securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-troja=
Effective URL:
https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Submission: On May 15 via api (May 15th 2020, 4:20:54 pm UTC) from US

Summary HTTP 156 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 156 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.

This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 45	2001:8d8:100f... 2001:8d8:100f:f000::289	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:201... 2600:9000:2016:6a00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:201... 2600:9000:2016:9c00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
45	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
23	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:209... 2600:9000:2093:5400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::681b:bc6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:201... 2600:9000:2016:4600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	18.196.75.213 18.196.75.213	16509 (AMAZON-02) (AMAZON-02)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
156	22

45 2001:8d8:100f:f000::289 (Germany) 2 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)

securityaffairs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:6a00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:9c00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:5400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681b:bc6c (United States)

ASN13335 (CLOUDFLARENET, US)

seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:4600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.75.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	wp.com i0.wp.com i1.wp.com i2.wp.com stats.wp.com pixel.wp.com	2 MB
45	securityaffairs.co 2 redirects securityaffairs.co	1 MB
23	media.net contextual.media.net lg3.media.net hblg.media.net	246 KB
14	googlesyndication.com d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com tpc.googlesyndication.com 16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com pagead2.googlesyndication.com	22 KB
5	sharethis.com ws.sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	37 KB
4	doubleclick.net securepubads.g.doubleclick.net	203 KB
4	googletagservices.com www.googletagservices.com	83 KB
4	google-analytics.com www.google-analytics.com google-analytics.com	37 KB
2	facebook.net connect.facebook.net	117 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	consensu.org c.sharethis.mgr.consensu.org
1	seguranca-informatica.pt seguranca-informatica.pt
1	gravatar.com secure.gravatar.com	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
0	googleapis.com Failed fonts.googleapis.com Failed
156	16

	Domain	Requested by
45	securityaffairs.co	2 redirects securityaffairs.co
17	i1.wp.com	securityaffairs.co
16	i0.wp.com	securityaffairs.co
12	i2.wp.com	securityaffairs.co
11	contextual.media.net	securityaffairs.co contextual.media.net
7	hblg.media.net	securityaffairs.co
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	lg3.media.net	securityaffairs.co
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	www.googletagservices.com	securityaffairs.co securepubads.g.doubleclick.net
3	www.google-analytics.com	securityaffairs.co
2	16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	l.sharethis.com	ws.sharethis.com securityaffairs.co
2	connect.facebook.net	securityaffairs.co connect.facebook.net
1	google-analytics.com	securityaffairs.co
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	pixel.wp.com	securityaffairs.co
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	seguranca-informatica.pt	securityaffairs.co
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.co
1	secure.gravatar.com	securityaffairs.co
1	platform-api.sharethis.com	securityaffairs.co
1	ws.sharethis.com	securityaffairs.co
1	maxcdn.bootstrapcdn.com	securityaffairs.co
0	fonts.googleapis.com Failed	securityaffairs.co
156	29

This site contains links to these domains. Also see Links.

Domain
seguranca-informatica.pt
twitter.com
www.embarcadero.com
malware.pt
www.blockchain.com
www.shodan.io
www.linkedin.com
docs.google.com
www.facebook.com
reddit.com
www.pinterest.com
plus.google.com
www.tumblr.com

Subject Issuer	Validity	Valid
www.securityaffairs.co GeoTrust RSA CA 2018	`2020-03-08` - `2021-04-07`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Frame ID: 2BB63CF1E9D90761E9274EB8E9ED98C0
Requests: 124 HTTP requests in this frame

Frame: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/embed/
Frame ID: C98EA4058276F56169918FA36B8A1B98
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Frame ID: 185BD1E908B4EB03544AA7808764668A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB41O6BH&prvid=80%2C82%2C97%2C109%2C148%2C175%2C178%2C192%2C193%2C3008&rtime=19&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1
Frame ID: DACACD73138B014326DC87D01AECC5BA
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&nse=0&vi=1589559634986306420&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&ntv=1&nb=1
Frame ID: 155B52AB8DA1365DB3D659ABF1094596
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 3C68371036B606DD45F0434ABDE41EF4
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&nse=0&vi=1589559634654056639&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&ntv=1&nb=1
Frame ID: CE9E35F29BCB4724182DCE0D88A7EC92
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 7F5397A2F8FD72C2E95ED73181F6F360
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrEBbIZGw_v2fXpyZXRW3WVE%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTB6bMiPGj-JgSAwF-osbmAKaX1zGxDg7xFDFHMfpYOSP-ogztV6kSBiT_CaHdO63wsdpLpSgbskg%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CHiAkoX8sElu9iyJi2OioE0aZXaHDM-4ZHPEkGQr-YbA1rBvE1XygWWuEYl-A4bZLdvTIozjkrVptZgXXV_x54eY64Eot6YwQqhJU_5Rq28iZcMU173TrAJAibUt_A10d%7CsRBSg3CPSiQ%3D%7C&https=1&cc=AT&bf=0&staticIframe=1&vif=1&vi=1589559634986306420&lw=1&ugd=4&ib=0&katid=801338185&katbid=-21&katen=1&nb=1
Frame ID: 1F113938E7539CCFAC3A00309E4A0B81
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrHvHwrQGlpByWaOO1vn303s%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTB6bMiPGj-JgSAwF-osbmAKaX1zGxDg7xFDFHMfpYOSP_mq8hksjZlVXlxCtVhWpjiqqvOYH5okM%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CHiAkoX8sElu9iyJi2OioE0aZXaHDM-4ZHPEkGQr-YbA1rBvE1XygWWuEYl-A4bZLdvTIozjkrVptZgXXV_x54eY64Eot6YwQqhJU_5Rq28iZcMU173TrAJAibUt_A10d%7CsRBSg3CPSiQ%3D%7C&https=1&cc=AT&bf=0&staticIframe=1&vif=1&vi=1589559634654056639&lw=1&ugd=4&ib=0&katid=801333288&katbid=-21&katen=1&nb=1
Frame ID: F3DBCEF3FCE704F558A7D4CEC0B32FDC
Requests: 1 HTTP requests in this frame

Frame: https://16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: AE8192F6E4B09F7969AFFFB872D93A6C
Requests: 1 HTTP requests in this frame

Frame: https://d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: D1AA618641B7B1CD838902AFE8290846
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A67B8C6DBF48E11E0F3F8B72096EF9A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 74EDC3DE09EA5208142DEA0C58D86B57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-troja= HTTP 301
https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

156
Requests

97 %
HTTPS

76 %
IPv6

16
Domains

29
Subdomains

22
IPs

4
Countries

3778 kB
Transfer

5325 kB
Size

9
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/#.XrKhbahKhQA
Title: Lampion

Search URL Search Domain Scan URL

URL: https://twitter.com/t14g0p
Title: @t14g0p

Search URL Search Domain Scan URL

URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/#.XrCeF6hKhQA
Title: Lampion

Search URL Search Domain Scan URL

URL: https://www.embarcadero.com/br/
Title: Embarcaredo

Search URL Search Domain Scan URL

URL: https://malware.pt/posts/banker_google_docs/
Title: publication

Search URL Search Domain Scan URL

URL: https://www.blockchain.com/btc/address/18KdHi9CJea1AjEtrVQSfqyN6QXZvJZXqS
Title: bitcoin wallet

Search URL Search Domain Scan URL

URL: https://www.shodan.io/
Title: Shodan

Search URL Search Domain Scan URL

URL: https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/
Title: Brazilian trojan banker is targeting Portuguese users using browser overlay

Search URL Search Domain Scan URL

URL: https://seguranca-informatica.pt/author/pipocaz/
Title: Pedro Tavares

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares/
Title: Pedro Tavares

Search URL Search Domain Scan URL

URL: https://seguranca-informatica.pt/
Title: seguranca-informatica.pt

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform
Title: https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html&text=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay%20
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html&title=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlay
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&media=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-troja= HTTP 301
https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://securityaffairs.co/wordpress?ga_action=googleanalytics_get_script HTTP 301
https://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script

156 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request brazilian-trojan-banker-targets-portugal.html Show response
securityaffairs.co/wordpress/102858/cyber-crime/
Redirect Chain

https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-troja=
https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

99 KB
28 KB

65ms
65ms

Document
text/html

2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache / PHP/7.2.30
Resource Hash: 24154d5bff15e876d0c365bcc5f3dcb6f1c385455a21005fac10cf13d188c850

Request headers

:method: GET
:authority: securityaffairs.co
:scheme: https
:path: /wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Fri, 15 May 2020 16:20:33 GMT
server: Apache
x-powered-by: PHP/7.2.30
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip

Redirect headers

status: 301
content-type: text/html; charset=UTF-8
content-length: 0
location: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
date: Fri, 15 May 2020 16:20:32 GMT
server: Apache
x-powered-by: PHP/7.2.30
vary: Accept-Encoding,Cookie
x-pingback: https://securityaffairs.co/wordpress/xmlrpc.php
x-redirect-by: WordPress

GET
H2 200 style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 63 KB
63 KB 37ms
31ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9de915b8773f1be6b99448d8fbdb7c359f10b5a06f544181597b8523eca6278b

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 29 Apr 2020 21:17:12 GMT
server: Apache
etag: "fc38-5a47478c28836"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 64568

GET
H2 200 cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 3 KB
3 KB 26ms
20ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.8.8
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 81e82457fb12ef9a7b3981eceba4363763a703fd04bbe4da183903fd74e2cbcd

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Tue, 12 May 2020 21:51:49 GMT
server: Apache
etag: "b26-5a57a787c85d6"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2854

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 23 KB
23 KB 28ms
22ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.8
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1423f118a35dc9c99fff8faa25d7dc1872bf55c5e4d3298b28ee0fc361a4ca5d

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Tue, 12 May 2020 21:51:49 GMT
server: Apache
etag: "5c8b-5a57a787c85d6"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 23691

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 886ms
71ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=a12585769d26b925b2cfda0809b574a3

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 5442

GET
H2 200 custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 19 KB
20 KB 26ms
20ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: Apache
etag: "4d92-52704407f72c0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 19858

GET
H2 200 tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 539 B
683 B 36ms
30ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
etag: "21b-526fe6d7cd700"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 539

GET
H2 200 flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 6 KB
6 KB 35ms
30ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: Apache
etag: "1851-5270441180940"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 6225

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 11 KB
11 KB 39ms
34ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: Apache
etag: "2ca1-597430d7ee92b"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 11425

GET
H2 200 animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 2 KB
2 KB 40ms
34ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
etag: "6b4-526fe6d5e5280"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1716

GET
H2 200 font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 17 KB
18 KB 43ms
17ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
etag: "4574-526fe6d5e5280"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 17780

GET
H2 200 swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
5 KB 46ms
19ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
etag: "118d-526fe6e527680"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 4493

GET
H2 200 jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 334 B
478 B 67ms
27ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
etag: "14e-526fe6d5e5280"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 334

