seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion=
Effective URL:
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-gov...
Submission: On February 28 via api (February 28th 2020, 8:59:33 pm UTC) from US

Summary HTTP 248 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 26 domains to perform 248 HTTP transactions. The main IP is 2606:4700:3037::681b:bc6c, located in United States and belongs to CLOUDFLARENET, US. The main domain is seguranca-informatica.pt.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.

This is the only time seguranca-informatica.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 115	2606:4700:303... 2606:4700:3037::681b:bc6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
10	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a01:7e00::f0... 2a01:7e00::f03c:91ff:fe50:cccb	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
3	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
17	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1 3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
48	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
4	2606:4700::68... 2606:4700::6810:4ca6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
2	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY)
248	28

115 2606:4700:3037::681b:bc6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7e00::f03c:91ff:fe50:cccb (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

www.revista-programar.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.168.118 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

seguranca-informatica.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:4ca6 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
115	seguranca-informatica.pt 1 redirects seguranca-informatica.pt	5 MB
65	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	669 KB
13	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	179 KB
7	gstatic.com fonts.gstatic.com	70 KB
6	disqus.com seguranca-informatica.disqus.com disqus.com links.services.disqus.com	31 KB
5	facebook.com www.facebook.com graph.facebook.com	1 KB
5	doubleclick.net googleads.g.doubleclick.net
5	addthis.com s7.addthis.com api-public.addthis.com	191 KB
4	disquscdn.com c.disquscdn.com	225 KB
4	facebook.net connect.facebook.net	258 KB
3	w.org s.w.org	3 KB
2	pinterest.com widgets.pinterest.com	644 B
2	reddit.com www.reddit.com	2 KB
2	googlesyndication.com pagead2.googlesyndication.com	121 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	onesignal.com cdn.onesignal.com	3 KB
1	licensebuttons.net licensebuttons.net	2 KB
1	paypalobjects.com www.paypalobjects.com
1	paypal.com 1 redirects www.paypal.com	376 B
1	revista-programar.info www.revista-programar.info	16 KB
1	googleapis.com fonts.googleapis.com	2 KB
248	26

	Domain	Requested by
115	seguranca-informatica.pt	1 redirects seguranca-informatica.pt www.google-analytics.com pagead2.googlesyndication.com
48	pbs.twimg.com	seguranca-informatica.pt platform.twitter.com
13	abs.twimg.com	seguranca-informatica.pt platform.twitter.com
10	platform.twitter.com	seguranca-informatica.pt platform.twitter.com
7	fonts.gstatic.com	www.google-analytics.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	c.disquscdn.com	seguranca-informatica.disqus.com
4	connect.facebook.net	seguranca-informatica.pt connect.facebook.net
3	syndication.twitter.com	1 redirects seguranca-informatica.pt
3	s.w.org	seguranca-informatica.pt
3	seguranca-informatica.disqus.com	seguranca-informatica.pt seguranca-informatica.disqus.com
3	www.facebook.com	seguranca-informatica.pt connect.facebook.net
3	s7.addthis.com	seguranca-informatica.pt s7.addthis.com
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	api-public.addthis.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	disqus.com	seguranca-informatica.disqus.com
2	ton.twimg.com	platform.twitter.com
2	cdn.syndication.twimg.com	platform.twitter.com
2	pagead2.googlesyndication.com	seguranca-informatica.pt pagead2.googlesyndication.com
2	www.google-analytics.com	seguranca-informatica.pt
1	links.services.disqus.com	c.disquscdn.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdn.onesignal.com	seguranca-informatica.pt
1	licensebuttons.net	seguranca-informatica.pt
1	www.paypalobjects.com	seguranca-informatica.pt
1	www.paypal.com	1 redirects
1	www.revista-programar.info	seguranca-informatica.pt
1	fonts.googleapis.com	seguranca-informatica.pt
248	34

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
vmpsoft.com
www.virustotal.com
github.com
www.embarcadero.com
docs.microsoft.com
www.linkedin.com
www.facebook.com
twitter.com
t.me
facebook.com
plus.google.com
youtube.com
www.pinterest.pt
www.portugal-a-programar.pt
www.trignosfera.pt
creativecommons.org
linkedin.com
www.reddit.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
www.revista-programar.info Let's Encrypt Authority X3	`2020-01-29` - `2020-04-28`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-02` - `2020-08-10`	6 months	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Frame ID: 04EF87E0A5FC4A90903E6D811D9E05FE
Requests: 190 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html
Frame ID: 544BF2F76343A94E650FE73BC1880994
Requests: 1 HTTP requests in this frame

Frame: https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/
Frame ID: EC08C762C0E783CC7EC78F4FF134CD53
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=2753605726&adf=75255784&w=740&fwrn=4&lmt=1582923556&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556446&bpp=73&bdt=169&fdt=220&idt=220&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3438934418451&frm=20&pv=2&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=8800387988098&dssz=33&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1832&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5rF1gV8Ks3&p=https%3A//seguranca-informatica.pt&dtd=236
Frame ID: BBF892CAB0DEA32A53A5B2704A0796BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=1432088096&adk=718445618&adf=2648578166&w=300&lmt=1582923556&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556747&bpp=3&bdt=470&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=703756161230890&dssz=38&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3392&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LNuND4IKfU&p=https%3A//seguranca-informatica.pt&dtd=6
Frame ID: DE42589EB37DE5A212B94E715D5BF478
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1582923556&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582923556871&bpp=3&bdt=594&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=77&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13
Frame ID: 77811787F7A6875FC59712C9A49EA86E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Frame ID: 903640B30666529AC535BFD48FE71DC7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Dfa8f4b0143c37%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3e8ab76a2c1054%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: E44AA12E9DCC1B9F8A8CBB6A0623C3B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=6905413220&adk=2455111602&adf=1352125749&w=300&lmt=1582923557&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556770&bpp=4&bdt=494&fdt=4&idt=4&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600%2C0x0&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=81&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=4447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=pwpiNHse1W&p=https%3A//seguranca-informatica.pt&dtd=300
Frame ID: 6BC0911F8B20989168B1D2AA05FF5D99
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png
Frame ID: 8A412CE1F22E34B8ECF589E9B58E8775
Requests: 55 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=6738%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D6738&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&t_e=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&t_d=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&t_t=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&s_o=default
Frame ID: D8BD3DA0502F1C5C5902A66FEA5E2E51
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 0DBC348590D3BA3826688B2A5C34F819
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion= HTTP 301
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-fro... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

248
Requests

100 %
HTTPS

61 %
IPv6

26
Domains

34
Subdomains

28
IPs

6
Countries

7252 kB
Transfer

9525 kB
Size

9
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: http://vmpsoft.com/support/user-manual/introduction/history-of-changes/
Title: VMProtector 3.x

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/418dbcf5f8d5ad7e16a0bb48c1e14cb269bf5bd814f0a70c3aa90ce787136047/detection
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares/SI-LAB-malware/blob/master/decryption-strings-lampion.vbs
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/eb3f2be571bb6b93ee2e0b6180c419e9febfdb65759244ea04488be7c6f5c4e2/detection
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://www.embarcadero.com/br/
Title: Embarcaredo

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/desktop/shell/csidl
Title: CSIDL

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares/SI-LAB-Yara_rules
Title: here

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares/
Title: Pedro Tavares

Search URL Search Domain Scan URL

URL: https://www.facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://twitter.com/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://t.me/segurancainformatica

Search URL Search Domain Scan URL

URL: https://facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+PedroTavaresSir

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.pinterest.pt/sirpedrotavares/seguranca-informaticapt/

Search URL Search Domain Scan URL

URL: https://www.portugal-a-programar.pt/revista-programar/edicoes/download.php?e=60&t=site

Search URL Search Domain Scan URL

URL: https://www.trignosfera.pt/

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+PedroTavaresSir
Title:

Search URL Search Domain Scan URL

URL: https://linkedin.com/in/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion= HTTP 301
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://www.paypal.com/en_PT/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

Request Chain 262

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

248 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Redirect Chain

https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion=
https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

145 KB
34 KB

922ms
922ms

Document
text/html

2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.3

Resource Hash

bbfff8d3134bdd9566c20dbf5e0a1298d868ad9597f7384681c66ac0ae2ceaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: seguranca-informatica.pt
:scheme: https
:path: /targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d950b5529314d9748972e2ab0a4225c171582923554
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 28 Feb 2020 20:59:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.3
x-pingback: https://seguranca-informatica.pt/xmlrpc.php
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/", <https://seguranca-informatica.pt/?p=6738>; rel=shortlink, </wp-content/cache/minify/398c6.css>; rel=preload; as=style, </wp-content/cache/minify/eabb6.css>; rel=preload; as=style, </wp-content/cache/minify/ea76f.css>; rel=preload; as=style, </wp-content/cache/minify/c841a.css>; rel=preload; as=style
vary: Accept-Encoding
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 56c5523cf99726ee-FRA
content-encoding: br
cf-h2-pushed: </wp-content/cache/minify/398c6.css>,</wp-content/cache/minify/eabb6.css>,</wp-content/cache/minify/ea76f.css>,</wp-content/cache/minify/c841a.css>

Redirect headers

status: 301
date: Fri, 28 Feb 2020 20:59:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d950b5529314d9748972e2ab0a4225c171582923554; expires=Sun, 29-Mar-20 20:59:14 GMT; path=/; domain=.seguranca-informatica.pt; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: Accept-Encoding
location: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 56c552387f6826ee-FRA

GET
H2 200 398c6.css
seguranca-informatica.pt/wp-content/cache/minify/ 36 KB
6 KB 13ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/398c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f48cc33f125ac5a8a96ecd62ec068d6a894295606e3cd09737eae0b732ecad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=38991
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Mon, 04 Nov 2019 03:16:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 56c55242bc6426ee-FRA
cf-bgj: minify

GET
H2 200 eabb6.css
seguranca-informatica.pt/wp-content/cache/minify/ 43 KB
9 KB 4ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=45567
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Mon, 04 Nov 2019 03:16:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 56c55242bc6526ee-FRA
cf-bgj: minify

GET
H2 200 ea76f.css
seguranca-informatica.pt/wp-content/cache/minify/ 42 KB
7 KB 5ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/ea76f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47cfc4fe8ba0a0a7c7d077c1bb63c0e66d3b53947e5bd39a9ee4f6e2d3266991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=44805
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Mon, 04 Nov 2019 09:36:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 56c55242bc6626ee-FRA
cf-bgj: minify

GET
H2 200 c841a.css
seguranca-informatica.pt/wp-content/cache/minify/ 81 KB
15 KB 11ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15eccda5948fdbe2395f1facf149968199ecce24d5bab6d9e7fe618a54113cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=85444
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Mon, 04 Nov 2019 11:58:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 56c55242bc6726ee-FRA
cf-bgj: minify

GET
H2 200 Em1BA_LebhLQp5bLUrdFqg21Od4.js Show response
seguranca-informatica.pt/cdn-cgi/apps/head/ 6 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/head/Em1BA_LebhLQp5bLUrdFqg21Od4.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe67d41f8bbad5601512b523e13cc623dfb5fa7290eee10780044420582a2f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1848071
status: 200
vary: Accept-Encoding
x-amz-request-id: D39320D90C815D1F
x-amz-id-2: oJEgkw8GEhzKgVBANpJszcrYgQbfL+r13m33hj1u53bFqtH0Ax2t8VscMTtEKTK86XxwXqWdKxQ=
last-modified: Sun, 24 Mar 2019 01:11:12 GMT
server: cloudflare
etag: W/"a474776ce7a35ae97320f70135c52761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 6Fi1r2jSU90h1iftvMS6aUJXPgHH7A.S
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 56c55242cc6f26ee-FRA

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 43ms
29ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Feb 2020 20:59:16 GMT
server: ESF
date: Fri, 28 Feb 2020 20:59:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Feb 2020 20:59:16 GMT

GET
H2 200 jquery.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 95 KB
32 KB 21ms
20ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=96873
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Tue, 21 May 2019 20:30:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c55242cc7026ee-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 10 KB
4 KB 15ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2016 18:04:22 GMT
server: cloudflare
age: 675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242cc7226ee-FRA
x-content-type-options: nosniff

GET
H2 200 frontend.min.js Show response
seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Thu, 27 Feb 2020 10:54:08 GMT
server: cloudflare
age: 675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242cc7326ee-FRA
x-content-type-options: nosniff

GET
H2 200 nivo-lightbox.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/ 8 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
age: 675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242cc7426ee-FRA
x-content-type-options: nosniff

