaf
7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e
7a20b3be7d4327e93b19c5f9294f18c262e209b1831db3daee58a82baf8f96ff
7a5de508f163596415bb264f8f130f70d18ca0deddfcbc0fd7312de00214f9d3
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7b7642ee69bfb367b8471fa2ce3c750c0e9a672acb55c268abd5e541ecfe16bf
7c372b7c48b31724a9536ee4ba3fda2ba092916acb6c6be3c6b445d91597bd87
7c4d72e2d472e7e06026bb5d0015364bf5592cce84d6e747af34f90227b15821
7c7399d32456ccf860fbaee43cbfb0b746f6efcffc5537851eab271e73b5b7a6
7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7
7d0f4f7cdf67f0adb696aac5b9bfc64d4f83ce63300eaeff781e8da2529f5a93
7d29213064fdf8bfceb38f5266f178f36fee29ef00140c7c6c3c0c086b00d307
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd
8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8394fa4c884becaf16b858b07351f347291befcbc43bf61bd472e1a132aeccef
84cf009b95c7cae6ce77a5356cf93b6d78b8481c1d6ce979eb1bd56b37e68383
84fdb44da06c6f70548aa4b4f73b439515775dc211d85b3f55721954e2329049
85b8a0e5bf5a3a99353f90240d550078fee29d6df74fd47cc139f3bac73d865b
85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f
8742843c9c346c419f6a487e08a8f6d6c5f3200d4f7a7c0e15dab4a4a7c0c65d
88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3
8995e173fbc28814420648e43c723f859473e3ee823575b0b32af64796620cab
8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f
91d4207e7c66e4f58b75db09d4bf19e44186e48913d9f9fb8a15823019ea143b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
978bbde57b292c60c62b0d2c26d51be6460dd1b1cc7afbeab4b8810cc9fb8f05
9bd8c19f3d4f5fdd60b123818f5df4fc1d4fc3bb7f18a23faa50a7ee0278b909
9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea
9c677df6c0eccea7dfe6231398ee68e1e1fcd0061912fb23275f631d8c1c8bae
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
a3f36146f67554b989421cd2be6d58d97fc92f7c6e130d6152a0659a770f8fc2
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343
a7467c2e03239b2990273b1f57ba654dc7211e9244d3a86f838cc09790104193
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
aa014d32cb2f0fed10084c403e677c10b0e7b77898f2bd790af112330ecc78d1
aa06051b1c939145f22a163564c3b9d5a3e5b95151c11d675fee25a5ac272a18
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac5c0cb194d016a5b86c0ebf341b176a9ea948b1d5c0b35074696039bdc9aba4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adef2af3bc521b5d2171f199574fdfc7421d81323511fb82c60d89ae0ae6fcd0
b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3
b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87
b6fa87c387d5db09c4ca0b7a5b9c22c064787488c8eec63a7f173101cbbbbc58
b8410a075bea6718f549c25b3da4d714b8c262d8c029849748193f614b383631
b8aafe0abf8b20593244ec20b5239f72a3d239abeaa943ee04bf4f32e9b8dc2e
b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6
b9065ce3b15006e2211ffa09108571baf48e21db653a8098d53a0a828f10cd4d
b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b
ba0250e71d8796cbd2f3310cdac52c8c1723c611df9a0f5b747934945d49140c
ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4
bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b
be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a
bedbdc5e01fd1749ece5ad222243e3a27c2dfa5b8871328289d89aebd013ea7e
beec1a102eeef34452d715d74e9e76d9bf3ac64171d98f301345c0780578f96e
c347a51497091ee71f5a8e9edda0eb728ebee53336051447c66838997e8aa734
c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e
c6a75664bb6f5dad258104bb7c11dba4eeebad12aa673fe9f93c199a7e04133c
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1
c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262
c9eb00995d41835de50d5f645da835d3837205846c23779e88ad888b1cc55796
caace78c6f887ecbf780bdf5b71e57a02776d7ef5a0e54e797e3e007130262e2
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
ccc0c1397db71720dc6565ce306e033eba13f61a175e3e14ca3b5093204e1172
ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886
ce90d978164af230185a56b2420acc4439027772953d6b9a3079d4e8bebe9d94
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e
d0154bc5c5f57538a82d600332062423bc61361a127b27cb1be7077c07e34fdf
d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad
d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627
d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
db0de0d4de1311eb99b9327550146b23da220725b6739baa3158eb12f12d358a
db7402409462dbca9ed9eb79e1bf8e575d915e9803386dda45ce71f9c54fbfb0
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d
e0b867e89571d23202e9a1cf026372048737c930c3e0c6002231ef5729297e4f
e20b68778dd2f83aea8f4c96b03c1fecf5d255ae53c86cd293968de3a6475568
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5
e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056
e69c8d33258983d26a64c123163df7cccdccffc8178e8c4365ae5c58e48040d3
e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68
e7ac9409eaf87e270f1860f0aea0dfb7f74c31e18a0679a9d2ec44acade354cc
e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794
e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c
ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9
eb2717f24569d4ff3b4ab9000a0e36ef758c2764baac864e6bb4167eeae08728
ec6bb89fc1e8890c4c5ed5585f056c095c71b19cb32b9f4a67cba6c34adf70b1
ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee855adef8d74ff58e90a1c1c1efcf2550e3ba6d0db5a80a417b0dc22a3efb94
ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83
efd9885e28a8bab88f38cc1d62a3b5aae4f3508420abe3242ac4bbed30e5204d
f1615095a9e662d58ed44a7fc6c80c04b642ee9122a037e620680008463b3e68
f403b8185a2a6777d3ca85a914289b03522d148b1f12d4087b564a35417a1f47
f515acecc2fb5ce917f776ca75148d77b34501a2c2c3c810f25c8ba548a25a4e
f523ff657175b7cb8d2667602adb77ccebf5e5c5c987e32800d2698b6bb0286e
f79b35bfccf95903f352072c396ca866bffbfd206198112c7ee524e0d0421a48
f8262dd29fd6d3274eab1dc2c06a77a0cb803358ef1512416b5497239ee09cbb
fb9c61f90626f09bdeed4fb101e70f3303096693a89670958cd13edd3db22b16
ff38dfe2354924cd34f0c40f822d50b49a4799ee21a8822b567d708e4349f3ad
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

seguranca-informatica.pt Open in urlscan Pro 2606:4700:3037::681b:bc6c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

263 Requests

100 %HTTPS

50 %IPv6

28 Domains

40 Subdomains

28 IPs

5 Countries

8761 kBTransfer

11122 kBSize

14 Cookies

43 Outgoing links

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

40
Subdomains

28
IPs

5
Countries

8761 kB
Transfer

11122 kB
Size

14
Cookies

263 HTTP transactions
8 data transactions