GET
H2 200 screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 110 KB
110 KB 58ms
21ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
etag: "1b844-526fe6d7cd700"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 112708

GET
H2 200 custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 12 KB
12 KB 106ms
70ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache / PHP/7.2.30
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 16:20:33 GMT
server: Apache
x-powered-by: PHP/7.2.30
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2 200 grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 49 KB
50 KB 59ms
23ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: Apache
etag: "c5f2-526fe6d6d94c0"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 50674

GET
H2 200 frontend.js Show response
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 23 KB
23 KB 66ms
24ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.js?ver=1589558184
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Tue, 25 Feb 2020 23:56:39 GMT
server: Apache
etag: "5b01-59f6f3d26c169"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 23297

GET
H2 200 jquery.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 95 KB
95 KB 67ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Tue, 21 May 2019 21:49:10 GMT
server: Apache
etag: "17a69-5896cd1a361be"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 96873

GET
H2 200 jquery-migrate.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 23 KB
23 KB 57ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: dce50148adaff4dccd1d95c9b25563011436e398272d530e974193b8685340a2

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Thu, 21 Feb 2019 22:56:38 GMT
server: Apache
etag: "5bdb-5826f63145921"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 23515

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ 21 KB
22 KB 57ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.8
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: b63151f7579a782a544185e4cdf3e2cff7fd2b4d3889252125c2d3d14fc94070

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Tue, 12 May 2020 21:51:49 GMT
server: Apache
etag: "5563-5a57a787c85d6"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 21859

GET
H2 200 st_insights.js Show response
ws.sharethis.com/button/ 23 KB
7 KB 51ms
13ms Script
application/javascript 2600:9000:2016:6a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:6a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a6f6a68da852fe76f3b5a6ce0d02be3e8cac52e79f4b82f63b1eda5168dce0c6

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 16:59:07 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 84089
etag: W/"5e86445e-5b4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=259200
x-amz-cf-pop: HAM50-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: TQ3V0XIf0KBJo9j3X5j2GJyK-s1Ta_dt5gFr_dBh6KKYjURuI0riGA==
via: 1.1 205ffb8e514fb7232a031d1454df1293.cloudfront.net (CloudFront)
expires: Sun, 17 May 2020 16:59:04 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 94 KB
29 KB 18ms
15ms Script
text/javascript 2600:9000:2016:9c00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:9c00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 558e3c946e3b07f85c7d5264ae6582207dda4af580df34df3e34cf747a950058

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:14:53 GMT
content-encoding: gzip
age: 346
etag: W/"176ce-sDJx+jrJ99II7HxW+Cub/4Ll2F0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: PlqAtgn0kFzELtqX1gPZPgOEIuglWDdlAWWvIkwU-WMq9-nvE29Wqg==
via: 1.1 fec18be10cd069f0dd74ab4667ba5e27.cloudfront.net (CloudFront)

GET
H2 200 shield-antibot.js Show response
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/ 3 KB
3 KB 76ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield-antibot.js?ver=9.0.2&mtime=1589493732
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: d24350e3a8c6e3963544189c3d0cfcd8c11e5dbac0de76aace83993b7d16dcf6

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:33 GMT
last-modified: Thu, 14 May 2020 22:02:12 GMT
server: Apache
etag: "c00-5a5a2d950bb7c"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3072

GET
H2 200 logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 44 KB
44 KB 32ms
25ms Image
image/png 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 17:30:42 GMT
server: Apache
etag: "b0e9-5270743f5f480"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 45289

GET
H2 200 02-template_phishing.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 31 KB
31 KB 82ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/02-template_phishing.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f93158ba033995e6fbc9c09f18b01adfe5416b5ff44b92361044b561b8e8955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 10329
last-modified: Thu, 07 May 2020 11:03:09 GMT
server: nginx
etag: "d8dd5ab1db43bc65"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/02-template_phishing.png>; rel="canonical"
content-length: 31236
expires: Sat, 07 May 2022 23:03:09 GMT

GET
H2 200 03-trojan-banker-high-diagram-.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 57 KB
57 KB 83ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/03-trojan-banker-high-diagram-.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

eef2f7c2218f44b7d06482e019099e713042a426a6b5ac1b38d85b874d7a6961

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 206993
last-modified: Thu, 07 May 2020 11:03:09 GMT
server: nginx
etag: "1d7d47e250007c23"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/03-trojan-banker-high-diagram-.png>; rel="canonical"
content-length: 58496
expires: Sat, 07 May 2022 23:03:09 GMT

GET
H2 200 01-template_phishing.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 14 KB
14 KB 93ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/01-template_phishing.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1b937ce86d2da545daa12a92d1a4ef4014f4a2040ac172e9f9dd91e851aefe2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 25471
last-modified: Thu, 07 May 2020 11:03:09 GMT
server: nginx
etag: "4ac2aef01b45afdd"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/01-template_phishing.png>; rel="canonical"
content-length: 13874
expires: Sat, 07 May 2022 23:03:09 GMT

GET
H2 200 4-zip-file-from-compromised-server.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 38 KB
38 KB 122ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/4-zip-file-from-compromised-server.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

cb4b78cf8305a5333f7debcd8a5a210837210b442d5702b278dd93255dd55232

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 94256
last-modified: Thu, 07 May 2020 11:03:10 GMT
server: nginx
etag: "c39ea4cfa685649d"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/4-zip-file-from-compromised-server.png>; rel="canonical"
content-length: 38928
expires: Sat, 07 May 2022 23:03:10 GMT

GET
H2 200 5-msi_downloading_2nd_stage.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 240 KB
241 KB 116ms
63ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/5-msi_downloading_2nd_stage.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f82d4c226a86969122d7f72ed4e7984c5739b838f1fb2ffef2f466f08a600760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:10 GMT
server: nginx
etag: "a8589c06747e95c4"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/5-msi_downloading_2nd_stage.png>; rel="canonical"
content-length: 246008
expires: Sat, 07 May 2022 23:03:10 GMT

GET
H2 200 6-google-sites.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 11 KB
12 KB 71ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/6-google-sites.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

361ebb8d4bbe222b2b01898594d49e7d9503137dfe6843167f253c1ccc25300a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 21912
last-modified: Thu, 07 May 2020 11:03:10 GMT
server: nginx
etag: "dbc46543c268edd0"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/6-google-sites.png>; rel="canonical"
content-length: 11610
expires: Sat, 07 May 2022 23:03:10 GMT

GET
H2 200 7-creating-file-startup-folder.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 128 KB
129 KB 99ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/7-creating-file-startup-folder.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f31892cfa4aa6eaa801f2c0e7a451f59a4070812a94a8c6e40b2cf9d1025a4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:10 GMT
server: nginx
etag: "6e3346689be13bb7"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/7-creating-file-startup-folder.png>; rel="canonical"
content-length: 131514
expires: Sat, 07 May 2022 23:03:10 GMT

GET
H2 200 8-trojan-startup-folder.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 13 KB
13 KB 99ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/8-trojan-startup-folder.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9a5bc5e8bd62ad4f8d9709fe47f166cb035b6007fa652e9f65cdbab39f42a6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 12140
last-modified: Thu, 07 May 2020 11:03:10 GMT
server: nginx
etag: "ccf85d7438b0e5c6"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/8-trojan-startup-folder.png>; rel="canonical"
content-length: 12830
expires: Sat, 07 May 2022 23:03:10 GMT

GET
H2 200 embarcaredo.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 42 KB
42 KB 68ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/embarcaredo.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a4750c7a5cdbeeeea1c01fe3cffb6cb8bbb56f0e0ab1546a29030a3a08a0057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 40502
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "b6884942ce5ac65b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/embarcaredo.png>; rel="canonical"
content-length: 43112
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 mapa.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 5 KB
5 KB 73ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/mapa.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

25cd4564a7244555a553a8bf04a1340b64e3350cb31e390a9e6fc22a92d699dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 19825
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "50074c56b4fe14e7"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/mapa.png>; rel="canonical"
content-length: 4692
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 11-packer.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 3 KB
3 KB 39ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/11-packer.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

800bbb85be1a26c329fa56500d0e2f007f7294f7a67771cc3bb3b3f480a9cd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 1712
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "f991b05427ec6005"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/11-packer.png>; rel="canonical"
content-length: 3066
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 13-anti-dbg.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 63 KB
63 KB 25ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/13-anti-dbg.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6cdd5883e49891ba759437b6a12684d0ec8d152c37b75f6bfa86a29244e3ccd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "596b7a713fb9336b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/13-anti-dbg.png>; rel="canonical"
content-length: 64648
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 image.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 21 KB
21 KB 40ms
37ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image.png?resize=1024%2C246&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

29f354063fc5a7f36bcf627f8adf6a4d9c76d76c1cff98d0f070368a1b3b6241

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 97646
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "b569d208f83dd85e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image.png>; rel="canonical"
content-length: 21080
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 image-1.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 34 KB
34 KB 61ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-1.png?resize=1024%2C396&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

af59a0033a8f1fde415bd8f28d7d7b9c6509e1ca24c9d5d13e87da9072148e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 104815
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "2202adb6282aff80"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-1.png>; rel="canonical"
content-length: 34500
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 14-sections.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 94 KB
95 KB 44ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/14-sections.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0d2e40725eeb1a7943abd826d1e98814112e7c320e17a1d57363945ce572dbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "5f00710735214d3f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/14-sections.png>; rel="canonical"
content-length: 96592
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 15-packed.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 20 KB
21 KB 81ms
79ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/15-packed.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d60be5f2fb9ff47b6488a20dcc1596c17ed3f25c1a1cef2a27455929dd8ad558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 7090
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "5c206a98bc90cf02"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/15-packed.png>; rel="canonical"
content-length: 20976
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 19-portex.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 115 KB
115 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/19-portex.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

712d0318dcc1a6a613df70c235d2e28714b14ab0509b68f56a9daff591eacfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:11 GMT
server: nginx
etag: "acf862df869b98e9"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/19-portex.png>; rel="canonical"
content-length: 117502
expires: Sat, 07 May 2022 23:03:11 GMT

GET
H2 200 clipboard_.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 68 KB
69 KB 44ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/clipboard_.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ea8e0db18c15f6f4e6e1faf43ee05a57032370152a4d08775203f2aa03e64b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 255248
last-modified: Thu, 07 May 2020 11:00:22 GMT
server: nginx
etag: "50a6f8ed55120f7e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/clipboard_.png>; rel="canonical"
content-length: 70120
expires: Sat, 07 May 2022 23:00:22 GMT

GET
H2 200 17-bpi-overlay.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 126 KB
126 KB 44ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/17-bpi-overlay.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

401affba0a3df0e1afe5531d1636c9819a32076632167474ee892f21c1548fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:00:21 GMT
server: nginx
etag: "a4c343f91624b6c2"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/17-bpi-overlay.png>; rel="canonical"
content-length: 128532
expires: Sat, 07 May 2022 23:00:21 GMT