GET
H2 200 infinite-scroll.pkgd.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 25 KB
7 KB 17ms
16ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
age: 675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242cc7626ee-FRA
x-content-type-options: nosniff

GET
H2 200 front.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/ 16 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a44ab6217570448889e9e625c86288f47692343285d48fd2642e9f9e46c3158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
cf-polished: origSize=26898
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c55242cc7726ee-FRA
cf-bgj: minify

GET
H2 200 wpp-5.0.0.min.js Show response
seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/ 1 KB
714 B 15ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.0.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Sun, 12 Jan 2020 00:25:36 GMT
server: cloudflare
age: 675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242cc7826ee-FRA
x-content-type-options: nosniff

GET
H2 200 logotipox600.png
seguranca-informatica.pt/logotipo/ 20 KB
20 KB 16ms
15ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/logotipox600.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 20475
referrer-policy
last-modified: Tue, 13 Feb 2018 18:11:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c55242cc7926ee-FRA

GET
H2 200 qNcmPTj79EMUOrzZ4I-EprFF7Y8.js Show response
seguranca-informatica.pt/cdn-cgi/apps/body/ 28 KB
6 KB 12ms
12ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/body/qNcmPTj79EMUOrzZ4I-EprFF7Y8.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/cdn-cgi/apps/head/Em1BA_LebhLQp5bLUrdFqg21Od4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1125160
status: 200
vary: Accept-Encoding
x-amz-request-id: 547E4B16049F9E42
x-amz-id-2: 00RXFHZiBmtF/pVqDKlAPbYaX9CbK/MZwBGu8spGJisd3UWcXMi/WO6DtULI9kNhoqVUUP5AUk4=
last-modified: Sun, 24 Mar 2019 01:11:11 GMT
server: cloudflare
etag: W/"2f0664ac054357af08048b56dbb23ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: IsHIq3aNpPjbWPIxpMJiL1AFkBI._8J3
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 56c55242dc8626ee-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4025
date: Fri, 28 Feb 2020 19:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 28 Feb 2020 21:52:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 14 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 3006
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55242fc9426ee-FRA
x-content-type-options: nosniff

GET
H2 200 twitter_PNG28-e1517184971128.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 600 B
848 B 108ms
96ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/twitter_PNG28-e1517184971128.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 600
referrer-policy
last-modified: Mon, 29 Jan 2018 00:16:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd326ee-FRA

GET
H2 200 icon-circle-150x150-youtube.png
seguranca-informatica.pt/ 7 KB
8 KB 108ms
96ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/icon-circle-150x150-youtube.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 7592
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd426ee-FRA

GET
H2 200 1-4.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 102 KB
102 KB 109ms
96ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/1-4.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565971e8c09ac170cfd188d5cafd137444e336b5e71120fb8736d2ef427596da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 104619
referrer-policy
last-modified: Wed, 25 Dec 2019 22:09:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd526ee-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f651c9826c89e6b04937027ce4205717f61ef9489c0f6927c4ac2d07945ded20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38593
x-xss-protection: 0
server: cafe
etag: 6202287783212028649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Feb 2020 20:59:16 GMT

GET
H2 200 2-4.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 9 KB
9 KB 109ms
97ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/2-4.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c7583dede85162c6b20a3fc8454e48d859f4fe0715401974cd589367625967

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 9596
referrer-policy
last-modified: Wed, 25 Dec 2019 22:17:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd726ee-FRA

GET
H2 200 lampion-diagram.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 61 KB
62 KB 110ms
97ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/lampion-diagram.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d08378d888ba9b22ef1d896afa70861402b847307863ef32c8e5a841b3818a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 62885
referrer-policy
last-modified: Sat, 28 Dec 2019 17:25:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd826ee-FRA

GET
H2 200 5-5.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 42 KB
42 KB 110ms
98ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/5-5.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf08d76bba22604018e75f1f552f4b0e9c3c279e9b8e42d3908925f0b9e0ae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 42976
referrer-policy
last-modified: Thu, 26 Dec 2019 00:00:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cd926ee-FRA

GET
H2 200 phish_AT-pt__.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 151 KB
151 KB 110ms
98ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/phish_AT-pt__.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94a437cbb5995db9ff17e91bee85ffde16301a32199732d20b1dcc2ae356614

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 154254
referrer-policy
last-modified: Thu, 26 Dec 2019 23:20:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cda26ee-FRA

GET
H2 200 4-4-768x237.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 37 KB
37 KB 118ms
106ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/4-4-768x237.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd7514da60aafd1648026a1ec16801b53e6eae3415a1296f2285ede8640066d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 37880
referrer-policy
last-modified: Wed, 25 Dec 2019 23:49:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cdb26ee-FRA

GET
H2 200 3-4-768x139.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 46 KB
46 KB 118ms
106ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/3-4-768x139.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09d453b69bb73c6d13a392acbd8b06d5e4be7c89165a4b39eee7e264b911dfbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 46777
referrer-policy
last-modified: Wed, 25 Dec 2019 23:49:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cdc26ee-FRA

GET
H2 200 20.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 9 KB
9 KB 118ms
106ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/20.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cd1070f7b166dd6bc51cfc4b7adf763b048e6a93d7a9867adc1bec8f64162b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 9307
referrer-policy
last-modified: Thu, 26 Dec 2019 15:56:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cdf26ee-FRA

GET
H2 200 21.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 9 KB
9 KB 118ms
106ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/21.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9eaf7c7edd128a8c797040b2b04c0e317aade07da069187644b1dde10a333d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 8817
referrer-policy
last-modified: Thu, 26 Dec 2019 15:56:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ce326ee-FRA

GET
H2 200 6-4.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 38 KB
38 KB 118ms
107ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/6-4.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f40cb189a9c5e386f134167e4a6f9e7c4f98206a08f414b5d165ca632341dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 38969
referrer-policy
last-modified: Thu, 26 Dec 2019 14:25:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ce626ee-FRA

GET
H2 200 7-2.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 31 KB
31 KB 118ms
107ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/7-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf32d78a54a1e4bdb4d9e70fb1afd39def53bbdd140909115d3215e62811512c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 31392
referrer-policy
last-modified: Thu, 26 Dec 2019 14:31:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ce726ee-FRA

GET
H2 200 8-3.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 22 KB
22 KB 119ms
107ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/8-3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6243a76125ef19bcf4bac1c4e3aa9dc43fabd4fcf0a269524333bd29cef8f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 22596
referrer-policy
last-modified: Thu, 26 Dec 2019 14:32:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ce826ee-FRA

GET
H2 200 9-3.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 53 KB
53 KB 119ms
107ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/9-3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b45df64a966bc9091e771035c444fcbbebdd959b2f603712173e6c6eabaed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 54147
referrer-policy
last-modified: Thu, 26 Dec 2019 14:35:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ce926ee-FRA

GET
H2 200 10-3.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 65 KB
66 KB 119ms
107ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/10-3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e8ba191ff485ca1042fbf69d369385fa1917f924d6437b51ac67467b5dbcea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 67037
referrer-policy
last-modified: Thu, 26 Dec 2019 14:43:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cea26ee-FRA

GET
H2 200 11-3-768x475.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 92 KB
93 KB 119ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/11-3-768x475.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0ae96283c169474b8fa87a36c575b8f829c893917ed46d50947e2876404dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 94619
referrer-policy
last-modified: Thu, 26 Dec 2019 14:51:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ceb26ee-FRA

GET
H2 200 schema-vbs.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 63 KB
63 KB 119ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/schema-vbs.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23963e3e52a11e5a469a77934367b8afa0a5bd1dc8e484157545a5fd48cf7000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 64836
referrer-policy
last-modified: Thu, 26 Dec 2019 15:49:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cec26ee-FRA

GET
H2 200 12-3.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 45 KB
46 KB 119ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/12-3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110b9f208e47ab5c66dcb4e009d18d986cfbf77bf8a504a179170864768cf75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 46483
referrer-policy
last-modified: Thu, 26 Dec 2019 15:03:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433ced26ee-FRA

GET
H2 200 13-3.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 77 KB
78 KB 119ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/13-3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fc83e6a5db0a3eb9fcea9e7d21ee94624f2f7caa7f7f5f244c11f378a7e2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 79286
referrer-policy
last-modified: Thu, 26 Dec 2019 15:10:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cee26ee-FRA

GET
H2 200 14-2.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 98 KB
98 KB 119ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/14-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

debd2c4ea27fdfe9fc4dcb188dbf92eb249225f62400f878cf6ca98ad0fb906a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 100550
referrer-policy
last-modified: Thu, 26 Dec 2019 15:14:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cef26ee-FRA

GET
H2 200 15-1.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 94 KB
95 KB 120ms
108ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/15-1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2475dae845432b52e0bc442810b70f4011149dfcb8b332217d55a9ac3c122a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 96660
referrer-policy
last-modified: Thu, 26 Dec 2019 15:19:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf126ee-FRA

GET
H2 200 16-1.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 142 KB
142 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/16-1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85606bbfd0b2d0346f9de43f792d2924ded185c47027412c41241565ebae5fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 145382
referrer-policy
last-modified: Thu, 26 Dec 2019 15:21:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf226ee-FRA

GET
H2 200 17-1.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 28 KB
28 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/17-1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

854b43d16805a4c287a71084fd69eab2c4b70dabfcc784416e56d7697e3227d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 28553
referrer-policy
last-modified: Thu, 26 Dec 2019 15:24:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf326ee-FRA

GET
H2 200 18_1.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 133 KB
133 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/18_1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15364b99996967453dc9893c3eb994d8e2460ab7c2fd97f658126701df1a01e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 136057
referrer-policy
last-modified: Thu, 26 Dec 2019 15:29:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf426ee-FRA

GET
H2 200 19.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 78 KB
78 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/19.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e1750f8a0ba5a98952d23016d63d033d744901ecf9846e117c4a2045e761cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 80052
referrer-policy
last-modified: Thu, 26 Dec 2019 15:53:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf626ee-FRA

GET
H2 200 25.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 35 KB
35 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/25.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a526ec72bf2fc2268364218f865eb1bd7fe4c9a3b58dade9803403bd7de0b6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 35653
referrer-policy
last-modified: Thu, 26 Dec 2019 16:02:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cf726ee-FRA

GET
H2 200 27.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 26 KB
26 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/27.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b126de90fac31db6f811d47bf0ed21fa3293a3bb375de8017fb3fab44e3d760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 26253
referrer-policy
last-modified: Thu, 26 Dec 2019 16:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cfb26ee-FRA

GET
H2 200 28.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 153 KB
153 KB 120ms
109ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/28.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70cb0ece268e5034f651baab3ea64a9679f1c40c7d2fca3be22982b4f529da29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 156337
referrer-policy
last-modified: Thu, 26 Dec 2019 16:19:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cfc26ee-FRA

GET
H2 200 34.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 6 KB
6 KB 120ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/34.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

603f97a3d74c8a23fdf6eedc6871ab25b92f203ce2b854120ba73f206d97ef00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 5655
referrer-policy
last-modified: Thu, 26 Dec 2019 16:33:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cfd26ee-FRA

GET
H2 200 35-768x319.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 88 KB
88 KB 120ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/35-768x319.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

600ea43b9e01855ac53ae937648edcfb5e840a82b9a031b4625445c474dff0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 89808
referrer-policy
last-modified: Thu, 26 Dec 2019 16:33:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cfe26ee-FRA

GET
H2 200 29.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 59 KB
59 KB 120ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/29.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70bbfe5ccf646c79d71f3b3f07475510ba46619dd1cdaa4f2306923985b53e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
status: 200
vary: Accept-Encoding
content-length: 60343
referrer-policy
last-modified: Thu, 26 Dec 2019 16:28:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433cff26ee-FRA

GET
H2 200 30.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 96 KB
97 KB 120ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/30.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15bbf601c2983f69c93238bcf2bb4c272cdcae10b1cfb5ad3989a8c482c30ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 98671
referrer-policy
last-modified: Thu, 26 Dec 2019 16:28:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0126ee-FRA

GET
H2 200 31.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 50 KB
50 KB 121ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/31.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5037d3401856321993cf6dee7648d99d11a57659d3674dce0967f3d66b009191

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 51235
referrer-policy
last-modified: Thu, 26 Dec 2019 16:31:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0226ee-FRA

GET
H2 200 32.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 9 KB
10 KB 121ms
110ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/32.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edc75bb3f98bff0eabe5354274629f5fb64939798c4654d6c245851718350211

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 9700
referrer-policy
last-modified: Thu, 26 Dec 2019 16:32:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0326ee-FRA