GET
H2 200 21-santander-strings.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 51 KB
52 KB 54ms
51ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/21-santander-strings.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6e9a60a09b0d46d216c72c4f01230075a568bc862b8c8f17e806ee13a04718d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 4801
last-modified: Thu, 07 May 2020 11:03:12 GMT
server: nginx
etag: "0263461aa926003f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/21-santander-strings.png>; rel="canonical"
content-length: 52676
expires: Sat, 07 May 2022 23:03:12 GMT

GET
H2 200 22-overlay-banco.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 106 KB
107 KB 37ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/22-overlay-banco.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7c9327f7776aea1817cda79424fe94fc6c6bf98c306918e519cf9f2789167716

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 113081
last-modified: Thu, 07 May 2020 11:03:12 GMT
server: nginx
etag: "8da942c67a962328"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/22-overlay-banco.png>; rel="canonical"
content-length: 108830
expires: Sat, 07 May 2022 23:03:12 GMT

GET
H2 200 24-browser-overlay-1.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 29 KB
30 KB 25ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/24-browser-overlay-1.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6eedbd6421a0e283b21e5607feda5e04406b40e973d34f80afecd40b3c7584cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 120218
last-modified: Thu, 07 May 2020 11:03:12 GMT
server: nginx
etag: "b7baad36754dcf00"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/24-browser-overlay-1.png>; rel="canonical"
content-length: 30182
expires: Sat, 07 May 2022 23:03:12 GMT

GET
H2 200 25-positionin-overlay.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 25 KB
25 KB 79ms
77ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/25-positionin-overlay.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

200456f2a4656318f81c2fae12ff3f6b5cf41d1a3d8249068d5f3bd1b7be96aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:12 GMT
server: nginx
etag: "b8bdb8ce5b9aeb4f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/25-positionin-overlay.png>; rel="canonical"
content-length: 25656
expires: Sat, 07 May 2022 23:03:12 GMT

GET
H2 200 26-millenium.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 54 KB
54 KB 37ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/26-millenium.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1f69c44fcfa913d215e8ccaf16b3157e04be199fa33d448a68c22cfdf8046e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 162217
last-modified: Thu, 07 May 2020 11:03:12 GMT
server: nginx
etag: "f7f1e79e0199b14c"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/26-millenium.png>; rel="canonical"
content-length: 55036
expires: Sat, 07 May 2022 23:03:12 GMT

GET
H2 200 27-santander.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 58 KB
58 KB 81ms
79ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/27-santander.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

684af96d86f300e7c64ccddafb167e529bd6829b7d39d9532ac02ba4fd8fff88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 158438
last-modified: Thu, 07 May 2020 11:03:13 GMT
server: nginx
etag: "d171b03ef2b11408"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/27-santander.png>; rel="canonical"
content-length: 59582
expires: Sat, 07 May 2022 23:03:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7/M7HcdSABtYBNj/dvVQRg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "8fb486b9c804808d762fe05a985a4fac"
x-fb-debug: ls2SpChS2BBu9rMFqy1Xcn3v/XPmiOZcUXkpT1GkC/XIIWlv7bx5dvCiQ5XTjyflRFSuaGHBhvHgG9pThlrq3Q==
x-fb-trip-id: 664085054
x-fb-content-md5: 4e2ac3d85fd9e47184840fd03051d43f
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:34 GMT, Fri, 15 May 2020 16:20:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:24:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6119
date: Fri, 15 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 16:38:35 GMT

GET
H2 200 twemoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 27 KB
27 KB 22ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: fd503ca2cb350bd8ecec266730289fd8a519faffe250b976f7963dc10bfd829c

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: Apache
etag: "6c11-597430d810c0b"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 27665

GET
H2 200 wp-emoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 9 KB
9 KB 23ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Tue, 31 Mar 2020 22:49:14 GMT
server: Apache
etag: "231d-5a22e608152f1"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 8989

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 image-2.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 29 KB
29 KB 62ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-2.png?resize=1024%2C670&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7c7902ec2ade13e0bf381c1c7c24ec2de86b73c94516c6817d7e18a257317205

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 122811
last-modified: Thu, 07 May 2020 11:03:13 GMT
server: nginx
etag: "210d7b8604c17e29"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-2.png>; rel="canonical"
content-length: 29456
expires: Sat, 07 May 2022 23:03:13 GMT

GET
H2 200 image-3.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 26 KB
26 KB 72ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-3.png?resize=1024%2C673&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

cef287260664425f3cc1bb663632c893e0ad4afdb59986d2d3bd9fc65236a822

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 108588
last-modified: Thu, 07 May 2020 11:03:13 GMT
server: nginx
etag: "e61e446d08d48836"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-3.png>; rel="canonical"
content-length: 26844
expires: Sat, 07 May 2022 23:03:13 GMT

GET
H2 200 37-wireshark-gdocs.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 117 KB
118 KB 64ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/37-wireshark-gdocs.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

38ab70c9b0e10b4f4416b62c90de3d0f02016e1d89ce78414871aebfb923fe11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 128008
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "802d9a236febe8f9"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/37-wireshark-gdocs.png>; rel="canonical"
content-length: 120208
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 image-4.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 79 KB
80 KB 63ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-4.png?resize=1024%2C632&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e95f0ddb696bb7852d3fa9bbb677da22e550a18ff673858f93e8dc8a47d4b3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 383979
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "31e2ab9e8842be71"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-4.png>; rel="canonical"
content-length: 81212
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 41-key-xor.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 31 KB
32 KB 64ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/41-key-xor.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4ab2717b1cbc650f5342df3428c6f9f435bf98d7cd937d43ef34a6f24dd1e6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "bee849d042092fbd"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/41-key-xor.png>; rel="canonical"
content-length: 32154
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 image-5.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 22 KB
22 KB 72ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-5.png?resize=1024%2C583&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

881b140977df4c6f689596c83982f651c56b0f56cf6434e4f6e51e13b944bb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 74729
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "2c1ec0326f51901b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/image-5.png>; rel="canonical"
content-length: 22096
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 30-google-doc1.png
i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 8 KB
8 KB 72ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/30-google-doc1.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1a9f04c17919cc16007c45a17a75d6acf87ab6eefce3bd24c7c3bfceea227fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 12805
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "8eb21209d3abb085"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/30-google-doc1.png>; rel="canonical"
content-length: 8146
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 31-googledoc2.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 8 KB
8 KB 72ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/31-googledoc2.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0f399dbdfa1e6573f9d9e97df282ac4a1b68d386400ee246929781ae25bb2b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 13049
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "0f5205f519d1814d"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/31-googledoc2.png>; rel="canonical"
content-length: 8008
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 32-googledoc3.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 12 KB
12 KB 63ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/32-googledoc3.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c4b2af93d5327a405677fe6150b8fe0d048d6494b880bf5aa1ffc2ec249acf12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 12528
last-modified: Thu, 07 May 2020 11:03:14 GMT
server: nginx
etag: "6827862f1de5eb7a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/32-googledoc3.png>; rel="canonical"
content-length: 12140
expires: Sat, 07 May 2022 23:03:14 GMT

GET
H2 200 33-btc.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 16 KB
16 KB 66ms
63ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/33-btc.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

96bb56789ff5bd5afd36e020a81cb09d5b17b740a970c2a802e6e37f8e57f29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 18571
last-modified: Thu, 07 May 2020 11:00:21 GMT
server: nginx
etag: "5e33ae7827b2e33f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/33-btc.png>; rel="canonical"
content-length: 16652
expires: Sat, 07 May 2022 23:00:21 GMT

GET
H2 200 shodan.png
i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 25 KB
25 KB 70ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/shodan.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

09cfd41ffba393bf0227ab54096bc7b7f87aba0b9953acb524e96e34a46d2761

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 278608
last-modified: Thu, 07 May 2020 11:03:15 GMT
server: nginx
etag: "5745c92cdb50baf8"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/shodan.png>; rel="canonical"
content-length: 25898
expires: Sat, 07 May 2022 23:03:15 GMT

GET
H2 200 38-c2-server.png
i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/ 42 KB
43 KB 69ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/seguranca-informatica.pt/wp-content/uploads/2020/05/38-c2-server.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

19e408fc829abef1c449e4c02a1f06d3354fc4d433e15c860929c11161cde79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 56833
last-modified: Thu, 07 May 2020 11:03:15 GMT
server: nginx
etag: "3161fc4fcc3e3d6a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://seguranca-informatica.pt/wp-content/uploads/2020/05/38-c2-server.png>; rel="canonical"
content-length: 43366
expires: Sat, 07 May 2022 23:03:15 GMT

GET
H2 200 please.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/04/ 3 KB
3 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/04/please.jpg?resize=135%2C101&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3143de2f352f099bc35d7c3c09c1fae6b7f02335911c0a0d389e1873e8c35444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 832
last-modified: Thu, 23 Apr 2020 18:35:23 GMT
server: nginx
etag: "e81d4985f4294d39"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/04/please.jpg>; rel="canonical"
content-length: 3278
expires: Sun, 24 Apr 2022 06:35:23 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 417 KB
132 KB 169ms
78ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad611fb115890c8edb7b3c1da7d6b8251d3195cd67e9b367fc66044b8ef827c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-mnt-h: 8-15
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "d36ef645fdcdb7ebd7e476413a1b4f37"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=2400
date: Fri, 15 May 2020 16:20:34 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-4
expires: Fri, 15 May 2020 17:00:34 GMT

GET
H2 200 facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 830 B
1 KB 76ms
74ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c067a7d5bc50ed4ba554421966d6c4b0140ff2ed4574640fd5abcfa1ab35be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 15
last-modified: Wed, 24 Oct 2018 02:54:20 GMT
server: nginx
etag: "1dd9609c32b75415"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length: 830
expires: Fri, 23 Oct 2020 14:54:20 GMT

GET
H2 200 twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
2 KB 73ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b980a05e2b73c6bbf5536e4281a084f6718548214c496f599f7ef427a49cc327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 12:24:22 GMT
server: nginx
etag: "bfa3a8887585ad70"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length: 1420
expires: Fri, 20 Mar 2020 00:24:22 GMT

GET
H2 200 linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
1 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

00a4c9aeb6f61ae7f260eea51d5d19a651544c01d202363463375992ef021960

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Oct 2018 02:54:20 GMT
server: nginx
etag: "a1735692818c8efc"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length: 1182
expires: Fri, 23 Oct 2020 14:54:20 GMT

GET
H2 200 reddit.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 2 KB
2 KB 74ms
72ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9eade11ffd772c4492d46969c94db94238be90cb2fc9ed98b199a64113d33920

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Oct 2018 02:54:21 GMT
server: nginx
etag: "3dd0a247965ca85e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/reddit.png>; rel="canonical"
content-length: 1566
expires: Fri, 23 Oct 2020 14:54:21 GMT

GET
H2 200 pinterest.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
2 KB 71ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3afe47d0fe0b16bc5bddecdc9bcaca94ed420b8fd0ddee2ae77364403c794bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 1227
last-modified: Wed, 24 Oct 2018 02:54:21 GMT
server: nginx
etag: "a26fbef4851320d9"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/pinterest.png>; rel="canonical"
content-length: 1502
expires: Fri, 23 Oct 2020 14:54:21 GMT

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 22ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Fri, 15 May 2020 16:25:34 GMT

GET
H2 200 UK-Government.jpg
securityaffairs.co/wordpress/wp-content/uploads/2015/11/ 64 KB
64 KB 22ms
19ms Image
image/jpeg 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2015/11/UK-Government.jpg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 78c3bdad5e08a3767f34a99197943301b69c873566b5963a058c5db8f79d5b69

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 13:43:02 GMT
server: Apache
etag: "ff57-5270415c2e580"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 65367

GET
H2 200 Turla-compfun.jpg
securityaffairs.co/wordpress/wp-content/uploads/2020/05/ 154 KB
155 KB 21ms
19ms Image
image/jpeg 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2020/05/Turla-compfun.jpg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: ab18722e030041a83b6ad77fa0039491995733f779ae68becd08880730f59018

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Fri, 15 May 2020 11:24:31 GMT
server: Apache
etag: "26927-5a5ae0e9da138"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 157991

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 6 KB
6 KB 61ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2cbb8dfc4483c9ce680df342866531ac656e8bed029dcd37a1872327023da5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 49467
last-modified: Wed, 24 Oct 2018 02:54:20 GMT
server: nginx
etag: "9dab0ad904eea31c"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 6390
expires: Fri, 23 Oct 2020 14:54:20 GMT

GET
H2 200 Samsung-Galaxy-S10.jpg
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2019/03/ 7 KB
7 KB 57ms
55ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2019/03/Samsung-Galaxy-S10.jpg?resize=300%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4eeebf3323852b7a4eaea624e02ec42ba536d654e6576b9144824670df9e40c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 15 May 2020 16:20:34 GMT
x-content-type-options: nosniff
x-bytes-saved: 9837
last-modified: Wed, 06 May 2020 13:53:09 GMT
server: nginx
etag: "5f5a9d9fafd32cd2"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2019/03/Samsung-Galaxy-S10.jpg>; rel="canonical"
content-length: 6960
expires: Sat, 07 May 2022 01:53:09 GMT

GET
H2 200 ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 105 KB
105 KB 21ms
20ms Stylesheet
text/css 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8630a5e9b221470e4baf94299937bbe590b50a2f8340c7a16533cddf9288224b

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 02 Oct 2019 22:58:45 GMT
server: Apache
etag: "1a4c9-593f56942fc53"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 107721

GET
H2 200 photon.js Show response
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 2 KB
2 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: e545b2cbe2545043982b257e784914e56f208d7540c62b0c5b321e22660eec42

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 06 May 2020 00:20:34 GMT
server: Apache
etag: "6dd-5a4efbb894fa7"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1757

GET
H2 200 jquery.adrotate.clicktracker.js Show response
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 373 B
527 B 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 06 May 2020 00:20:27 GMT
server: Apache
etag: "175-5a4efbb1e9ef2"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 373

GET
H2 200 ssba.js Show response
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
2 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 02 Oct 2019 22:58:45 GMT
server: Apache
etag: "792-593f569432b33"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1938

GET
H2 200 hint.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 987 B
1 KB 19ms
19ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "3db-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 987

GET
H2 200 jquery.tipsy.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
4 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "1113-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4371

GET
H2 200 jquery.easing.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 24ms
24ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "1fa1-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 8097

GET
H2 200 browser.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
etag: "a36-526fe6e33f200"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2614

GET
H2 200 jquery.flexslider-min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 21 KB
21 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
server: Apache
etag: "53ae-5270441274b80"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 21422

GET
H2 200 waypoints.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
etag: "1f6c-526fe6e527680"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 8044

GET
H2 200 mediaelement-and-player.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
70 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
server: Apache
etag: "11571-5270441645480"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 71025

GET
H2 200 jquery.swipebox.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 11 KB
11 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "2a67-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 10855

GET
H2 200 jquery.circliful.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 20ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "c18-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3096

GET
H2 200 jquery.smarticker.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 13 KB
13 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
etag: "3225-526fe6e433440"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 12837

GET
H2 200 custom.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 12 KB
13 KB 22ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
etag: "31d4-526fe6e33f200"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 12756

GET
H2 200 wp-embed.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 3 KB
3 KB 32ms
25ms Script
application/javascript 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=a12585769d26b925b2cfda0809b574a3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Thu, 21 Feb 2019 22:56:38 GMT
server: Apache
etag: "c8e-5826f6315ef61"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3214

GET
H2 200 e-202020.js Show response
stats.wp.com/ 9 KB
3 KB 65ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202020.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 09 May 2021 20:48:11 GMT

GET
H2 200 5b71b64b04b9a500117b1015.js Show response
buttons-config.sharethis.com/js/ 30 B
374 B 108ms
107ms Script
text/javascript 2600:9000:2093:5400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:5400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
via: 1.1 6582c239f47eb90b881c158927e7aa19.cloudfront.net (CloudFront)
last-modified: Mon, 13 Aug 2018 16:48:12 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: bNzvn4nxVnlVvpKjLs2ACrTjWeeOOfzeVVp6s04ZMon-lAcd1RbSCQ==

GET
H2 200 /
seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/embed/ Frame C98E 0
0 621ms
588ms Document
text/html 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/embed/

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: seguranca-informatica.pt
:scheme: https
:path: /brazilian-trojan-banker-is-targeting-portuguese-users-using-browser-overlay/embed/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
date: Fri, 15 May 2020 16:20:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d71bbbb2b646152431131efce32939d291589559634; expires=Sun, 14-Jun-20 16:20:34 GMT; path=/; domain=.seguranca-informatica.pt; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.5
x-pingback: https://seguranca-informatica.pt/xmlrpc.php
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/", <https://seguranca-informatica.pt/?p=7502>; rel=shortlink
x-wp-embed: true
vary: Accept-Encoding
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 593e2fe44fa2644f-FRA
content-encoding: br
cf-request-id: 02babc42aa0000644fe2a3e200000001

GET
H2 200 fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 25ms
25ms Font
application/font-woff 2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin: https://securityaffairs.co

Response headers

date: Fri, 15 May 2020 16:20:34 GMT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
server: Apache
etag: "ad90-526fe6dc92240"
content-type: application/font-woff
status: 200
accept-ranges: bytes
content-length: 44432

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame 185B 0
0 15ms
14ms Document
text/html 2600:9000:2016:4600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:4600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /v1.0/cmp/portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: max-age=600, public
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Fri, 24 Apr 2020 22:50:27 GMT
etag: W/"39db-171ae628f38"
content-encoding: gzip
date: Fri, 15 May 2020 16:11:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ba20463cf6d26f2beee0d9d3bd186ac.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: wc9F4rFlIp6prXB2bDcwL8pWF7RV4GPTyjhd8IgLayZ-ZQfjUDZxyw==
age: 560

GET
H2

200

/ Show response
securityaffairs.co/wordpress/
Redirect Chain

https://securityaffairs.co/wordpress?ga_action=googleanalytics_get_script
https://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script

493 B
470 B

1014ms
1014ms

XHR
text/html

2001:8d8:100f:f000::289
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software: Apache / PHP/7.2.30
Resource Hash: 529a8625b1d79f8a672375f5acdefd683f86f29327461266fa428aa734cb697b

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2.30
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8

Redirect headers

status: 301
date: Fri, 15 May 2020 16:20:34 GMT
server: Apache
content-length: 282
location: https://securityaffairs.co/wordpress/?ga_action=googleanalytics_get_script
content-type: text/html; charset=iso-8859-1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 395 KB
115 KB 24ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=edf0f15c033aa2529b37e0789fcc1c9b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Origin: https://securityaffairs.co

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BVBccG0Oxjyz1acP5fS4YA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 117433
etag: "b65851d51456c6eaf72c44587b25f8c4"
x-fb-debug: Y6SgFuOZaMgcqOkbZPAMf64Boaz91S+Iq+oHVcFyW+/MzPco4PbsICn2XqwTIHGLenuJnCNDIsUdoMT66eiJbw==
x-fb-trip-id: 664085054
x-fb-content-md5: d5b0dc6beb43a6929dabe2b6b9d31a0e
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:35 GMT, Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 15 May 2021 16:04:47 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
108 B 16ms
15ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1614607381&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&ul=en-us&de=UTF-8&dt=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlaySecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAUABC~&jid=2111747942&gjid=913379927&cid=1308400315.1589559635&tid=UA-59069958-1&_gid=650546449.1589559635&_r=1&z=782658623

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 17ms
16ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.5&blog=29506073&post=102858&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=2706&rand=0.7252959231627722
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 16:20:35 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 checksync.php
contextual.media.net/ Frame DACA 0
0 62ms
62ms Document
text/html 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB41O6BH&prvid=80%2C82%2C97%2C109%2C148%2C175%2C178%2C192%2C193%2C3008&rtime=19&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HB41O6BH&prvid=80%2C82%2C97%2C109%2C148%2C175%2C178%2C192%2C193%2C3008&rtime=19&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Mon, 16 Nov 2020 16:20:35 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2325612354953959000V10; Expires=Sat, 15 May 2021 16:20:35 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=28579
expires: Sat, 16 May 2020 00:16:54 GMT
date: Fri, 15 May 2020 16:20:35 GMT
content-length: 6796

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 5 KB
2 KB 162ms
161ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8HB41O6BH&region=nv&ptrid=8PREB0781&requestString=170605770*4%7C300x250%7C8CU5BD6EW%7C762221962%40170605770*97%7C300x250%7C8CU5BD6EW%7C762221962%40170605770*175%7C300x250%7C8CU5BD6EW%7C762221962%40170605770*178%7C300x250%7C8CU5BD6EW%7C762221962&crid=170605770&sd=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&bl=1&rt=5&dn=https://securityaffairs.co&https=1&act=headerBid&prvReqId=494741381084619161589559635197&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.8993041161821871&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A20353%7D&itype=HB-CM&cc=AT&ct=VIENNA&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid3S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5ef5445363d33e108bf08dd5d123c966f3be7a14a1deb6455bd46110720cd755

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1623
x-mnet-hl2: E
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 1 KB
861 B 157ms
157ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8HB41O6BH&region=nv&ptrid=8PREB0781&requestString=170605770*3008%7C1x1__1%7C8CU5BD6EW%7C762221962&crid=170605770&sd=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&bl=1&rt=5&dn=https://securityaffairs.co&https=1&act=headerBid&prvReqId=470356505079274761589559635201&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.4546267578033172&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A20353%7D&itype=HB-CM&cc=AT&ct=VIENNA&at=3&bt=1&callback=window.hbCMBidxc.rtbsnativeheaderBid3S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3d9d1a57051081c2464e3e422f44438f910c6583220b3855f2f8b4580ef55692