GET
H2 200 33.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 12 KB
12 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/33.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175816b9fb468426a0975743318beb4d28358e4edfca6cb1857f11622887e77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 11865
referrer-policy
last-modified: Thu, 26 Dec 2019 16:32:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0426ee-FRA

GET
H2 200 36.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 35 KB
35 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/36.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd2babd13d0dd478a92c0e6292f6ad1a580fd85522aa8b7b07d50945ccbee61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 35398
referrer-policy
last-modified: Thu, 26 Dec 2019 16:34:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0626ee-FRA

GET
H2 200 37-300x188.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 32 KB
32 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/37-300x188.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507700dafc43742dff9cb5da9cf28338d46387ccdbebfe27dc9380af072149b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 33137
referrer-policy
last-modified: Thu, 26 Dec 2019 16:36:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0726ee-FRA

GET
H2 200 38.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 200 KB
200 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/38.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6c8b579c8464973ba12d2e9295c17b074ded75edd820a08714cd5e1c3b328b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 204569
referrer-policy
last-modified: Thu, 26 Dec 2019 16:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0826ee-FRA

GET
H2 200 39.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 66 KB
66 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/39.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818d4a89c0d981ee5cd138bffd9bed1977fbce5ee5310efffacdd67c4002aa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 67487
referrer-policy
last-modified: Thu, 26 Dec 2019 16:38:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0926ee-FRA

GET
H2 200 40.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 119 KB
120 KB 121ms
111ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/40.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09b261376b866f8af03a5f7e5acdf9c2fe2016a34782755158f31ffc67c0cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 122193
referrer-policy
last-modified: Thu, 26 Dec 2019 16:41:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0a26ee-FRA

GET
H2 200 41.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 9 KB
9 KB 122ms
112ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/41.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dead231224efb0abfe1c6421801b8bb2bc7258b2d9450efa32a3106ff8b7560e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 9140
referrer-policy
last-modified: Thu, 26 Dec 2019 16:41:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0b26ee-FRA

GET
H2 200 53.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 23 KB
23 KB 122ms
112ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/53.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d58eefb0fb79e96b05fed507790de879b937d8009287c3493b4b96a543f8c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 23711
referrer-policy
last-modified: Sat, 28 Dec 2019 00:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0c26ee-FRA

GET
H2 200 42.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 23 KB
23 KB 122ms
112ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/42.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f063db3d46e0913c719064f2690a50120b97adec3ed9a452d9f5f13d73a3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 23628
referrer-policy
last-modified: Thu, 26 Dec 2019 16:42:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0d26ee-FRA

GET
H2 200 43.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 14 KB
14 KB 122ms
112ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/43.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268869c32bd3b6dc1805fa7bc931866cfede2a010a770beb30d50f2a760010f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 14706
referrer-policy
last-modified: Thu, 26 Dec 2019 16:43:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0e26ee-FRA

GET
H2 200 44.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 206 KB
206 KB 122ms
112ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/44.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28670d388bf93eb7915514ba914ba5b8d4a93da1c06d1eca5b6b1a417e909988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 211016
referrer-policy
last-modified: Thu, 26 Dec 2019 16:44:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d0f26ee-FRA

GET
H2 200 45.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 70 KB
70 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/45.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315e735bd54203f4ef4cbcd46b701a31c793861ad8bcf5684752dd4db59ef6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 71827
referrer-policy
last-modified: Thu, 26 Dec 2019 16:45:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1426ee-FRA

GET
H2 200 52.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 44 KB
44 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/52.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf72b1c7d9d0c312ef873099b2b5e7c0a96224f9bbb5aef62071ecd7aa9ad058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 45104
referrer-policy
last-modified: Thu, 26 Dec 2019 18:42:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1526ee-FRA

GET
H2 200 46-768x444.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 45 KB
45 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/46-768x444.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd020b8dd50b9870a0161998ecd24d486cb2fa1edcba53301b11466ab9c1b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 46208
referrer-policy
last-modified: Thu, 26 Dec 2019 16:46:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1626ee-FRA

GET
H2 200 47.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 68 KB
68 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/47.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b58f95b79fd14e2ba91a94b005f5108a704704da54921b2ef6126dd0375f780

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 69499
referrer-policy
last-modified: Thu, 26 Dec 2019 16:47:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1726ee-FRA

GET
H2 200 48.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 36 KB
36 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/48.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bbd956a2e756e10a81432177887f6eb872e14e6da70af5734f8b7630da0d9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 36920
referrer-policy
last-modified: Thu, 26 Dec 2019 16:47:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1826ee-FRA

GET
H2 200 email-decode.min.js Show response
seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 102ms
90ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Feb 2020 11:08:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e5651b3-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cbb26ee-FRA
expires: Sun, 01 Mar 2020 20:59:16 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:16:08 GMT
Server: ECS (fcn/4195)
Age: 1479
Etag: "b184acc5626add1721a10b1738df2dbe+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29101

GET
H2 200 49.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 534 KB
534 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/49.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fc775c909fc62733b5b04f281a95bc38e8adef61ac3831cd69bc777a5146b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 546510
referrer-policy
last-modified: Thu, 26 Dec 2019 16:49:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1926ee-FRA

GET
H2 200 50.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 168 KB
168 KB 122ms
113ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/50.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4520fa38874ff6346df413a9de9e1494c47347f1f6ac142d4ba6c4ee379507fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 171863
referrer-policy
last-modified: Thu, 26 Dec 2019 16:49:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1b26ee-FRA

GET
H2 200 51.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 136 KB
137 KB 122ms
114ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/51.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b0c0e6482d5ba932ef33122c8d15386dcb7b4257dbbca42282893996e1cf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 139689
referrer-policy
last-modified: Thu, 26 Dec 2019 17:52:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1c26ee-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 pedro-tavares-300x200.jpg
seguranca-informatica.pt/wp-content/uploads/2018/11/ 80 KB
80 KB 122ms
114ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/11/pedro-tavares-300x200.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 82070
referrer-policy
last-modified: Fri, 02 Nov 2018 14:44:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d1f26ee-FRA

GET
H2 200 cover_lampion-768x315.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 261 KB
261 KB 123ms
114ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/cover_lampion-768x315.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 266845
referrer-policy
last-modified: Sat, 28 Dec 2019 02:40:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2326ee-FRA

GET
H2 200 emotet-ryuk-portugal-768x425.png
seguranca-informatica.pt/wp-content/uploads/2020/01/ 361 KB
362 KB 123ms
114ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/01/emotet-ryuk-portugal-768x425.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 369542
referrer-policy
last-modified: Thu, 30 Jan 2020 14:44:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2426ee-FRA

GET
H2 200 youtube-subscribe-button-2.png
seguranca-informatica.pt/ 4 KB
5 KB 123ms
114ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/youtube-subscribe-button-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
status: 200
vary: Accept-Encoding
content-length: 4586
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2626ee-FRA

GET
H2 200 telegram.jpg
seguranca-informatica.pt/wp-content/uploads/2018/12/ 11 KB
11 KB 123ms
114ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/12/telegram.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 11537
referrer-policy
last-modified: Thu, 27 Dec 2018 12:10:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2726ee-FRA

GET
H2 200 if_60-rss_104443.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_60-rss_104443.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 2265
referrer-policy
last-modified: Mon, 29 Jan 2018 13:11:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2826ee-FRA

GET
H2 200 if_1_Media_social_website_facebook_2657542.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_1_Media_social_website_facebook_2657542.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 1792
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d2f26ee-FRA

GET
H2 200 if_18_Media_social_website_in_2657551.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_18_Media_social_website_in_2657551.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 2141
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3026ee-FRA

GET
H2 200 if_12_Media_social_website_Twitter_2657545.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_12_Media_social_website_Twitter_2657545.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 2756
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3326ee-FRA

GET
H2 200 if_5_Media_social_website_gmail_2657573.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_5_Media_social_website_gmail_2657573.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 2512
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3426ee-FRA

GET
H2 200 if_11_Media_social_website_youtube_2657544.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_11_Media_social_website_youtube_2657544.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 2502
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3526ee-FRA

GET
H2 200 if_14_Media_social_website_pinterest_2657547.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 123ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_14_Media_social_website_pinterest_2657547.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 3147
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3726ee-FRA

GET
H2 200 ed60.x74096.jpg
www.revista-programar.info/static/images/ 15 KB
16 KB 77ms
23ms Image
image/jpeg 2a01:7e00::f03c:91ff:fe50:cccb
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.revista-programar.info/static/images/ed60.x74096.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:7e00::f03c:91ff:fe50:cccb London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

Apache /

Resource Hash

95481452eac7f0e75a07e3247d1467489abed5109f31b5aea93ee4d3bfe02b33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; connect-src 'self'; font-src 'self' data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; report-uri https://papcsp.report-uri.com/r/d/csp/enforce
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
content-security-policy: default-src 'self'; base-uri 'none'; connect-src 'self'; font-src 'self' data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; report-uri https://papcsp.report-uri.com/r/d/csp/enforce
referrer-policy: strict-origin-when-cross-origin
server: Apache
date: Fri, 28 Feb 2020 20:59:16 GMT
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000, public
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 15496
x-xss-protection: 1; mode=block

GET
H2 200 trignosfera.png
seguranca-informatica.pt/logotipo/partners/ 45 KB
45 KB 123ms
116ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/partners/trignosfera.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 46166
referrer-policy
last-modified: Fri, 16 Feb 2018 16:25:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3926ee-FRA

GET
H2 200 81231ea4f1f1574817ce729145adde5b.gif
seguranca-informatica.pt/wp-content/uploads/2018/07/ 7 KB
7 KB 124ms
116ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/07/81231ea4f1f1574817ce729145adde5b.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 7181
referrer-policy
last-modified: Mon, 30 Jul 2018 13:41:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d3b26ee-FRA

GET
H2 200 scam.gif
seguranca-informatica.pt/wp-content/uploads/2019/01/ 22 KB
23 KB 124ms
116ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/01/scam.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 22962
referrer-policy
last-modified: Wed, 23 Jan 2019 10:49:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d4326ee-FRA

GET
H2 200 coffepaypal.png
seguranca-informatica.pt/wp-content/uploads/2019/02/ 52 KB
52 KB 124ms
116ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/02/coffepaypal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 53007
referrer-policy
last-modified: Mon, 11 Feb 2019 23:55:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d4826ee-FRA

GET
H2

404

pixel.gif
www.paypalobjects.com/en_PT/i/scr/
Redirect Chain

https://www.paypal.com/en_PT/i/scr/pixel.gif
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

0
0

287ms
231ms

Image
text/html

2.18.232.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency: 14
date: Fri, 28 Feb 2020 20:59:16 GMT
x-edgeconnect-midmile-rtt: 142
location: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
status: 301
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: cdd8049d3be0f
strict-transport-security: max-age=63072000
dc: phx-origin-www-2.paypal.com
content-length: 0

GET
H2 200 88x31.png
licensebuttons.net/l/by/4.0/ 1 KB
2 KB 37ms
13ms Image
image/png 2606:4700:20::681a:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://licensebuttons.net/l/by/4.0/88x31.png
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84294b65bbfc0cd6021e609bbb7d36c432d242a66bd024d959ced0218db6ec3f

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
cf-cache-status: HIT
age: 3896
cf-polished: origSize=4739
status: 200
content-length: 1468
last-modified: Sat, 25 Jan 2014 10:15:49 GMT
server: cloudflare
etag: "1283-4f0c8c2319f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 56c552435fb8c2bd-FRA
cf-bgj: imgq:100

GET
H2 200 cherry-js-core.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/ 994 B
549 B 103ms
91ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/cherry-js-core.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cbc26ee-FRA
x-content-type-options: nosniff

GET
H2 200 comment_count.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 708 B
381 B 105ms
93ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=889
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cbd26ee-FRA
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 828 B
394 B 105ms
93ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=1150
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc026ee-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 2 KB
745 B 103ms
91ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/main.js?ver=20170211

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=2332
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc126ee-FRA
cf-bgj: minify

GET
H2 200 jquery.sticky.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 4 KB
1 KB 104ms
90ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/jquery.sticky.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf3003543c3572ba8dfc6a87a9289ebadde2db18f09a36657301eaccd157866

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=7171
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc226ee-FRA
cf-bgj: minify

GET
H2 200 sticky-setting.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 213 B
190 B 104ms
91ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/sticky-setting.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2401623ae567bc1ee575b6702e3a178c8b4f6a58d29cdfa3caae48e03ff9b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=289
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc326ee-FRA
cf-bgj: minify

GET
H2 200 comment-reply.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 2 KB
1 KB 104ms
91ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/comment-reply.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cc526ee-FRA
x-content-type-options: nosniff

GET
H2 200 cherry-handler.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/ 3 KB
1 KB 105ms
92ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/cherry-handler.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cc626ee-FRA
x-content-type-options: nosniff

GET
H2 200 validate.js Show response
seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/ 880 B
390 B 105ms
92ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/validate.js?ver=6.5.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9739d0d7392121fdc9d51cee01553a500980a5ce417343483982c68e3e2625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=1089
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Thu, 27 Feb 2020 10:54:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc726ee-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 96ms
31ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Fri, 28 Feb 2020 20:59:16 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H2 200 mootools-core-yc.js Show response
seguranca-informatica.pt/wp-content/plugins/enlighter/resources/ 87 KB
27 KB 105ms
93ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/enlighter/resources/mootools-core-yc.js?ver=3.10.0

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17277430134eac7b8aae75a000a3628f21e517bc260cd82997cf58f8ef4ba645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 319
cf-polished: origSize=89614
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Tue, 07 May 2019 09:01:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433cc926ee-FRA
cf-bgj: minify

GET
H2 200 EnlighterJS.min.js Show response
seguranca-informatica.pt/wp-content/plugins/enlighter/resources/ 49 KB
14 KB 106ms
93ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/enlighter/resources/EnlighterJS.min.js?ver=3.10.0

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba248c9f36442fceef93b25bc4577993797ab7255b16ec87be25d8cec31d559d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Tue, 07 May 2019 09:01:52 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cca26ee-FRA
x-content-type-options: nosniff

GET
H2 200 wp-embed.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
706 B 107ms
94ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-embed.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433ccc26ee-FRA
x-content-type-options: nosniff

GET
H2 200 scripts.js Show response
seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/ 2 KB
874 B 107ms
94ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
cf-polished: origSize=2960
status: 200
vary: Accept-Encoding
referrer-policy
last-modified: Thu, 13 Feb 2020 14:42:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 56c552433ccd26ee-FRA
cf-bgj: minify

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 19ms
12ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 419
etag: W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 56c55243398564b5-FRA
expires: Mon, 02 Mar 2020 20:59:16 GMT

GET
H2 200 underscore.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 16 KB
6 KB 107ms
95ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/underscore.min.js?ver=1.8.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b90a86b2f904c81a7280d1f47325d0a02568f5c4e913cee34614b472e57538

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cce26ee-FRA
x-content-type-options: nosniff

GET
H2 200 wp-util.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
575 B 108ms
95ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-util.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d232efc4e19febae2ac33a834e2030452117523cbb6df3a6082c244783926396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433ccf26ee-FRA
x-content-type-options: nosniff

GET
H2 200 cherry-search.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/ 2 KB
967 B 108ms
96ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/cherry-search.min.js?ver=1.1.5

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
age: 674
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c552433cd026ee-FRA
x-content-type-options: nosniff

POST
H2 201 popular-posts Show response
seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/ 55 B
630 B 899ms
899ms XHR
application/json 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.3

Resource Hash

34b1654fb499c04eef32262ac25b45f10f4390b92bc659205ef776af5f84b190

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.3
status: 201
vary: Origin,Accept-Encoding
referrer-policy
access-control-allow-headers: Authorization, Content-Type
allow: GET, POST
server: cloudflare
x-wp-nonce: b44158a675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://seguranca-informatica.pt
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 56c552432ca626ee-FRA
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: y7c9iKsk0elyRFntsL/gapOD2cgnzfot7eESY6YFu60PwmRvEOtwg/kCSq6169KhW/3CkPzA/ECWxP+tC+9rww==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 20:59:16 GMT, Fri, 28 Feb 2020 20:59:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85af764caf1a06ae6a5157778f0948982feda127210fea8b9cbd9c8e411addf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fmX1aCGPW4b4WEx7nxFE7A==
status: 200
date: Fri, 28 Feb 2020 20:59:16 GMT, Fri, 28 Feb 2020 20:59:16 GMT
expires: Fri, 28 Feb 2020 21:05:11 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1779
x-fb-debug: kJL6TKEcZaaNFS5qobLZhNd7BdWBJUD9MUtDiBHiDThuTbkmBmAVcTAezMaIOjIaHmqpm5YNC2vcZ/DMlYVlRQ==
x-fb-trip-id: 1850256238
x-fb-content-md5: 530cda858b1b5170f9eb2989b3e531c7
etag: "f07f0817e4d6bd75a52ad9b1d557110f"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cover_lampion.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 333 KB
334 KB 115ms
115ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/cover_lampion.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7642ee69bfb367b8471fa2ce3c750c0e9a672acb55c268abd5e541ecfe16bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
status: 200
vary: Accept-Encoding
content-length: 341315
referrer-policy
last-modified: Sat, 28 Dec 2019 02:40:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c552433d4a26ee-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2573239
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 3613886
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:07:50 GMT

GET
H2 200 simple-line-icons.ttf
seguranca-informatica.pt/wp-content/themes/xmag/fonts/ 18 KB
12 KB 110ms
108ms Font
font/ttf 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/fonts/simple-line-icons.ttf?v=2.2.2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
server: cloudflare
age: 319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c55243cd4f26ee-FRA
x-content-type-options: nosniff

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 14:59:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 21568
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Sat, 27 Feb 2021 14:59:48 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:22:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:15 GMT
server: sffe
age: 3148617
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9416
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:22:19 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 21:50:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 342501
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 0
expires: Tue, 23 Feb 2021 21:50:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 3149221
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3116925
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=733109729&t=pageview&_s=1&dl=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&ul=en-us&de=UTF-8&dt=Targeting%20Portugal%3A%20A%20new%20trojan%20%27Lampion%27%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAUABC~&jid=1873670095&gjid=1327150869&cid=2036958240.1582923556&tid=UA-100437516-1&_gid=575904760.1582923556&_r=1&z=324618386

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 389 KB
113 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a7890c3ea02ed112c11702008829e911&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

785544b635ceb6a5b5d2a9315ffc068cd9524d9339845871b9473d281630aaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ERFsuxcNGB1yCrwX1MytQw==
status: 200
date: Fri, 28 Feb 2020 20:59:16 GMT, Fri, 28 Feb 2020 20:59:16 GMT
expires: Sat, 27 Feb 2021 20:46:18 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 115314
x-fb-debug: liMxa9pvC8B2cM6Bq3I+Ah7JJIEo58ZKAqY9s895fh8zmFrED3+cRfFAssPyQaT9QhdifLlvVCfk3bSx3xliyA==
x-fb-trip-id: 2047048586
x-fb-content-md5: 088a4266ed3ed728fe5ffe5337518f32
etag: "2c7f1053c97bcf5d5c1f794855375139"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 134215180689421 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 76ms
74ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/134215180689421?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4d3d5b164af56834df5f29607bcafe2cae07e0bc743bab1cabe4680c647640d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Xy0AEacnoMJ9HERP7wKn+vYzfsR0l0w82UHkHSxHYVEa7Vrj9eiuQTVtuhcFuQDaeD1f1IpDxAp/zCoUjrixOg==
x-fb-trip-id: 1850256238
date: Fri, 28 Feb 2020 20:59:16 GMT, Fri, 28 Feb 2020 20:59:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 24ms
19ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 23ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/ 221 KB
83 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84611
x-xss-protection: 0
server: cafe
etag: 8867122644226960194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Feb 2020 20:59:16 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/ Frame 544B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 24 Feb 2020 15:07:59 GMT
expires: Mon, 09 Mar 2020 15:07:59 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 366677
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 / Show response
seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/ Frame EC08 20 KB
6 KB 911ms
911ms Document
text/html 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.3

Resource Hash

180c7140c97508c6487f4f4886c5efab95018b30bc126655f78b57b2f9e02e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: seguranca-informatica.pt
:scheme: https
:path: /lampion-malware-origin-servers-geolocated-in-turkey/embed/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d99f7499e84d007bbdfe07dc7bb9660a31582923556; _ga=GA1.2.2036958240.1582923556; _gid=GA1.2.575904760.1582923556; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
date: Fri, 28 Feb 2020 20:59:17 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.3
x-pingback: https://seguranca-informatica.pt/xmlrpc.php
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/", <https://seguranca-informatica.pt/?p=7011>; rel=shortlink
x-wp-embed: true
vary: Accept-Encoding
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 56c55244cddf26ee-FRA
content-encoding: br

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BBF8 0
0 199ms
198ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=2753605726&adf=75255784&w=740&fwrn=4&lmt=1582923556&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556446&bpp=73&bdt=169&fdt=220&idt=220&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3438934418451&frm=20&pv=2&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=8800387988098&dssz=33&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1832&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5rF1gV8Ks3&p=https%3A//seguranca-informatica.pt&dtd=236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=2753605726&adf=75255784&w=740&fwrn=4&lmt=1582923556&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556446&bpp=73&bdt=169&fdt=220&idt=220&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3438934418451&frm=20&pv=2&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=8800387988098&dssz=33&mdo=0&mso=0&rplot=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1832&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5rF1gV8Ks3&p=https%3A//seguranca-informatica.pt&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Feb 2020 20:59:16 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Feb-2020 21:14:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 28 Feb 2020 20:59:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

261a1dfeeccd3f6747dd6bb49e60579c2582910c2b225d23677772825bf7bc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582753860897921"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27728
x-xss-protection: 0
expires: Fri, 28 Feb 2020 20:59:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
255 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134215180689421&ev=PageView&dl=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&rl=&if=false&ts=1582923556713&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582923556712.1194652240&it=1582923556434&coo=false&rqm=GET

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT, Fri, 28 Feb 2020 20:59:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 28 Feb 2020 20:59:16 GMT

GET
H2 200 E-mail-Icon-co%CC%81pia-e1515360297525.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 1009 B
1 KB 11ms
10ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/E-mail-Icon-co%CC%81pia-e1515360297525.png

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
status: 200
vary: Accept-Encoding
content-length: 1009
referrer-policy
last-modified: Wed, 24 Jan 2018 22:17:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c55245ae4d26ee-FRA

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DE42 0
0 181ms
181ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=1432088096&adk=718445618&adf=2648578166&w=300&lmt=1582923556&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556747&bpp=3&bdt=470&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=703756161230890&dssz=38&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3392&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LNuND4IKfU&p=https%3A//seguranca-informatica.pt&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=1432088096&adk=718445618&adf=2648578166&w=300&lmt=1582923556&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556747&bpp=3&bdt=470&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=703756161230890&dssz=38&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=3392&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LNuND4IKfU&p=https%3A//seguranca-informatica.pt&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Feb 2020 20:59:16 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Feb-2020 21:14:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 28 Feb 2020 20:59:16 GMT
cache-control: private

GET
H/1.1 200
OK count.js Show response
seguranca-informatica.disqus.com/ 1 KB
1 KB 71ms
22ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1034548
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 12 Feb 2020 18:34:00 GMT
Server: nginx
ETag: "5e444518-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
seguranca-informatica.disqus.com/ 66 KB
22 KB 625ms
576ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/embed.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

d1c72132e145825babf38b0f8c896196a6d818074ae0f800492ea9de76e3758f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22238

GET
H2 200 fontawesome-webfont.woff2
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/ 70 KB
70 KB 15ms
14ms Font
font/woff2 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 28 Feb 2020 20:59:16 GMT
referrer-policy
cf-cache-status: HIT
server: cloudflare
age: 319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 56c55245fe8026ee-FRA
content-length: 71896
x-content-type-options: nosniff

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 41ms
41ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=57769
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 1f914.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 2 KB
1 KB 61ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f914.svg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

3a19c77ff33f8ea325055b8563e7415ffd2ae37f0bb50a12898801613037721e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 2
date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f1f5-1f1f9.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 1 KB
776 B 61ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f1f5-1f1f9.svg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e0013618876b34d5f4dd21bac1fbcf419bb41e4929ec93a7acac9061ba2050a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 2
date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f9d0.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 2 KB
852 B 61ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f9d0.svg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

0805fa46a5ed3f4da936ef86d38dc7124827e4e926d00d429cbe87a5ea7c361e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT fra 2
date: Fri, 28 Feb 2020 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7781 0
0 22ms
22ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1582923556&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582923556871&bpp=3&bdt=594&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=77&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1582923556&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582923556871&bpp=3&bdt=594&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=77&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=5&uci=a!5&fsb=1&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Feb 2020 20:59:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 28-Feb-2020 21:14:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 28 Feb 2020 20:59:16 GMT
cache-control: private