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 651
x-mnet-hl2: E
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 fcmdynet.js Show response
contextual.media.net/ Frame 155B 44 KB
16 KB 60ms
60ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&nse=0&vi=1589559634986306420&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&ntv=1&nb=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8943388b753b0a61169c943aed044722925528fd314b2fae6ff75e29c8c23dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
date: Fri, 15 May 2020 16:20:35 GMT
x-mnt-w: 8-21
content-length: 15930
expires: Fri, 15 May 2020 16:25:35 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3C68 43 KB
14 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "516 / 896 of 1000 / last-modified: 1589472768"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14447
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 5 KB
2 KB 359ms
358ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8HB41O6BH&region=nv&ptrid=8PREB0781&requestString=512365842*4%7C300x250%7C8CU5BD6EW%7C184323154%40512365842*97%7C300x250%7C8CU5BD6EW%7C184323154%40512365842*175%7C300x250%7C8CU5BD6EW%7C184323154%40512365842*178%7C300x250%7C8CU5BD6EW%7C184323154&crid=512365842&sd=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&bl=1&rt=5&dn=https://securityaffairs.co&https=1&act=headerBid&prvReqId=145208502895967871589559635233&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.7891298933529904&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A20377%7D&itype=HB-CM&cc=AT&ct=VIENNA&bt=1&isRefresh=0&callback=window.hbCMBidxc.rtbsheaderBid4S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f7a716c5bc28fae2b6825843b39bda0294a3535a42d9232569fb550c13bcfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 1618
x-mnet-hl2: E
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 rtbsmpubs.php Show response
contextual.media.net/ 1 KB
859 B 337ms
336ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8HB41O6BH&region=nv&ptrid=8PREB0781&requestString=512365842*3008%7C1x1__1%7C8CU5BD6EW%7C184323154&crid=512365842&sd=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&bl=1&rt=5&dn=https://securityaffairs.co&https=1&act=headerBid&prvReqId=126308144078195321589559635235&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.4121962304454534&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A20377%7D&itype=HB-CM&cc=AT&ct=VIENNA&at=3&bt=1&callback=window.hbCMBidxc.rtbsnativeheaderBid4S0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3a4b661e27334cf5f787cb9cabb4c95c1e0548e9e34c34ac50d6c02a039ddc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 649
x-mnet-hl2: E
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 fcmdynet.js Show response
contextual.media.net/ Frame CE9E 45 KB
16 KB 80ms
79ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&nse=0&vi=1589559634654056639&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&ntv=1&nb=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9e4578d3e2239de29fb48f7e18a91e6e6d632fd4154dd72ba5ce04ec50cbccd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 8-1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=300
date: Fri, 15 May 2020 16:20:35 GMT
x-mnt-w: 8-21
content-length: 16006
expires: Fri, 15 May 2020 16:25:35 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7F53 43 KB
14 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "516 / 802 of 1000 / last-modified: 1589472768"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14447
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
177 B 69ms
58ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=762221962&vi=1589559634986306420&ugd=4&lf=6&cc=AT&wsip=2886780939&r=1589559635140&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001589559635136031179494406798&gdpr=1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
177 B 71ms
59ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&vi=1589559634654056639&ugd=4&lf=6&cc=AT&wsip=2886780939&r=1589559635231&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001589559635220031179494404452&gdpr=1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 150ms
43ms XHR
text/plain 18.196.75.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=6f69f6a-17219232a77-26c5cbce-1&sessionID=1589559634551.96627&hostname=securityaffairs.co&location=%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&product=simpleshare&fcmp=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlaySecurity%20Affairs&ts1589559634551.0=&sop=false
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.75.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:35 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 pubads_impl_2020050602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3C68 243 KB
88 KB 105ms
40ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 17:23:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89224
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 nrrV78798.js Show response
contextual.media.net/2/ Frame 155B 87 KB
28 KB 51ms
51ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/2/nrrV78798.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/fcmdynet.js?&gdpr=1&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&size=300x250&cc=AT&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&nse=0&vi=1589559634986306420&lw=1&ugd=4&rtbs=1&hlt=1&dfp=1&ntv=1&nb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

33b684048873c5e22b8bae339b4a5601d7844ace2352e4fe5782217d73fb601f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "0d44cb642ff46b9b1693c39dd5714025"
vary: Accept-Encoding
x-mnet-h: 8-7
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1209600
date: Fri, 15 May 2020 16:20:35 GMT
content-length: 27982
expires: Fri, 29 May 2020 16:20:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7F53 109 B
168 B 18ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7F53 109 B
168 B 19ms
16ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020050602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7F53 243 KB
87 KB 100ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 17:23:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89224
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 mediamain.html Show response
contextual.media.net/ Frame 1F11 77 KB
24 KB 63ms
63ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=762221962&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrEBbIZGw_v2fXpyZXRW3WVE%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTB6bMiPGj-JgSAwF-osbmAKaX1zGxDg7xFDFHMfpYOSP-ogztV6kSBiT_CaHdO63wsdpLpSgbskg%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CHiAkoX8sElu9iyJi2OioE0aZXaHDM-4ZHPEkGQr-YbA1rBvE1XygWWuEYl-A4bZLdvTIozjkrVptZgXXV_x54eY64Eot6YwQqhJU_5Rq28iZcMU173TrAJAibUt_A10d%7CsRBSg3CPSiQ%3D%7C&https=1&cc=AT&bf=0&staticIframe=1&vif=1&vi=1589559634986306420&lw=1&ugd=4&ib=0&katid=801338185&katbid=-21&katen=1&nb=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

03dba150e9ad034d437ff7643ca7d45ee4bf4656b5179d11b5eb91045bfab080

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
x-mnt-hl3: 8-7
cache-control: max-age=300
x-mnt-w: 8-20
content-length: 24036
expires: Fri, 15 May 2020 16:25:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 54ms
51ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20610&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=%7C&lper=1&patint%3C%3E=&mx_SD=&mx_PC=&mx_SPRIG=&mx_UCC=&mx_GCID=&mx_IAB2=&mx_SC=&mx_dgf=&mx_BCT=&mx_bsBucket=&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=&mx_uid_sent=&mx_sbp=&mx_aqcpl_crid=&mx_aurt=&pvid=4&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=31&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.01&cbdp=0.01&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.01&nms=1&di=&dt=O&epc=762221962&ogbdp=0.01&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D100%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D762221962%7C%7Csd%3D1%7C%7Cuid%3D3o7iBuev0b7aFjvZaU%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910973444096%7C%7Cscd%3D9%7C%7Cuim%3D283%7C%7Css%3D1600x1200%7C%7Cuiw%3D59%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1816%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.04%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D0.01%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D0.01%7C%7Ccbdp%3D0.01%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cdmm%3D&cmpid=&bId=&pcrid=8CU5BD6EW-762221962-20-18&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CU5BD6EW%26crid%3D762221962%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F102858%252Fcyber-crime%252Fbrazilian-trojan-banker-targets-portugal.html&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=15&ybnca_gbid=&ybnca_erpm=0.01&ybnca_vbid=0.01&yogbdp=0.62&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=26882024241382724_1558549764_17060577041&dStat=0&ogbid=0.62&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=184&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=1&toconsider=1&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&pvid=3008&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=3052&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=470356505079274761589559635201&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cmd_rq%3D1%7Cbfl%3D-100%7Csce%3D0%7Cfl_rl%3D1%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=29&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-42&ltime=169&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=1&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&pvid=97&prvAccId=AT&prvApiId=8CU5BD6EW&exid=9&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cebv%3D1%7Cmd_rq%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=15&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=188&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 49ms
47ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=prlog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20610&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&mowxReqId=470356505079274761589559635201&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=3008&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=3052&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cmd_rq%3D1%7Cbfl%3D-100%7Csce%3D0%7Cfl_rl%3D1%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=2&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-42&ltime=169&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=1&sslt=0&dur=158&wt=157&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=1&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=4&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=31&pcId=0000EEA&bdp=0.01&cbdp=0.01&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.01&nms=1&di=&dt=O&epc=762221962&ogbdp=0.01&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D100%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D762221962%7C%7Csd%3D1%7C%7Cuid%3D3o7iBuev0b7aFjvZaU%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910973444096%7C%7Cscd%3D9%7C%7Cuim%3D283%7C%7Css%3D1600x1200%7C%7Cuiw%3D59%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1816%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.04%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D%25%25ERPM_OR_OGBDP%25%25%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D%25%25ORIGINAL_CPM%25%25%7C%7Ccbdp%3D%25%25CBDP%25%25%7C%7Cbflag%3D%25%25ERPM_FLAG%25%25%7C%7Csobp%3D%25%25SC_ORIGINAL_CPM%25%25%7C%7Cdmm%3D%25%25DMS_STRATEGY%25%25&cmpid=&bId=&pcrid=8CU5BD6EW-762221962-20-18&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CU5BD6EW%26crid%3D762221962%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F102858%252Fcyber-crime%252Fbrazilian-trojan-banker-targets-portugal.html&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=2&ybnca_gbid=&ybnca_erpm=0.01&ybnca_vbid=0.01&yogbdp=0.62&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=26882024241382724_1558549764_17060577041&dStat=0&ogbid=0.62&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=184&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=162&wt=161&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=1&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&pvid=97&prvAccId=AT&prvApiId=8CU5BD6EW&exid=9&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cebv%3D1%7Cmd_rq%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=188&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=162&wt=161&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=175&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=64&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cfl_rl%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=192&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=162&wt=161&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 32ms
32ms Image
text/plain 18.196.75.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&fpc=6f69f6a-17219232a77-26c5cbce-1&sessionID=1589559634551.96627&hostname=securityaffairs.co&location=%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&product=simpleshare&fcmp=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlaySecurity%20Affairs&ts1589559634551.0=&sop=false&img_pview=true
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.75.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-75-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:35 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3C68 47 KB
14 KB 379ms
378ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1888360022779446&correlator=3376213737601562&output=ldjh&impl=fif&eid=21066032&vrg=2020050602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200515&iu_parts=45361917%2C8CU5BD6EW-762221962-300x250_inside_post&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=crid%3D762221962%26mnet_segment%3D0.01%26mnet_variant%3D454%26pub_domain%3Dsecurityaffairs.co%26mnet_cc%3DAT%26mnet_bucketid%3Db3%26mnet_nat_tpid%3D801338185%26PubMaticSS%3D1610%26RubiconSS%3D2209%26mnet_pid%3D8PRHGG6T9%26fp%3Dqcqw&eri=4&cookie_enabled=1&bc=31&abxe=1&lmt=1589559635&dt=1589559635581&dlt=1589559635214&idt=348&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=524&adys=18948&adks=3236558092&ucis=epuu3vlzwhjl&ifi=1&ifk=2466213759&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&top=securityaffairs.co&dssz=3&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1308400315.1589559635&ga_sid=1589559636&ga_hid=946817126&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