GET
H/1.1 200
OK widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html
platform.twitter.com/widgets/ Frame 9036 0
0 31ms
31ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 333584
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Feb 2020 20:59:16 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 25 Feb 2020 00:11:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 page.php
www.facebook.com/v2.12/plugins/ Frame E44A 0
0 61ms
60ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Dfa8f4b0143c37%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3e8ab76a2c1054%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a7890c3ea02ed112c11702008829e911&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Dfa8f4b0143c37%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff3e8ab76a2c1054%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0v9P1vG4Ydm6qRq9P..BeWX8k...1.0.BeWX8k.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.12
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: c7PEqREUj+MuLX69LYcddMiAtJla05lnLUcJw5ZhZKX3AUvQv3CVuBKiSh9Xtip6xfizKhZ591Fu/SDfqidr6A==
date: Fri, 28 Feb 2020 20:59:16 GMT Fri, 28 Feb 2020 20:59:16 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/ 7 KB
1 KB 206ms
205ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
etag: -713750497--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1214

GET
H/1.1 200
OK moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js Show response
platform.twitter.com/js/ 24 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DA) /
Resource Hash: 438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:22 GMT
Server: ECS (fcn/40DA)
Age: 333586
Etag: "11d31148aa60716fb9039c36580956f1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7876

GET
H/1.1 200
OK timeline.f2565d449b4dd797677034caa0d66bf8.js Show response
platform.twitter.com/js/ 21 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f2565d449b4dd797677034caa0d66bf8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:22 GMT
Server: ECS (fcn/4195)
Age: 333582
Etag: "3ac68eedc6c1bce6319c2bc023cdc98d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6657

GET
H/1.1 200
OK tweet.20efc6472c99ea54fc0ebc8ec0a9e5c5.js Show response
platform.twitter.com/js/ 16 KB
6 KB 21ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.20efc6472c99ea54fc0ebc8ec0a9e5c5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: 2583790cbe49165e8bb88b6b45002b4bbbc4b978c9953874ec4faa0b88482ef3

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:22 GMT
Server: ECS (fcn/419E)
Age: 333585
Etag: "efc0ab4738f6cb96fbd9036d5b0c7d6d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 5434

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6BC0 0
0 235ms
235ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=6905413220&adk=2455111602&adf=1352125749&w=300&lmt=1582923557&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556770&bpp=4&bdt=494&fdt=4&idt=4&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600%2C0x0&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=81&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=4447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=pwpiNHse1W&p=https%3A//seguranca-informatica.pt&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=600&slotname=6905413220&adk=2455111602&adf=1352125749&w=300&lmt=1582923557&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&flash=0&wgl=1&adsid=NT&dt=1582923556770&bpp=4&bdt=494&fdt=4&idt=4&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C300x600%2C0x0&nras=1&correlator=3438934418451&frm=20&pv=1&ga_vid=2036958240.1582923556&ga_sid=1582923557&ga_hid=733109729&ga_fc=0&iag=0&icsg=574700983746367&dssz=81&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=4447&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C21065533&oid=3&pvsid=4406065896939970&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=pwpiNHse1W&p=https%3A//seguranca-informatica.pt&dtd=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Feb 2020 20:59:17 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUk2_9le4o07lhTosWPTqwbQFMuy69uTAGwU2uf-3ncGN7AH9sDlKUNG8mah; expires=Wed, 24-Mar-2021 20:59:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 28 Feb 2020 20:59:17 GMT
cache-control: private

GET
H/1.1 200
OK count-data.js Show response
seguranca-informatica.disqus.com/ 281 B
820 B 24ms
24ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count-data.js?1=6738%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D6738

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3249ae2fcee39969b14fda48ab3f363d8c83f0ec7924ac670c38a010c8668dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 449
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control: public, max-age=600
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Length: 281
X-XSS-Protection: 1; mode=block

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 188 KB
13 KB 275ms
256ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_sirpedrotavares_old&dnt=false&domain=seguranca-informatica.pt&lang=pt&screen_name=sirpedrotavares&suppress_response_codes=true&t=1758803&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

97acbdd74b54a6d22ea8714620e97e162da1531fea7af1c7c880f72fe1ffe9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 13151
x-xss-protection: 0
x-response-time: 229
last-modified: Fri, 28 Feb 2020 20:59:17 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 71a73f3468f3ebbc232b1d24e8ed9108
timing-allow-origin: *
x-transaction: 002a986f0089ef77
expires: Fri, 28 Feb 2020 21:04:17 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 144ms
144ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1582923557096%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 28 Feb 2020 20:59:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6d9d571391331caff30c63ddb09be299
x-transaction: 0069aea600a75f5e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
121 B 144ms
144ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1582923557099%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Fri, 28 Feb 2020 20:59:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6d9d571391331caff30c63ddb09be299
x-transaction: 00cfe39d00889f65
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 21 KB
4 KB 189ms
172ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1042657116966854656%2C1227957576047955971&lang=pt&suppress_response_codes=true&theme=light&tz=GMT%2B0100

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

aba46cade7649c006f9326d7c0541c1dc72c65ef3e688f615e3d0492659d92f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 3209
x-xss-protection: 0
x-response-time: 148
last-modified: Fri, 28 Feb 2020 20:59:17 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: 16575debecfd67bcfaab855b98e5c0c8
timing-allow-origin: *
x-transaction: 00ce6ed10079f2c9
expires: Fri, 28 Feb 2020 21:00:17 GMT

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 34ms
34ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 28 Feb 2020 20:59:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 109ms
37ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Fri, 28 Feb 2020 20:59:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

POST
H2 200 /
www.facebook.com/tr/ 0
57 B 7ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydO6swiiTP9OONkKz

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://seguranca-informatica.pt
date: Fri, 28 Feb 2020 20:59:17 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

GET
H2 200 1f914.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 9ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f914.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4194) /

Resource Hash

5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 20411023
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 25
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECS (fcn/4194)
etag: "X7St/AzVm+1oZjkmNZWNow=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fb521a34b6bc2a682121ddbfb0ad765f
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ 715 B
853 B 10ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26120552
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2816c50e051b641a197ca12e623703eb
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 9ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 20228078
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H/1.1 200
OK tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
12 KB 8ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash: 5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:19 GMT
Server: ECS (fcn/41AD)
Age: 333585
Etag: "7a92a961c027712f349e184a0eafdd76+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11516

GET
H/1.1 200
OK tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 7ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:19 GMT
Server: ECS (fcn/41AD)
Age: 333585
Etag: "7a92a961c027712f349e184a0eafdd76+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 11516

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 715 B
788 B 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26120552
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2816c50e051b641a197ca12e623703eb
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 20228078
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 525 B
669 B 8ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 25827522
x-ton-expected-size: 525
x-cache: HIT
status: 200
content-length: 525
x-response-time: 29
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E4)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 44f53c17a381135624ec3079c086ecb1
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 _8LFDYv3
pbs.twimg.com/card_img/1233104152164741121/ Frame 8A41 5 KB
6 KB 27ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233104152164741121/_8LFDYv3?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

78fe94eba585051f39065ad92b635dde205c1c630119d1ccc053dd91c7125e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 93636
x-cache: HIT
status: 200
content-length: 5540
x-response-time: 155
surrogate-key: card_img card_img/bucket/5 card_img/1233104152164741121
last-modified: Thu, 27 Feb 2020 18:56:34 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: df44b9035e16382dafe2d5a1654630fb
accept-ranges: bytes

GET
H2 200 GqUhvIYB
pbs.twimg.com/card_img/1232056823001370626/ Frame 8A41 7 KB
8 KB 27ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232056823001370626/GqUhvIYB?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a67e459108a1befb4333028d197385ad0c08b1993849e6ff788a3a73eaf281ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 342838
x-cache: HIT
status: 200
content-length: 7528
x-response-time: 159
surrogate-key: card_img card_img/bucket/1 card_img/1232056823001370626
last-modified: Mon, 24 Feb 2020 21:34:51 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e34a0da531143d8efc6b70ee71a76447
accept-ranges: bytes

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 595 B
763 B 8ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 5563429
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:15 GMT

GET
H2 200 kkwRjwIo
pbs.twimg.com/card_img/1232372521015611392/ Frame 8A41 41 KB
41 KB 30ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232372521015611392/kkwRjwIo?format=jpg&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

e28aa2ae8428af731b24b14069aa5764d15ba96a610c02d4873fde753fbba4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 265460
x-cache: HIT
status: 200
content-length: 42124
x-response-time: 163
surrogate-key: card_img card_img/bucket/2 card_img/1232372521015611392
last-modified: Tue, 25 Feb 2020 18:29:20 GMT
server: ECS (fcn/40D4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b4f04e2aa4f6416320e23659a060b631
accept-ranges: bytes

GET
H2 200 wUDvgEGG
pbs.twimg.com/card_img/1231292793152327686/ Frame 8A41 6 KB
6 KB 37ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231292793152327686/wUDvgEGG?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

3a1f5fbfd21b64afa6b60f528452f0ab2d36ed4c5f60f38d16d39cdda111b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 523630
x-cache: HIT
status: 200
content-length: 5971
x-response-time: 144
surrogate-key: card_img card_img/bucket/7 card_img/1231292793152327686
last-modified: Sat, 22 Feb 2020 18:58:52 GMT
server: ECS (fcn/40B1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c33f41bdcbd30675cafa42823421701c
accept-ranges: bytes

GET
H2 200 zVA25hmx
pbs.twimg.com/card_img/1233051894215516162/ Frame 8A41 6 KB
6 KB 37ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233051894215516162/zVA25hmx?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

d917db98be0c63fe067de6db8e05a355d485b23ce1a9ae1f448917d917c1703e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 105054
x-cache: HIT
status: 200
content-length: 5784
x-response-time: 151
surrogate-key: card_img card_img/bucket/9 card_img/1233051894215516162
last-modified: Thu, 27 Feb 2020 15:28:55 GMT
server: ECS (fcn/40E4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9fab6207007f0efe07985b54c367ef46
accept-ranges: bytes

GET
H2 200 TuNyFis7
pbs.twimg.com/card_img/1232622162919346176/ Frame 8A41 5 KB
6 KB 36ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232622162919346176/TuNyFis7?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

fab8055997ff0288350c3f33ae344454da6703a815690e3d9d762e21d2f88b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 208099
x-cache: HIT
status: 200
content-length: 5571
x-response-time: 146
surrogate-key: card_img card_img/bucket/7 card_img/1232622162919346176
last-modified: Wed, 26 Feb 2020 11:01:19 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d48c9866999cd119fe950893936fe909
accept-ranges: bytes

GET
H2 200 5xlP6u1p
pbs.twimg.com/card_img/1231143193263136770/ Frame 8A41 9 KB
9 KB 15ms
13ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231143193263136770/5xlP6u1p?format=png&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

ab6e2aea36fc00f1e9bc1144915120c12372316926364a001fcf0891f5c9992c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 560188
x-cache: HIT
status: 200
content-length: 9455
x-response-time: 156
surrogate-key: card_img card_img/bucket/9 card_img/1231143193263136770
last-modified: Sat, 22 Feb 2020 09:04:25 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a53770780b29392f2d1006e9c77947f2
accept-ranges: bytes

GET
H2 200 _Am653-B
pbs.twimg.com/card_img/1232257389388345344/ Frame 8A41 6 KB
6 KB 16ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232257389388345344/_Am653-B?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

16d85eda8fc2124557f5eb85e7f354b04ae4fac7b65b193e5330db0a410edd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 294253
x-cache: HIT
status: 200
content-length: 5730
x-response-time: 123
surrogate-key: card_img card_img/bucket/2 card_img/1232257389388345344
last-modified: Tue, 25 Feb 2020 10:51:50 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12c1105188483f52c36eaa3bd09defbe
accept-ranges: bytes

GET
H2 200 zBC8FKuU
pbs.twimg.com/card_img/1231934557236137984/ Frame 8A41 5 KB
6 KB 16ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231934557236137984/zBC8FKuU?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

432cdf4a4c9797770ae30301462b910af6cd2b540eed43ef1ef71fb4d7e28507

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 371653
x-cache: HIT
status: 200
content-length: 5490
x-response-time: 151
surrogate-key: card_img card_img/bucket/5 card_img/1231934557236137984
last-modified: Mon, 24 Feb 2020 13:29:01 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e249575bb1054c5358fca59448887c79
accept-ranges: bytes

GET
H2 200 2BaAQgjl
pbs.twimg.com/card_img/1232133768531628034/ Frame 8A41 3 KB
3 KB 16ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232133768531628034/2BaAQgjl?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

a381ca264fd10dd9ccd65210fb7b98590396a7e5a5771d8977210a51e533369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 44398
x-cache: HIT
status: 200
content-length: 3386
x-response-time: 134
surrogate-key: card_img card_img/bucket/0 card_img/1232133768531628034
last-modified: Tue, 25 Feb 2020 02:40:37 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8973007afce7f29cf943f8c37fe2e8b3
accept-ranges: bytes

GET
H2 200 sIWHeHhU
pbs.twimg.com/card_img/1233047065745293312/ Frame 8A41 42 KB
42 KB 17ms
14ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233047065745293312/sIWHeHhU?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

96e5bc74d3a4296adc46b9e562d35d1df18dbbd1c7830e9b2e51e48bdb1b8557

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 106853
x-cache: HIT
status: 200
content-length: 42768
x-response-time: 149
surrogate-key: card_img card_img/bucket/9 card_img/1233047065745293312
last-modified: Thu, 27 Feb 2020 15:09:44 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 21a4fae4c37542e4475d3e7a52e7d9ca
accept-ranges: bytes

GET
H2 200 ZTxnPPFJ
pbs.twimg.com/card_img/1233000734716760064/ Frame 8A41 2 KB
2 KB 18ms
16ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233000734716760064/ZTxnPPFJ?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 116028
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1233000734716760064
last-modified: Thu, 27 Feb 2020 12:05:37 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c4cddc71a65ef3a8367d91dfa2ac2ef
accept-ranges: bytes

GET
H/1.1 200
OK timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ Frame 8A41 52 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:18 GMT
Server: ECS (fcn/40E4)
Age: 333585
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H/1.1 200
OK timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 20:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:11:18 GMT
Server: ECS (fcn/40E4)
Age: 333585
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H2 200 ulqnS4Wp_normal.jpeg
pbs.twimg.com/profile_images/459526045880692736/ 2 KB
2 KB 18ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/459526045880692736/ulqnS4Wp_normal.jpeg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419C) /

Resource Hash

1f716e4a20f1576ac132c61983738bdec01233aa6d620b579d721d77d43c6203

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 96226
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/9 profile_images/459526045880692736
last-modified: Fri, 25 Apr 2014 02:53:21 GMT
server: ECS (fcn/419C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a15887952f19b0dc0a651470d444f02c
accept-ranges: bytes

GET
H2 200 hv6uNxUO_normal.jpg
pbs.twimg.com/profile_images/1181065514841452544/ 2 KB
2 KB 18ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1181065514841452544/hv6uNxUO_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4192) /

Resource Hash

08d38465f7deb0eafc0fecf810e07a6fc5e54cc7026de2b94f8fbd4db2496d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 215480
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/9 profile_images/1181065514841452544
last-modified: Mon, 07 Oct 2019 04:33:36 GMT
server: ECS (fcn/4192)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17ab7e7f50a0380bc8acaac9b7d43735
accept-ranges: bytes

GET
H2 200 DnhCtSpW0AAXaZR
pbs.twimg.com/media/ 14 KB
14 KB 19ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DnhCtSpW0AAXaZR?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

92dabae279cc6f895dbf8643d95c1b8e7e358c20dcb9c1bebe31ed035dfbf5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 363395
x-cache: HIT
status: 200
content-length: 14266
x-response-time: 115
surrogate-key: media media/bucket/0 media/1042656659603116032
last-modified: Thu, 20 Sep 2018 06:06:13 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 022428168fda537f756227179abbbbc8
accept-ranges: bytes

GET
H2 200 DnhC0BtX4AU3Y6c
pbs.twimg.com/media/ 8 KB
8 KB 19ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DnhC0BtX4AU3Y6c?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

4d70110191d592cb4471af6c2a099005ffc4c27a570fdbb6609e3ea2f4e003b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 363395
x-cache: HIT
status: 200
content-length: 7795
x-response-time: 106
surrogate-key: media media/bucket/7 media/1042656775315644421
last-modified: Thu, 20 Sep 2018 06:06:41 GMT
server: ECS (fcn/41AA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c1a29050aab511d3a5d068a9405ea945
accept-ranges: bytes

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ 715 B
788 B 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26120552
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2816c50e051b641a197ca12e623703eb
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 20228078
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 TB7O3TW0_normal.jpg
pbs.twimg.com/profile_images/1058367083518529536/ 2 KB
2 KB 20ms
18ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1058367083518529536/TB7O3TW0_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26777
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/1 profile_images/1058367083518529536
last-modified: Fri, 02 Nov 2018 14:33:50 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f3f7c6251dac2559a9be89a67573467
accept-ranges: bytes

GET
H2 200 EQqU5v8X0AAO-Mm
pbs.twimg.com/media/ 38 KB
38 KB 21ms
18ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5v8X0AAO-Mm?format=png&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

1bf4f160b55861995cb828c6046794c3d3a723bf71aa0fd6d57bc28865f6e753

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 127459
x-cache: HIT
status: 200
content-length: 39097
x-response-time: 113
surrogate-key: media media/bucket/4 media/1227957568255021056
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3a0e147d4e1aaebcc50a7f1130d8c43d
accept-ranges: bytes

GET
H2 200 EQqU5v0X0AATmN9
pbs.twimg.com/media/ 7 KB
7 KB 21ms
19ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5v0X0AATmN9?format=png&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

56f2e0ce4fae140920ac3bb2816c20d518839d892a47ac06274688e33316db95

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 127459
x-cache: HIT
status: 200
content-length: 6857
x-response-time: 120
surrogate-key: media media/bucket/1 media/1227957568221466624
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eb811f9314618e7049e9e5a18f2c5f63
accept-ranges: bytes

GET
H2 200 EQqU5vzXUAAz2bz
pbs.twimg.com/media/ 18 KB
18 KB 21ms
19ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5vzXUAAz2bz?format=png&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

a1ca138ac4d03a94874ccf301f0beccce0359fefc3858016c05fc4f98f50d711

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 127459
x-cache: HIT
status: 200
content-length: 18149
x-response-time: 120
surrogate-key: media media/bucket/6 media/1227957568217239552
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 361744a7916ff807ae7f175f4be58c7c
accept-ranges: bytes

GET
H2 200 TB7O3TW0_normal.jpg
pbs.twimg.com/profile_images/1058367083518529536/ Frame 8A41 2 KB
2 KB 29ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1058367083518529536/TB7O3TW0_normal.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26777
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/1 profile_images/1058367083518529536
last-modified: Fri, 02 Nov 2018 14:33:50 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f3f7c6251dac2559a9be89a67573467
accept-ranges: bytes

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 525 B
599 B 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 25827522
x-ton-expected-size: 525
x-cache: HIT
status: 200
content-length: 525
x-response-time: 29
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E4)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 44f53c17a381135624ec3079c086ecb1
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 715 B
788 B 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 26120552
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2816c50e051b641a197ca12e623703eb
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 595 B
669 B 7ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 5563429
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:15 GMT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 8A41 1 KB
1 KB 8ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 20228078
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 27 Feb 2021 20:59:17 GMT

GET
H2 200 4ae724ea6ed248d871bc9d523ae1c24e_normal.png
pbs.twimg.com/profile_images/3703513695/ Frame 8A41 7 KB
7 KB 22ms
20ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 214668
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/2 profile_images/3703513695
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7b3a058c166a2612e77484c847ea44f9
accept-ranges: bytes

GET
H2 200 QYi5q6cu_normal.jpg
pbs.twimg.com/profile_images/1225918984920264705/ Frame 8A41 2 KB
2 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1225918984920264705/QYi5q6cu_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

e9baf8a2947cbb0d036aa759956cb481c7013f86f33fdabc8ff9c13a270bc7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 17231
x-cache: HIT
status: 200
content-length: 2187
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/8 profile_images/1225918984920264705
last-modified: Fri, 07 Feb 2020 23:05:17 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: efdb88a921778a9e79d480f56e11e5ef
accept-ranges: bytes

GET
H2 200 zXdMd4Pi_normal.jpg
pbs.twimg.com/profile_images/953261663523823622/ Frame 8A41 2 KB
2 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/953261663523823622/zXdMd4Pi_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

5b9973a9922bbeb2fdd16f97e181350e2d803727d9ddcdf15f5d7f05cf942229

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 428836
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/8 profile_images/953261663523823622
last-modified: Tue, 16 Jan 2018 13:42:25 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2926c4709b7430fd9f6b882661f7a4ed
accept-ranges: bytes

GET
H2 200 ERyg5irWAAAX1u4
pbs.twimg.com/media/ Frame 8A41 23 KB
23 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERyg5irWAAAX1u4?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

49dfb51713d4b9ed7e7d9ea6b19e962739073df82adf08b78ab1546956d3e4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 109469
x-cache: HIT
status: 200
content-length: 23189
x-response-time: 155
surrogate-key: media media/bucket/7 media/1233037308414263296
last-modified: Thu, 27 Feb 2020 14:30:57 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bbafd31e0639fdce9753bef8166799dd
accept-ranges: bytes

GET
H2 200 ERj2io7WoAAovIb
pbs.twimg.com/media/ Frame 8A41 28 KB
28 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERj2io7WoAAovIb?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

a5c5d2fdd199f132fad9224b04c4437a6f4474a5ddd84c8ed74c9d5717c7e0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 355168
x-cache: HIT
status: 200
content-length: 28383
x-response-time: 248
surrogate-key: media media/bucket/5 media/1232005573048180736
last-modified: Mon, 24 Feb 2020 18:11:12 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0f38e3978050eb18bbb442297267e825
accept-ranges: bytes

GET
H2 200 ERT9qtNXYAIRIpc
pbs.twimg.com/media/ Frame 8A41 44 KB
44 KB 23ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERT9qtNXYAIRIpc?format=jpg&name=small

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

355345ae3fc3603671600739d1f836c6e04de212ea4b0baa3451c0aa516fdcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 17226
x-cache: HIT
status: 200
content-length: 44907
x-response-time: 120
surrogate-key: media media/bucket/4 media/1230887508310974466
last-modified: Fri, 21 Feb 2020 16:08:25 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dc4c2bdb5b91c0d76ceb59ff89b9d0c3
accept-ranges: bytes

GET
H2 200 ERERs2OW4AMtmaK
pbs.twimg.com/media/ Frame 8A41 15 KB
15 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERERs2OW4AMtmaK?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

1ac9e75958dbca7ca4c83ecea23a8e9235b21c155b8aab1380e54708ac0e5274

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 280208
x-cache: HIT
status: 200
content-length: 15689
x-response-time: 113
surrogate-key: media media/bucket/1 media/1229783635416506371
last-modified: Tue, 18 Feb 2020 15:02:01 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 266010dfb5d10883201ced340928f88c
accept-ranges: bytes

GET
H2 200 ER3oA75XUAAF15o
pbs.twimg.com/media/ Frame 8A41 45 KB
45 KB 23ms
21ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ER3oA75XUAAF15o?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

d49cba82eb834ffdfbed256f055b035415fd2ea872f479ddd986baf338f81205

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 23756
x-cache: HIT
status: 200
content-length: 45696
x-response-time: 164
surrogate-key: media media/bucket/0 media/1233396975745323008
last-modified: Fri, 28 Feb 2020 14:20:09 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1078a851aeb92e67dc6732cdbe446861
accept-ranges: bytes

GET
H2 200 ER3oGQaX0AIlMkl
pbs.twimg.com/media/ Frame 8A41 3 KB
3 KB 23ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ER3oGQaX0AIlMkl?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

c78ee3559d01870f71de91e1771700ea5f98a27e6a8e8352adbf692e761f2c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 23756
x-cache: HIT
status: 200
content-length: 3321
x-response-time: 144
surrogate-key: media media/bucket/3 media/1233397067151822850
last-modified: Fri, 28 Feb 2020 14:20:30 GMT
server: ECS (fcn/40FA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1fe15d0f021cdc409e4636f72ee6d507
accept-ranges: bytes

GET
H2 200 ER3oHrAX0AEjvlf
pbs.twimg.com/media/ Frame 8A41 4 KB
4 KB 23ms
21ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ER3oHrAX0AEjvlf?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

bdb197e8ba174a576c0cc3b427288a16d53c0d82ab2d65ae556a30ca7260864e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 23756
x-cache: HIT
status: 200
content-length: 4451
x-response-time: 145
surrogate-key: media media/bucket/5 media/1233397091470397441
last-modified: Fri, 28 Feb 2020 14:20:36 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bc418dbd981997bd8b549bdbbe1104de
accept-ranges: bytes

GET
H2 200 ER3oIdwX0AEfyGR
pbs.twimg.com/media/ Frame 8A41 6 KB
7 KB 29ms
27ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ER3oIdwX0AEfyGR?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