4f5d63e7586ad8ce5d9480830f25719ef8cf10c1a06940720693a6695248ac47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13924
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C68 0
0 65ms
38ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C68 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7F53 47 KB
14 KB 302ms
302ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2031246480065484&correlator=2897415333346817&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513%2C21066153&vrg=2020050602&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200515&iu_parts=45361917%2C8CU5BD6EW-184323154-Single_post_ads&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=crid%3D184323154%26mnet_segment%3D0.01%26mnet_variant%3D426%26pub_domain%3Dsecurityaffairs.co%26mnet_cc%3DAT%26mnet_bucketid%3Db3%26mnet_nat_tpid%3D801333288%26PubMaticSS%3D1610%26RubiconSS%3D2209%26mnet_pid%3D8PRHGG6T9%26fp%3Dqcqw&eri=4&cookie_enabled=1&bc=31&abxe=1&lmt=1589559635&dt=1589559635640&dlt=1589559635256&idt=259&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=973&adys=413&adks=4133934225&ucis=ym2b1lx8rtnq&ifi=1&ifk=2466213759&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&top=securityaffairs.co&dssz=5&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1308400315.1589559635&ga_sid=1589559636&ga_hid=1158404618&ga_fc=true&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

03fcab33efab59bfc9dba3af377fa428add1336253883341102344a99f8c247f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14043
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7F53 0
0 55ms
39ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7F53 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 mediamain.html Show response
contextual.media.net/ Frame F3DB 76 KB
23 KB 509ms
508ms Script
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/mediamain.html?&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&pid=8PO5M70HK&size=300x250&cpnet=yVb1sHm-0KIh29BOFTjjrHvHwrQGlpByWaOO1vn303s%3D&cme=eEtcsJgYJO1jFFuG_phxILm1bGJRzeTIpvEWkvsidcQCD6AysYmBKjAMFnksBPXTB6bMiPGj-JgSAwF-osbmAKaX1zGxDg7xFDFHMfpYOSP_mq8hksjZlVXlxCtVhWpjiqqvOYH5okM%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CN7fu2vKt8_s%3D%7CHiAkoX8sElu9iyJi2OioE0aZXaHDM-4ZHPEkGQr-YbA1rBvE1XygWWuEYl-A4bZLdvTIozjkrVptZgXXV_x54eY64Eot6YwQqhJU_5Rq28iZcMU173TrAJAibUt_A10d%7CsRBSg3CPSiQ%3D%7C&https=1&cc=AT&bf=0&staticIframe=1&vif=1&vi=1589559634654056639&lw=1&ugd=4&ib=0&katid=801333288&katbid=-21&katen=1&nb=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-247-224-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b00255e2d2d565683961872ccad2b264ebd865368a0688c7d49309dabc56ca61

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 15 May 2020 16:20:36 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
x-mnt-hl3: 8-7
cache-control: max-age=300
x-mnt-w: 8-18
content-length: 23728
expires: Fri, 15 May 2020 16:25:36 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 52ms
51ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=prlog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20930&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&pvid=178&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=65&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbrm%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=25&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=195&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=162&wt=161&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=126308144078195321589559635235&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=3008&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=3052&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cmd_rq%3D1%7Cbfl%3D-100%7Csce%3D0%7Cfl_rl%3D1%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-40&ltime=364&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=344&wt=344&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=1&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=4&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=31&pcId=0000EEA&bdp=0.01&cbdp=0.01&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.01&nms=1&di=&dt=O&epc=184323154&ogbdp=0.01&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D184323154%7C%7Csd%3D1%7C%7Cuid%3Dl0Jg9UHG3zlH1Ob5J%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910965055488%7C%7Cscd%3D9%7C%7Cuim%3D295%7C%7Css%3D1600x1200%7C%7Cuiw%3D60%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1815%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.03%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D%25%25ERPM_OR_OGBDP%25%25%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D%25%25ORIGINAL_CPM%25%25%7C%7Ccbdp%3D%25%25CBDP%25%25%7C%7Cbflag%3D%25%25ERPM_FLAG%25%25%7C%7Csobp%3D%25%25SC_ORIGINAL_CPM%25%25%7C%7Cdmm%3D%25%25DMS_STRATEGY%25%25&cmpid=&bId=&pcrid=8CU5BD6EW-184323154-20-27&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CU5BD6EW%26crid%3D184323154%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F102858%252Fcyber-crime%252Fbrazilian-trojan-banker-targets-portugal.html&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=1&ybnca_gbid=&ybnca_erpm=0.01&ybnca_vbid=0.01&yogbdp=0.01&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=5676616941287231_902028012_51236584241&dStat=0&ogbid=0.01&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=24&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=376&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=367&wt=367&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=1&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&pvid=97&prvAccId=AT&prvApiId=8CU5BD6EW&exid=9&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cebv%3D1%7Cmd_rq%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=379&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=367&wt=367&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 53ms
53ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20930&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=175&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=64&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cfl_rl%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=13&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=192&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&pvid=178&prvAccId=762221962&prvApiId=8CU5BD6EW&exid=65&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=494741381084619161589559635197&crid=170605770&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=762221962&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=170605770&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbrm%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=14&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=181281141726807711589559635187&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-37&ltime=195&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=209&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=454&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=0&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=&rtbsv2=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=1&toconsider=0&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=%7C&lper=1&patint%3C%3E=&mx_SD=&mx_PC=&mx_SPRIG=&mx_UCC=&mx_GCID=&mx_IAB2=&mx_SC=&mx_dgf=&mx_BCT=&mx_bsBucket=&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=&mx_uid_sent=&mx_sbp=&mx_aqcpl_crid=&mx_aurt=&pvid=4&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=31&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.01&cbdp=0.01&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.01&nms=1&di=&dt=O&epc=184323154&ogbdp=0.01&s=1&snm=success&dbf=1&bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D184323154%7C%7Csd%3D1%7C%7Cuid%3Dl0Jg9UHG3zlH1Ob5J%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910965055488%7C%7Cscd%3D9%7C%7Cuim%3D295%7C%7Css%3D1600x1200%7C%7Cuiw%3D60%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1815%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.03%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D0.01%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D0.01%7C%7Ccbdp%3D0.01%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cdmm%3D&cmpid=&bId=&pcrid=8CU5BD6EW-184323154-20-27&ruct=0&brs=&brr=&iurl=https%3A%2F%2Fiurl-a.akamaihd.net%2Fybntag%3F%26cid%3D8CU5BD6EW%26crid%3D184323154%26size%3D300x250%26requrl%3Dhttps%253A%252F%252Fsecurityaffairs.co%252Fwordpress%252F102858%252Fcyber-crime%252Fbrazilian-trojan-banker-targets-portugal.html&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbfl%3D-100%7Cclt%3D0%7Cfl_rl%3D1%7Cdbr%3D1%7Ctkd%3Dnull&bfs=0&seat=&nbr=0&ba=12&ybnca_gbid=&ybnca_erpm=0.01&ybnca_vbid=0.01&yogbdp=0.01&yErpmFlag=1&smsrc=1&strg=&ybnca_bbid=-1.0&prvReqId=5676616941287231_902028012_51236584241&dStat=0&ogbid=0.01&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=24&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=376&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=1&toconsider=1&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&patint=&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 46ms
44ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=prlog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20930&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&pvid=175&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=64&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cfl_rl%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=381&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=367&wt=367&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&pvid=178&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=65&pcId=0000EEA&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbrm%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=29&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=386&abs=0&ssregion=&ssreqid=&sssvnm=&cnt=0&dnst=0&dwnt=0&sslt=0&dur=367&wt=367&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&osnbr=&binfobid=&toconsider=0&td=r%3Dstr%7Cab%3D0%7C&lper=10&mnrf=0&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 47ms
46ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=aplog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20930&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=3008&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=3052&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=126308144078195321589559635235&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cmd_rq%3D1%7Cbfl%3D-100%7Csce%3D0%7Cfl_rl%3D1%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=26&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-40&ltime=364&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=1&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&pvid=97&prvAccId=AT&prvApiId=8CU5BD6EW&exid=9&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=unknown&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cebv%3D1%7Cmd_rq%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=14&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=379&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&pvid=175&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=64&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=1&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cfl_rl%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=69&ba=15&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=381&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&pvid=178&prvAccId=184323154&prvApiId=8CU5BD6EW&exid=65&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=145208502895967871589559635233&crid=512365842&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0.00&cbdp=0.00&dcbdp=0&ckfl=0&cs=&mnet_ckfl=0&cat=&attr=&advId=&advNm=&advUrl=null&dfpBd=0.00&nms=1&di=&dt=O&epc=184323154&ogbdp=0.00&s=2&snm=nobid&dbf=1&bdata=&cmpid=&bId=&pcrid=512365842&ruct=0&brs=&brr=&iurl=&htps=0&ptype=27&pbidflr=0.00&exp=sfl%3Dfalse%7Cbrm%3D1%7Cbfl%3D-100%7Cdbr%3D0%7Ctkd%3Dnull&bfs=0&seat=&nbr=5&ba=12&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=0&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=119840189664175911589559635232&act=headerBid&dtfdl=&dspltime=&ttfd=&rtime=&dtc=nydc&rtbsv2=&apid=1&wsip=c10-mowx-web-56&ltime=386&abs=0&ssregion=&ssreqid=&sssvnm=&top=0&btm=0&lft=0&rght=0&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint%3C%3E=&pc=&spSource=0&spIvt=3&spId=&spFst=0&spIsReq=3&spTo=3&mx_SD=&mx_PC=1&mx_SPRIG=0&mx_UCC=2&mx_GCID=0&mx_IAB2=0&mx_SC=0&mx_dgf=0&mx_BCT=&mx_bsBucket=0&mx_BCE=&mx_lr=&mx_BCW=&mx_bsProfile=0&mx_uid_sent=0&mx_sbp=-10&mx_aqcpl_crid=0&mx_aurt=0&pgcatiab=IAB11-2&pgcatiab2=380&pgcatsprig=704&gFunDl=&ngFunDl=&rDl=&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=&actltime=389&acsn=1&dfpDiv=&dfpAdPath=&dfpPos=&sbdrid=426&bbdrid=&td=r%3Dstr%7Cab%3D0%7C&lper=10&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 49ms
48ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=relog&pid=8PREB0781&itype=HB-CM&dn=securityaffairs.co&cid=8HB41O6BH&svr=2020051210_800&servname=hbcm_na&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589559635376031179494407183&vsid=&sd=1&gtd=400&inid=0&gfd=&cc=AT&sc=&ct=VIENNA&abte=CONTROL&adbd=0&amp=0&version=1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=20930&cl=&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&ffp=0.01&efp=qcqw&mdf=0.01&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CU5BD6EW-762221962-300x250_inside_post&src=Dynamic&lper=1&ffp=0.01&efp=qcqw&mdf=0.01&mdk=mnet_segment&rp=&rf=&rfs=nfetched&dfpAdPath=%2F45361917%2F8CU5BD6EW-184323154-Single_post_ads&src=Dynamic&lper=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&kwrf=&epurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:35 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 container.html
16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AE81 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 15 May 2020 16:20:35 GMT
expires: Sat, 15 May 2021 16:20:35 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F53 73 KB
27 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589369616634380"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7F53 7 KB
6 KB 22ms
21ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b6deffc43de9c7426c4fc7d002bccbac326d4dff4a4f057b44c6d8cb0b8ed51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0