5b5204469495d7e7f9912ff2fc0ab6db4e6b461119b5ffbcb160ab1d3f3b1634

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 23756
x-cache: HIT
status: 200
content-length: 6541
x-response-time: 145
surrogate-key: media media/bucket/7 media/1233397105093496833
last-modified: Fri, 28 Feb 2020 14:20:39 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 74f4ca81d61f29babb64af1078ccc78c
accept-ranges: bytes

GET
H2 200 EQqU5v8X0AAO-Mm
pbs.twimg.com/media/ Frame 8A41 20 KB
20 KB 23ms
21ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5v8X0AAO-Mm?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

b2d95aab1fa68f5a4992d77c81e6f22ff2b3cd9e2cf973574a40ee570b33e201

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 109745
x-cache: HIT
status: 200
content-length: 20064
x-response-time: 113
surrogate-key: media media/bucket/4 media/1227957568255021056
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d99c19d6906cf0f9624c550d2bac92ef
accept-ranges: bytes

GET
H2 200 EQqU5v0X0AATmN9
pbs.twimg.com/media/ Frame 8A41 4 KB
4 KB 29ms
27ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5v0X0AATmN9?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

4348db802338ee15d892aad2e8f5d23067db2b031334f75c2dab3e0d62c5bca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 109745
x-cache: HIT
status: 200
content-length: 4078
x-response-time: 112
surrogate-key: media media/bucket/1 media/1227957568221466624
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9ff273a8e59225d7a3da7251ef1bac6d
accept-ranges: bytes

GET
H2 200 EQqU5vzXUAAz2bz
pbs.twimg.com/media/ Frame 8A41 9 KB
9 KB 29ms
28ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQqU5vzXUAAz2bz?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

9b8bec7394a89e0648c80ed02be277a6b215e7c20c55be122fc7966839aa7330

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 109745
x-cache: HIT
status: 200
content-length: 8716
x-response-time: 123
surrogate-key: media media/bucket/6 media/1227957568217239552
last-modified: Thu, 13 Feb 2020 14:05:53 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4896ae27549cd56c5dc0292c45a4d98c
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 8A41 44 KB
7 KB 9ms
8ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578955
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 91e140f50fe01158f53386c82894c9ab
accept-ranges: bytes
expires: Fri, 06 Mar 2020 20:59:17 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 9ms
8ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578955
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 91e140f50fe01158f53386c82894c9ab
accept-ranges: bytes
expires: Fri, 06 Mar 2020 20:59:17 GMT

GET
DATA 200
OK truncated
/ Frame 8A41 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8A41 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8A41 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8A41 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8A41 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 lounge.79832c8092a844b16035493e85c191b7.css
c.disquscdn.com/next/embed/styles/ 0
21 KB 19ms
19ms Other
text/css 2606:4700::6810:4ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.79832c8092a844b16035493e85c191b7.css

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256008
cf-ray: 56c5524a396ebebf-FRA
status: 200
vary: Accept-Encoding
content-length: 21655
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 21:42:27 GMT
server: cloudflare
etag: "5e5594c3-5497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Feb 2021 21:52:28 GMT

GET
H2 200 common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js
c.disquscdn.com/next/embed/ 0
89 KB 20ms
20ms Other
application/javascript 2606:4700::6810:4ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.b9167d06dc7bd01b59d6d6332d6aafa1.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1840638
cf-ray: 56c5524a3970bebf-FRA
status: 200
vary: Accept-Encoding
content-length: 90471
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-16167"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 22:39:15 GMT

GET
H2 200 lounge.bundle.e2230ecfab5b984e94b653703b226e5c.js
c.disquscdn.com/next/embed/ 0
108 KB 23ms
23ms Other
application/javascript 2606:4700::6810:4ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e2230ecfab5b984e94b653703b226e5c.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 256008
cf-ray: 56c5524a3971bebf-FRA
status: 200
vary: Accept-Encoding
content-length: 110638
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Feb 2020 21:42:27 GMT
server: cloudflare
etag: "5e5594c3-1b02e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Feb 2021 21:52:28 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
6 KB 61ms
20ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Timing-Allow-Origin: *
Date: Fri, 28 Feb 2020 20:59:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 46
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 5454
X-XSS-Protection: 1; mode=block

GET
H2 200 Em1BA_LebhLQp5bLUrdFqg21Od4.js Show response
seguranca-informatica.pt/cdn-cgi/apps/head/ Frame EC08 6 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/head/Em1BA_LebhLQp5bLUrdFqg21Od4.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe67d41f8bbad5601512b523e13cc623dfb5fa7290eee10780044420582a2f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1848072
cf-ray: 56c5524a889a26ee-FRA
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D39320D90C815D1F
x-amz-id-2: oJEgkw8GEhzKgVBANpJszcrYgQbfL+r13m33hj1u53bFqtH0Ax2t8VscMTtEKTK86XxwXqWdKxQ=
last-modified: Sun, 24 Mar 2019 01:11:12 GMT
server: cloudflare
etag: W/"a474776ce7a35ae97320f70135c52761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6Fi1r2jSU90h1iftvMS6aUJXPgHH7A.S
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8

GET
H2 200 lampion_cover-768x323-1-300x126.jpg
seguranca-informatica.pt/wp-content/uploads/2020/02/ Frame EC08 15 KB
16 KB 11ms
11ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/02/lampion_cover-768x323-1-300x126.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310ccd71effae748ebe26c3e548967f4f002096241942721f5003898f6cbfbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3007
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 15785
referrer-policy
last-modified: Thu, 27 Feb 2020 14:22:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c5524a889b26ee-FRA

GET
H2 200 cropped-ico-32x32.png
seguranca-informatica.pt/wp-content/uploads/2018/02/ Frame EC08 1 KB
2 KB 11ms
11ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/02/cropped-ico-32x32.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76796695c69c98de7907be3c50637347c33fe203414c13d6bfc1a2f67302b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3007
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1526
referrer-policy
last-modified: Tue, 13 Feb 2018 19:10:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 56c5524a889c26ee-FRA

GET
H2 200 qNcmPTj79EMUOrzZ4I-EprFF7Y8.js Show response
seguranca-informatica.pt/cdn-cgi/apps/body/ Frame EC08 28 KB
6 KB 14ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/body/qNcmPTj79EMUOrzZ4I-EprFF7Y8.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/cdn-cgi/apps/head/Em1BA_LebhLQp5bLUrdFqg21Od4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1125161
cf-ray: 56c5524aa8ac26ee-FRA
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 547E4B16049F9E42
x-amz-id-2: 00RXFHZiBmtF/pVqDKlAPbYaX9CbK/MZwBGu8spGJisd3UWcXMi/WO6DtULI9kNhoqVUUP5AUk4=
last-modified: Sun, 24 Mar 2019 01:11:11 GMT
server: cloudflare
etag: W/"2f0664ac054357af08048b56dbb23ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IsHIq3aNpPjbWPIxpMJiL1AFkBI._8J3
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8

GET
H2 200 wp-emoji-release.min.js Show response
seguranca-informatica.pt/wp-includes/js/ Frame EC08 14 KB
4 KB 18ms
17ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/lampion-malware-origin-servers-geolocated-in-turkey/embed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 11:19:33 GMT
server: cloudflare
age: 3007
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 56c5524aa8ae26ee-FRA
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ Frame EC08 196 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame EC08 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame EC08 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 _8LFDYv3
pbs.twimg.com/card_img/1233104152164741121/ Frame 8A41 5 KB
6 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233104152164741121/_8LFDYv3?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

78fe94eba585051f39065ad92b635dde205c1c630119d1ccc053dd91c7125e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 93636
x-cache: HIT
status: 200
content-length: 5540
x-response-time: 155
surrogate-key: card_img card_img/bucket/5 card_img/1233104152164741121
last-modified: Thu, 27 Feb 2020 18:56:34 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: df44b9035e16382dafe2d5a1654630fb
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame EC08 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 GqUhvIYB
pbs.twimg.com/card_img/1232056823001370626/ Frame 8A41 7 KB
8 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232056823001370626/GqUhvIYB?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a67e459108a1befb4333028d197385ad0c08b1993849e6ff788a3a73eaf281ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 342838
x-cache: HIT
status: 200
content-length: 7528
x-response-time: 159
surrogate-key: card_img card_img/bucket/1 card_img/1232056823001370626
last-modified: Mon, 24 Feb 2020 21:34:51 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e34a0da531143d8efc6b70ee71a76447
accept-ranges: bytes

GET
H2 200 kkwRjwIo
pbs.twimg.com/card_img/1232372521015611392/ Frame 8A41 41 KB
41 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232372521015611392/kkwRjwIo?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

e28aa2ae8428af731b24b14069aa5764d15ba96a610c02d4873fde753fbba4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 265460
x-cache: HIT
status: 200
content-length: 42124
x-response-time: 163
surrogate-key: card_img card_img/bucket/2 card_img/1232372521015611392
last-modified: Tue, 25 Feb 2020 18:29:20 GMT
server: ECS (fcn/40D4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b4f04e2aa4f6416320e23659a060b631
accept-ranges: bytes

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame D8BD 0
0 165ms
165ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=6738%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D6738&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&t_e=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&t_d=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&t_t=Targeting%20Portugal%3A%20A%20new%20trojan%20%E2%80%98Lampion%E2%80%99%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax&s_o=default

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Sat, 28 Dec 2019 17:34:38 GMT
ETag: W/"lounge:view:7786658422.d23f99ea7e4f28d3687d0e515234f050.2"
Content-Encoding: gzip
Content-Length: 2713
Date: Fri, 28 Feb 2020 20:59:17 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 wUDvgEGG
pbs.twimg.com/card_img/1231292793152327686/ Frame 8A41 6 KB
6 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231292793152327686/wUDvgEGG?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

3a1f5fbfd21b64afa6b60f528452f0ab2d36ed4c5f60f38d16d39cdda111b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 523630
x-cache: HIT
status: 200
content-length: 5971
x-response-time: 144
surrogate-key: card_img card_img/bucket/7 card_img/1231292793152327686
last-modified: Sat, 22 Feb 2020 18:58:52 GMT
server: ECS (fcn/40B1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c33f41bdcbd30675cafa42823421701c
accept-ranges: bytes

GET
H2 200 zVA25hmx
pbs.twimg.com/card_img/1233051894215516162/ Frame 8A41 6 KB
6 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233051894215516162/zVA25hmx?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

d917db98be0c63fe067de6db8e05a355d485b23ce1a9ae1f448917d917c1703e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 105054
x-cache: HIT
status: 200
content-length: 5784
x-response-time: 151
surrogate-key: card_img card_img/bucket/9 card_img/1233051894215516162
last-modified: Thu, 27 Feb 2020 15:28:55 GMT
server: ECS (fcn/40E4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9fab6207007f0efe07985b54c367ef46
accept-ranges: bytes

GET
H2 200 TuNyFis7
pbs.twimg.com/card_img/1232622162919346176/ Frame 8A41 5 KB
6 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232622162919346176/TuNyFis7?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

fab8055997ff0288350c3f33ae344454da6703a815690e3d9d762e21d2f88b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 208099
x-cache: HIT
status: 200
content-length: 5571
x-response-time: 146
surrogate-key: card_img card_img/bucket/7 card_img/1232622162919346176
last-modified: Wed, 26 Feb 2020 11:01:19 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d48c9866999cd119fe950893936fe909
accept-ranges: bytes

GET
H2 200 5xlP6u1p
pbs.twimg.com/card_img/1231143193263136770/ Frame 8A41 9 KB
9 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231143193263136770/5xlP6u1p?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

ab6e2aea36fc00f1e9bc1144915120c12372316926364a001fcf0891f5c9992c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 560188
x-cache: HIT
status: 200
content-length: 9455
x-response-time: 156
surrogate-key: card_img card_img/bucket/9 card_img/1231143193263136770
last-modified: Sat, 22 Feb 2020 09:04:25 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a53770780b29392f2d1006e9c77947f2
accept-ranges: bytes

GET
H2 200 _Am653-B
pbs.twimg.com/card_img/1232257389388345344/ Frame 8A41 6 KB
6 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232257389388345344/_Am653-B?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

16d85eda8fc2124557f5eb85e7f354b04ae4fac7b65b193e5330db0a410edd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 294253
x-cache: HIT
status: 200
content-length: 5730
x-response-time: 123
surrogate-key: card_img card_img/bucket/2 card_img/1232257389388345344
last-modified: Tue, 25 Feb 2020 10:51:50 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12c1105188483f52c36eaa3bd09defbe
accept-ranges: bytes

GET
H2 200 zBC8FKuU
pbs.twimg.com/card_img/1231934557236137984/ Frame 8A41 5 KB
6 KB 10ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231934557236137984/zBC8FKuU?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