GET
H2 200 container.html
d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D1AA 0
0 8ms
7ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 15 May 2020 16:20:35 GMT
expires: Sat, 15 May 2021 16:20:35 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C68 73 KB
27 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589369616634380"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C68 7 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7aaacd0404f62ea32e9d4323615330e1f2d4929221a97f0aecaae8a3ba82047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5588
x-xss-protection: 0

GET
H2 200 rtblog.php
lg3.media.net/ 35 B
177 B 73ms
65ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/rtblog.php?&gdpr=1&vgd_l1rakh=1589559634167162419&vgd_hbReqId=T1589486711C8S5U520&vgd_uspa=0&vgd_isiolc=1&l3ch=4&cc=AT&vgd_implt=0&movlimp=0&vgd_dfp_tgt={%22crid%22:%22762221962%22,%22mnet_segment%22:%220.01%22,%22mnet_variant%22:%22454%22,%22pub_domain%22:%22securityaffairs.co%22,%22mnet_cc%22:%22AT%22,%22mnet_bucketid%22:%22b3%22,%22mnet_nat_tpid%22:%22801338185%22,%22PubMaticSS%22:%221610%22,%22RubiconSS%22:%222209%22,%22mnet_pid%22:%228PRHGG6T9%22}&vgd_scr_h=1200&vgd_scr_w=1600&vgd_optout=0&vgd_bdata=sd2%3Dnull%7C%7Cbb%3D100%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D762221962%7C%7Csd%3D1%7C%7Cuid%3D3o7iBuev0b7aFjvZaU%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910973444096%7C%7Cscd%3D9%7C%7Cuim%3D283%7C%7Css%3D1600x1200%7C%7Cuiw%3D59%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1816%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.04%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D0.01%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D0.01%7C%7Ccbdp%3D0.01%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cdmm%3D&vgd_is_amp=0&vgd_rensize=300_250&vgd_l2wsip=2886781338&wsip=2886781338&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=762221962&pid=8PO4A4J48&size=300x250&vi=1589559634986306420&ugd=4&bdrid=8&subBdr=454&bdrct=0.01&adx=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_crefurl=undefined&vgd_dfpnc=0&vgd_refadx=15&vgd_demp=0&vgd_refcnf={%22a2y%22:{%22afterLoadSecs%22:30,%22afterViewSecs%22:10,%22percentTraffic%22:95,%22ignoreSessionDisable%22:true,%22both%22:false}}&rtbsd=10&bto=0&vgd_aid=181281141726807711589559635187&vgd_rt=226&vgd_l1ch=1&vgd_l2ch=1&pti=41&https=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&vgd_mseg=0.01&hvsid=00001589559635136031179494406798&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:36 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F53 14 KB
5 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 200 rtblog.php
lg3.media.net/ 35 B
177 B 99ms
86ms Image
image/gif 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/rtblog.php?&gdpr=1&vgd_l1rakh=1589559634167162419&vgd_hbReqId=T1589486711C8S5U520&vgd_uspa=0&vgd_isiolc=1&l3ch=4&cc=AT&vgd_implt=0&movlimp=0&vgd_dfp_tgt={%22crid%22:%22184323154%22,%22mnet_segment%22:%220.01%22,%22mnet_variant%22:%22426%22,%22pub_domain%22:%22securityaffairs.co%22,%22mnet_cc%22:%22AT%22,%22mnet_bucketid%22:%22b3%22,%22mnet_nat_tpid%22:%22801333288%22,%22PubMaticSS%22:%221610%22,%22RubiconSS%22:%222209%22,%22mnet_pid%22:%228PRHGG6T9%22}&vgd_scr_h=1200&vgd_scr_w=1600&vgd_optout=0&vgd_bdata=sd2%3Dnull%7C%7Cbb%3D196%7C%7Cvv%3D0%7C%7Cerpm%3D0.01%7C%7Cogerpm%3D0.01%7C%7Cxgboost_l%3D0%7C%7Csid%3D184323154%7C%7Csd%3D1%7C%7Cuid%3Dl0Jg9UHG3zlH1Ob5J%7C%7Cdc2%3D1%7C%7Cbtd%3D2920667141984588417064910965055488%7C%7Cscd%3D9%7C%7Cuim%3D295%7C%7Css%3D1600x1200%7C%7Cuiw%3D60%7C%7CMP%3D.*crime.*%7C%7Cxgb_sd%3D2020041800%7C%7Clast%3D0%7C%7CCI%3D1815%7C%7Cip%3D3p0B6H%7C%7Cfbb%3D0%7C%7Cxgb_nt%3D101%7C%7Ctb%3D-1%7C%7Cct%3Dvienna%7C%7Crc%3D1%7C%7Cbasis2%3D196%7C%7Curl_b%3D0.03%7C%7Cbasis1%3D196%7C%7CisRef%3D0%7C%7CPF%3D0%7C%7Clc%3D1%7C%7Curl_l%3D60%7C%7Cxgboost_b%3D0.37%7C%7Cbid%3D0.01%7C%7Cxgb_b%3D0.37%7C%7Cdc%3D7%7C%7Cgcat%3D500986%7C%7Cogbid%3D0.01%7C%7Ccbdp%3D0.01%7C%7Cbflag%3D1%7C%7Csobp%3D0%7C%7Cdmm%3D&vgd_is_amp=0&vgd_rensize=300_250&vgd_l2wsip=2886781338&wsip=2886781338&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&pid=8PO4A4J48&size=300x250&vi=1589559634654056639&ugd=4&bdrid=8&subBdr=426&bdrct=0.01&adx=1&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D0&vgd_crefurl=undefined&vgd_dfpnc=0&vgd_refadx=15&vgd_demp=0&vgd_refcnf={%22a2y%22:{%22afterLoadSecs%22:30,%22afterViewSecs%22:10,%22percentTraffic%22:95,%22ignoreSessionDisable%22:true,%22both%22:false}}&rtbsd=10&bto=0&vgd_aid=119840189664175911589559635232&vgd_rt=402&vgd_l1ch=1&vgd_l2ch=1&pti=41&https=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&vgd_mseg=0.01&hvsid=00001589559635220031179494404452&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:36 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A67B 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 15 May 2020 15:48:31 GMT
expires: Sat, 15 May 2021 15:48:31 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1925
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C68 14 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 200 analytics.js Show response
google-analytics.com/ 45 KB
18 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5711
date: Fri, 15 May 2020 14:45:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 16:45:25 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
104 B 8ms
6ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1614607381&t=pageview&_s=2&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&ul=en-us&de=UTF-8&dt=Brazilian%20trojan%20banker%20is%20targeting%20Portuguese%20users%20using%20browser%20overlaySecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAUABC~&jid=&gjid=&cid=1308400315.1589559635&tid=UA-59069958-1&_gid=650546449.1589559635&z=1764436759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 05:26:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 212056
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 74ED 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 15 May 2020 15:48:31 GMT
expires: Sat, 15 May 2021 15:48:31 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1925
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 44ms
44ms Image
text/javascript 72.247.224.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lg3.media.net/bqi.php?lf=3&&gdpr=1&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&pid=8PO4A4J48&size=300x250&vi=1589559634654056639&ugd=4&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F102858%2Fcyber-crime%2Fbrazilian-trojan-banker-targets-portugal.html&bdrid=8&subBdr=426&cc=AT&vgd_isiolc=1&hvsid=00001589559635220031179494404452
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:36 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Fri, 15 May 2020 16:20:36 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F53 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=2031246480065484&bg=!NjWlNS1YFhxacr5dz9cCAAAAx1IAAAAcmQGWdw_F0QLCKD9VyV-heNmSWhGc69JOz1b_vXU0DqM4dznmCaqwn5cJMS5KoDQNXmCb8LC3FWR72J-aV_PLMSqF3ky6XUR2cQgq2BCDzkdECGLor5q8hTTpJt2QZnln49h2C95EKGvdwQrN0CHtEXE9jTlfTslW9DPqZv0Y5L-GgoxmbXGQpYSaESqPlUHef3VkGosxkYcLxVR1h0g_3jGBY3VpJIi-syOyViS78bSiiJcAALFM_u2PmovDI9bR3qfpPKTDTfMDhoVM33iv7ZiLOHrQba5DyMViW-FUaMFOUdPz0Y2c39qYK_E1Nb2sKPyWLr-FVSY8t80_l4KO5FTsRtgsqNmVTW28glBNjuGXEDu3QlrDlmZ042wQUlOmyy0WcdnRBoA7k0g3aXYZGlvU3-UXnFLL2va31egGwB5P-9n6M_87bcb9UfAvAFMeqU1Pi6pDMXpHjv4u1rIJg2JY92aTV2_y5n2Bc4sR-1rwRPrlUimm4bZKz2uXUusp9KX8UmZ_-ti4b_1B0AEf-sryBH5mWrx0zg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C68 0
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=1888360022779446&bg=!p6SlpLxYSIk8CIr7P40CAAAAy1IAAAAamQGWeqLAm2Ox92bgzzXQwYglCzmnJjo6L1hNXHgegnjtHUOq4GaInL-QgjfO5JLD6Von3nCwQLkDoGgLqTS0TrG6wFAq8N9UvxSlZbH3QrJinetVhHZ5GC4NDxJ1evzAdj3VwQx4PSMnKyiyWIm-4hsHuSOmFpqT8TBGSITqB6IZ5B59OPhPFVPX_pbfmgPX2enLafj9EAltnzTcWGknamqg-OyuVg7W9NIhBKlYiYW7UlKhwrp8ENfFwEt_EUR9-Fkc0riZPMyHV87vkktDJ5KlRabUfjXnFg4Xe49NL9bCwwHREeeSlU8XVxa1o8Lgg2G5-BBK-xFTvkx1d0oBjxbO-aSPBxRU4M7Dv4CtG7cnnvW1GMCQAIIMaM6m9gK60DsfYfm-Mm1wsbsbMX7Bxz0Yay1SIA1EzkhiSrBGTL7BzmZDWKBbQ5ulfgSIR1GvhEVa993g96oSeLbwpQs8te6gdRhaDzrRHMxyWuEvPdlXmjRFMwPS6JatUxkZQbGT605EBWfwSMiB1nfSjH_2GNzB3CdFxyOqrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/wordpress/102858/cyber-crime/brazilian-trojan-banker-targets-portugal.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=a12585769d26b925b2cfda0809b574a3

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=a12585769d26b925b2cfda0809b574a3

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a12585769d26b925b2cfda0809b574a3

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=a12585769d26b925b2cfda0809b574a3

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.media.net/	1970-01-19 18:18:15	Name: visitor-id Value: 2325612354953959000V10
.media.net/	1970-01-19 13:59:03	Name: gdpr_status Value: 1
securityaffairs.co/	1970-01-19 09:32:41	Name: session_depth Value: securityaffairs.co%3D1%7C762221962%3D1%7C184323154%3D1
securityaffairs.co/	1969-12-31 23:59:59	Name: hbcm_sd Value: 1%7C1589559635158
.securityaffairs.co/	1970-01-20 03:03:51	Name: _ga Value: GA1.2.1308400315.1589559635
.securityaffairs.co/	1970-01-19 09:34:06	Name: _gid Value: GA1.2.650546449.1589559635
.securityaffairs.co/	1970-01-19 09:32:39	Name: _gat Value: 1
securityaffairs.co/	1970-01-19 18:18:15	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.co/	1970-01-19 16:09:03	Name: __unam Value: 6f69f6a-17219232a77-26c5cbce-1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 45) Message: JQMIGRATE: jQuery.fn.load() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 47) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 45) Message: JQMIGRATE: jQuery.fn.unload() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=1.4.1(Line 47) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16b281488dc6057fd6a76b0ae6a8990f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
connect.facebook.net
contextual.media.net
d318e56cae6bfe2f366f6b13b944e3ff.safeframe.googlesyndication.com
fonts.googleapis.com
google-analytics.com
hblg.media.net
i0.wp.com
i1.wp.com
i2.wp.com
l.sharethis.com
lg3.media.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.wp.com
platform-api.sharethis.com
secure.gravatar.com
securepubads.g.doubleclick.net
securityaffairs.co
seguranca-informatica.pt
stats.wp.com
tpc.googlesyndication.com
ws.sharethis.com
www.google-analytics.com
www.googletagservices.com
fonts.googleapis.com
18.196.75.213
192.0.76.3
192.0.77.2
2001:4de0:ac19::1:b:2b
2001:8d8:100f:f000::289
216.58.212.130
2600:9000:2016:4600:c:a9b7:ddc0:93a1
2600:9000:2016:6a00:3:c04e:c780:93a1
2600:9000:2016:9c00:1c:8a07:5e80:93a1
2600:9000:2093:5400:c:abe:f440:93a1
2606:4700:3037::681b:bc6c
2a00:1450:4001:806::2002
2a00:1450:4001:814::2002
2a00:1450:4001:819::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
72.247.224.27
00a4c9aeb6f61ae7f260eea51d5d19a651544c01d202363463375992ef021960
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
03dba150e9ad034d437ff7643ca7d45ee4bf4656b5179d11b5eb91045bfab080
03fcab33efab59bfc9dba3af377fa428add1336253883341102344a99f8c247f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09cfd41ffba393bf0227ab54096bc7b7f87aba0b9953acb524e96e34a46d2761
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0d2e40725eeb1a7943abd826d1e98814112e7c320e17a1d57363945ce572dbb0
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f399dbdfa1e6573f9d9e97df282ac4a1b68d386400ee246929781ae25bb2b00
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
1423f118a35dc9c99fff8faa25d7dc1872bf55c5e4d3298b28ee0fc361a4ca5d
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
19e408fc829abef1c449e4c02a1f06d3354fc4d433e15c860929c11161cde79f
1a9f04c17919cc16007c45a17a75d6acf87ab6eefce3bd24c7c3bfceea227fe5
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1b937ce86d2da545daa12a92d1a4ef4014f4a2040ac172e9f9dd91e851aefe2a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f69c44fcfa913d215e8ccaf16b3157e04be199fa33d448a68c22cfdf8046e9f
200456f2a4656318f81c2fae12ff3f6b5cf41d1a3d8249068d5f3bd1b7be96aa
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
24154d5bff15e876d0c365bcc5f3dcb6f1c385455a21005fac10cf13d188c850
241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb
25cd4564a7244555a553a8bf04a1340b64e3350cb31e390a9e6fc22a92d699dc
29f354063fc5a7f36bcf627f8adf6a4d9c76d76c1cff98d0f070368a1b3b6241
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2cbb8dfc4483c9ce680df342866531ac656e8bed029dcd37a1872327023da5f8
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3143de2f352f099bc35d7c3c09c1fae6b7f02335911c0a0d389e1873e8c35444
33b684048873c5e22b8bae339b4a5601d7844ace2352e4fe5782217d73fb601f
361ebb8d4bbe222b2b01898594d49e7d9503137dfe6843167f253c1ccc25300a
38ab70c9b0e10b4f4416b62c90de3d0f02016e1d89ce78414871aebfb923fe11
3a4b661e27334cf5f787cb9cabb4c95c1e0548e9e34c34ac50d6c02a039ddc70
3afe47d0fe0b16bc5bddecdc9bcaca94ed420b8fd0ddee2ae77364403c794bb8
3d9d1a57051081c2464e3e422f44438f910c6583220b3855f2f8b4580ef55692
401affba0a3df0e1afe5531d1636c9819a32076632167474ee892f21c1548fd8
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4ab2717b1cbc650f5342df3428c6f9f435bf98d7cd937d43ef34a6f24dd1e6f9
4eeebf3323852b7a4eaea624e02ec42ba536d654e6576b9144824670df9e40c4
4f5d63e7586ad8ce5d9480830f25719ef8cf10c1a06940720693a6695248ac47
529a8625b1d79f8a672375f5acdefd683f86f29327461266fa428aa734cb697b
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
558e3c946e3b07f85c7d5264ae6582207dda4af580df34df3e34cf747a950058
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5ef5445363d33e108bf08dd5d123c966f3be7a14a1deb6455bd46110720cd755
684af96d86f300e7c64ccddafb167e529bd6829b7d39d9532ac02ba4fd8fff88
6ad1dc3b2a55651a98caeccafddbd0db2469f2255c80064797b488d49df73daf
6cdd5883e49891ba759437b6a12684d0ec8d152c37b75f6bfa86a29244e3ccd8
6e9a60a09b0d46d216c72c4f01230075a568bc862b8c8f17e806ee13a04718d7
6eedbd6421a0e283b21e5607feda5e04406b40e973d34f80afecd40b3c7584cd
712d0318dcc1a6a613df70c235d2e28714b14ab0509b68f56a9daff591eacfb7
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
78c3bdad5e08a3767f34a99197943301b69c873566b5963a058c5db8f79d5b69
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c7902ec2ade13e0bf381c1c7c24ec2de86b73c94516c6817d7e18a257317205
7c9327f7776aea1817cda79424fe94fc6c6bf98c306918e519cf9f2789167716
7f7a716c5bc28fae2b6825843b39bda0294a3535a42d9232569fb550c13bcfdd
800bbb85be1a26c329fa56500d0e2f007f7294f7a67771cc3bb3b3f480a9cd9c
81e82457fb12ef9a7b3981eceba4363763a703fd04bbe4da183903fd74e2cbcd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cd0fb32bf843e30cc16d02263c6105d6c3acf7526ef55faea1afaadcd57b64
8630a5e9b221470e4baf94299937bbe590b50a2f8340c7a16533cddf9288224b
881b140977df4c6f689596c83982f651c56b0f56cf6434e4f6e51e13b944bb2f
8943388b753b0a61169c943aed044722925528fd314b2fae6ff75e29c8c23dec
8b6deffc43de9c7426c4fc7d002bccbac326d4dff4a4f057b44c6d8cb0b8ed51
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
96bb56789ff5bd5afd36e020a81cb09d5b17b740a970c2a802e6e37f8e57f29b
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9a5bc5e8bd62ad4f8d9709fe47f166cb035b6007fa652e9f65cdbab39f42a6e0
9b5b9b8b1984a7b55656ca3d243deb436e049467353f6e61e73ac8bd0ab2a636
9de915b8773f1be6b99448d8fbdb7c359f10b5a06f544181597b8523eca6278b
9e4578d3e2239de29fb48f7e18a91e6e6d632fd4154dd72ba5ce04ec50cbccd1
9eade11ffd772c4492d46969c94db94238be90cb2fc9ed98b199a64113d33920
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a4750c7a5cdbeeeea1c01fe3cffb6cb8bbb56f0e0ab1546a29030a3a08a0057c
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a6f6a68da852fe76f3b5a6ce0d02be3e8cac52e79f4b82f63b1eda5168dce0c6
a7aaacd0404f62ea32e9d4323615330e1f2d4929221a97f0aecaae8a3ba82047
ab18722e030041a83b6ad77fa0039491995733f779ae68becd08880730f59018
ad611fb115890c8edb7b3c1da7d6b8251d3195cd67e9b367fc66044b8ef827c1
af59a0033a8f1fde415bd8f28d7d7b9c6509e1ca24c9d5d13e87da9072148e9e
b00255e2d2d565683961872ccad2b264ebd865368a0688c7d49309dabc56ca61
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3
b63151f7579a782a544185e4cdf3e2cff7fd2b4d3889252125c2d3d14fc94070
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b980a05e2b73c6bbf5536e4281a084f6718548214c496f599f7ef427a49cc327
c067a7d5bc50ed4ba554421966d6c4b0140ff2ed4574640fd5abcfa1ab35be11
c4b2af93d5327a405677fe6150b8fe0d048d6494b880bf5aa1ffc2ec249acf12
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
cb4b78cf8305a5333f7debcd8a5a210837210b442d5702b278dd93255dd55232
cef287260664425f3cc1bb663632c893e0ad4afdb59986d2d3bd9fc65236a822
d24350e3a8c6e3963544189c3d0cfcd8c11e5dbac0de76aace83993b7d16dcf6
d60be5f2fb9ff47b6488a20dcc1596c17ed3f25c1a1cef2a27455929dd8ad558
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
dce50148adaff4dccd1d95c9b25563011436e398272d530e974193b8685340a2
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e545b2cbe2545043982b257e784914e56f208d7540c62b0c5b321e22660eec42
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e95f0ddb696bb7852d3fa9bbb677da22e550a18ff673858f93e8dc8a47d4b3aa
ea8e0db18c15f6f4e6e1faf43ee05a57032370152a4d08775203f2aa03e64b66
eef2f7c2218f44b7d06482e019099e713042a426a6b5ac1b38d85b874d7a6961
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f31892cfa4aa6eaa801f2c0e7a451f59a4070812a94a8c6e40b2cf9d1025a4f9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f82d4c226a86969122d7f72ed4e7984c5739b838f1fb2ffef2f466f08a600760
f93158ba033995e6fbc9c09f18b01adfe5416b5ff44b92361044b561b8e8955d
fd503ca2cb350bd8ecec266730289fd8a519faffe250b976f7963dc10bfd829c

securityaffairs.co Open in urlscan Pro 2001:8d8:100f:f000::289 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

97 %HTTPS

76 %IPv6

16 Domains

29 Subdomains

22 IPs

4 Countries

3778 kBTransfer

5325 kBSize

9 Cookies

23 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

97 %
HTTPS

76 %
IPv6

16
Domains

29
Subdomains

22
IPs

4
Countries

3778 kB
Transfer

5325 kB
Size

9
Cookies

156 HTTP transactions
0 data transactions