432cdf4a4c9797770ae30301462b910af6cd2b540eed43ef1ef71fb4d7e28507

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 371653
x-cache: HIT
status: 200
content-length: 5490
x-response-time: 151
surrogate-key: card_img card_img/bucket/5 card_img/1231934557236137984
last-modified: Mon, 24 Feb 2020 13:29:01 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e249575bb1054c5358fca59448887c79
accept-ranges: bytes

GET
H2 200 2BaAQgjl
pbs.twimg.com/card_img/1232133768531628034/ Frame 8A41 3 KB
3 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232133768531628034/2BaAQgjl?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

a381ca264fd10dd9ccd65210fb7b98590396a7e5a5771d8977210a51e533369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 44398
x-cache: HIT
status: 200
content-length: 3386
x-response-time: 134
surrogate-key: card_img card_img/bucket/0 card_img/1232133768531628034
last-modified: Tue, 25 Feb 2020 02:40:37 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8973007afce7f29cf943f8c37fe2e8b3
accept-ranges: bytes

GET
H2 200 2BaAQgjl
pbs.twimg.com/card_img/1232133768531628034/ Frame 8A41 3 KB
3 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232133768531628034/2BaAQgjl?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

a381ca264fd10dd9ccd65210fb7b98590396a7e5a5771d8977210a51e533369a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 44398
x-cache: HIT
status: 200
content-length: 3386
x-response-time: 134
surrogate-key: card_img card_img/bucket/0 card_img/1232133768531628034
last-modified: Tue, 25 Feb 2020 02:40:37 GMT
server: ECS (fcn/41A9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8973007afce7f29cf943f8c37fe2e8b3
accept-ranges: bytes

GET
H2 200 sIWHeHhU
pbs.twimg.com/card_img/1233047065745293312/ Frame 8A41 42 KB
42 KB 8ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233047065745293312/sIWHeHhU?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

96e5bc74d3a4296adc46b9e562d35d1df18dbbd1c7830e9b2e51e48bdb1b8557

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 106853
x-cache: HIT
status: 200
content-length: 42768
x-response-time: 149
surrogate-key: card_img card_img/bucket/9 card_img/1233047065745293312
last-modified: Thu, 27 Feb 2020 15:09:44 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 21a4fae4c37542e4475d3e7a52e7d9ca
accept-ranges: bytes

GET
H2 200 ZTxnPPFJ
pbs.twimg.com/card_img/1233000734716760064/ Frame 8A41 2 KB
2 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1233000734716760064/ZTxnPPFJ?format=png&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
x-content-type-options: nosniff
age: 116028
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 145
surrogate-key: card_img card_img/bucket/0 card_img/1233000734716760064
last-modified: Thu, 27 Feb 2020 12:05:37 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c4cddc71a65ef3a8367d91dfa2ac2ef
accept-ranges: bytes

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 16ms
15ms Script
application/javascript 2606:4700::6810:4ca6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18882694
cf-ray: 56c5524cec41bebf-FRA
status: 200
vary: Accept-Encoding
content-length: 6605
x-xss-protection: 1; mode=block
last-modified: Wed, 15 May 2019 00:01:52 GMT
server: cloudflare
etag: "5cdb56f0-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 May 2020 02:07:22 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 282 B
916 B 98ms
52ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&subId=5368311&v=1&jsonp=vglnk_jsonp_15829235579180
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 438ece90b026f0fd27af929b11c19095833e260007cdec2b2153f1aa6bdd169b

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
Origin: https://seguranca-informatica.pt
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Feb 2020 20:59:18 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://seguranca-informatica.pt
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 282
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 190 B
399 B 54ms
42ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_k2sp0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15651ba61a7311fa5310c7a2c407aaa3e1da7d29ae2a5ca12c7d0be53d959170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 28 Feb 2020 20:59:17 GMT, Fri, 28 Feb 2020 20:59:18 GMT
x-fb-rev: 1001772193
alt-svc: h3-24=":443"; ma=3600
content-length: 190
pragma: no-cache
x-fb-debug: xp0y0DNW3pwLdfctva5SkNogbjXqWfx3UBOAXSMY2wnwPAGYvfFbmPpn7ql7vuFigsWjE6drKqTQ0sZZTXwHrA==
x-fb-trace-id: HodDuLlaJ0L
etag: "0d69ac7aefd0c65cbd4d0944e543b0a6c46ad9a2"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AAQBeX9L83kYpf6_QtzL8Vo
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
371 B 210ms
207ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&callback=_ate.cbs.rcb_6cl50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7dbff78b07c5dab30683821fdc680d8922841dac080230b8a3e8c727f132e546

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
last-modified: Fri, 28 Feb 2020 20:59:18 GMT
server: nginx/1.15.8
date: Fri, 28 Feb 2020 20:59:18 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2 200 / Show response
graph.facebook.com/ 189 B
645 B 50ms
39ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_1myo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8fa1af06ef97f5260ad3049ee4a357a0a947bb0ceb74ae974073ca78829dd6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 28 Feb 2020 20:59:17 GMT, Fri, 28 Feb 2020 20:59:17 GMT
x-fb-rev: 1001772193
alt-svc: h3-24=":443"; ma=3600
content-length: 189
pragma: no-cache
x-fb-debug: XSE6bkQqzHmGTaaQefTmCHW/tbnYbPK7yUce9rE6/3qcS5rBo+9eQBvCdscBsaGFKj/5Tor9XSJ2anJFEsEE6w==
x-fb-trace-id: Fe15AZHRmEm
etag: "0b19b0c14a7f1798bcc5953275fdd03c4f361595"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A8JxvtcO-KUDAQKCUBCKR8p
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
371 B 206ms
204ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&callback=_ate.cbs.rcb_arg50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

45ad846cd889fa2a8b4c5c8ae82aabcd9c30d4564ca80b2248b3508de331e852

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
last-modified: Fri, 28 Feb 2020 20:59:18 GMT
server: nginx/1.15.8
date: Fri, 28 Feb 2020 20:59:18 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 info.json Show response
www.reddit.com/api/ 3 KB
1 KB 222ms
165ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&jsonp=_ate.cbs.rcb_5fea0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

84c21dee42b3a9b17f07771e6d67e256f59acd345f20c3575ea0c1861d82662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1233
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4069-HHN
x-moose: majestic
server: snooserv
x-timer: S1582923558.033218,VS0,VE140
x-frame-options: SAMEORIGIN
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 196 B
226 B 179ms
118ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&callback=window._ate.cbs.rcb_gj1d0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fda4040bb8d1c1a1aa10331591eb8e1ebf0565f794d3c9e35b873f5e04b3b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-pinterest-host: widgets.pinterest.com
date: Fri, 28 Feb 2020 20:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
status: 200
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
access-control-allow-origin: *
x-pinterest-rid: 0564005847631784
expires: Fri, 28 Feb 2020 21:14:18 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
669 B 205ms
148ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&jsonp=_ate.cbs.rcb_1kvu0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

cfcaf919a79f4975d1ea9cc8f37943a0f1b82a74f9eef3dc8a37205ea8b2d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 20:59:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4069-HHN
x-moose: majestic
server: snooserv
x-timer: S1582923558.033119,VS0,VE124
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 194 B
418 B 177ms
116ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftargeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax%2F&callback=window._ate.cbs.rcb_ibd0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.3.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

545cb2ffa0689c8e0ce6b87f092c0c2ec61908ddeafef54ace51f17a82972857

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/targeting-portugal-a-new-trojan-lampion-has-spread-using-template-emails-from-the-portuguese-government-finance-tax/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-pinterest-host: widgets.pinterest.com
date: Fri, 28 Feb 2020 20:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
status: 200
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
access-control-allow-origin: *
x-pinterest-rid: 4764166971281936
expires: Fri, 28 Feb 2020 21:14:18 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 0DBC
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

10ms
9ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419B) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://seguranca-informatica.pt
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 333587
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 28 Feb 2020 20:59:18 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 25 Feb 2020 00:16:08 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419B)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 28 Feb 2020 20:59:18 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 28 Feb 2020 20:59:18 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 6d9d571391331caff30c63ddb09be299
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 118
x-transaction: 001ab4cb003cc757
x-tsa-request-body-time: 14
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:03:39	Name: IDE Value: AHWqTUk2_9le4o07lhTosWPTqwbQFMuy69uTAGwU2uf-3ncGN7AH9sDlKUNG8mah
seguranca-informatica.pt/	1970-01-19 07:42:05	Name: __atuvs Value: 5e597f24a60268b6000
seguranca-informatica.pt/	1970-01-19 17:09:21	Name: __atuvc Value: 1%7C9
.seguranca-informatica.pt/	1970-01-19 09:51:39	Name: _fbp Value: fb.1.1582923556712.1194652240
.seguranca-informatica.pt/	1970-01-19 08:25:15	Name: __cfduid Value: d99f7499e84d007bbdfe07dc7bb9660a31582923556
.seguranca-informatica.pt/	1970-01-20 01:13:15	Name: _ga Value: GA1.2.2036958240.1582923556
.seguranca-informatica.pt/	1970-01-19 07:42:03	Name: _gat Value: 1
.facebook.com/	1970-01-19 09:51:39	Name: fr Value: 0v9P1vG4Ydm6qRq9P..BeWX8k...1.0.BeWX8k.
.seguranca-informatica.pt/	1970-01-19 07:43:29	Name: _gid Value: GA1.2.575904760.1582923556

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
api-public.addthis.com
c.disquscdn.com
cdn.onesignal.com
cdn.syndication.twimg.com
connect.facebook.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
licensebuttons.net
links.services.disqus.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
s.w.org
s7.addthis.com
seguranca-informatica.disqus.com
seguranca-informatica.pt
syndication.twitter.com
ton.twimg.com
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
www.reddit.com
www.revista-programar.info
z.moatads.com
104.244.42.136
151.101.112.64
151.101.113.140
151.101.12.134
151.101.12.84
151.101.64.134
192.0.77.48
2.18.232.75
23.210.248.44
23.210.250.213
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:5d6
2606:4700:3037::681b:bc6c
2606:4700::6810:4ca6
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:815::200a
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a01:7e00::f03c:91ff:fe50:cccb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
72.246.168.118
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963
0805fa46a5ed3f4da936ef86d38dc7124827e4e926d00d429cbe87a5ea7c361e
08d38465f7deb0eafc0fecf810e07a6fc5e54cc7026de2b94f8fbd4db2496d6b
09d453b69bb73c6d13a392acbd8b06d5e4be7c89165a4b39eee7e264b911dfbf
0b58f95b79fd14e2ba91a94b005f5108a704704da54921b2ef6126dd0375f780
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e0ae96283c169474b8fa87a36c575b8f829c893917ed46d50947e2876404dd7
0fd2babd13d0dd478a92c0e6292f6ad1a580fd85522aa8b7b07d50945ccbee61
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110b9f208e47ab5c66dcb4e009d18d986cfbf77bf8a504a179170864768cf75a
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
15364b99996967453dc9893c3eb994d8e2460ab7c2fd97f658126701df1a01e5
15651ba61a7311fa5310c7a2c407aaa3e1da7d29ae2a5ca12c7d0be53d959170
15bbf601c2983f69c93238bcf2bb4c272cdcae10b1cfb5ad3989a8c482c30ab9
16d85eda8fc2124557f5eb85e7f354b04ae4fac7b65b193e5330db0a410edd0b
17277430134eac7b8aae75a000a3628f21e517bc260cd82997cf58f8ef4ba645
175816b9fb468426a0975743318beb4d28358e4edfca6cb1857f11622887e77f
180c7140c97508c6487f4f4886c5efab95018b30bc126655f78b57b2f9e02e66
191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ac9e75958dbca7ca4c83ecea23a8e9235b21c155b8aab1380e54708ac0e5274
1b45df64a966bc9091e771035c444fcbbebdd959b2f603712173e6c6eabaed1b
1bbd956a2e756e10a81432177887f6eb872e14e6da70af5734f8b7630da0d9da
1bf4f160b55861995cb828c6046794c3d3a723bf71aa0fd6d57bc28865f6e753
1d58eefb0fb79e96b05fed507790de879b937d8009287c3493b4b96a543f8c85
1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3
1f48cc33f125ac5a8a96ecd62ec068d6a894295606e3cd09737eae0b732ecad9
1f716e4a20f1576ac132c61983738bdec01233aa6d620b579d721d77d43c6203
1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
23963e3e52a11e5a469a77934367b8afa0a5bd1dc8e484157545a5fd48cf7000
2475dae845432b52e0bc442810b70f4011149dfcb8b332217d55a9ac3c122a66
2583790cbe49165e8bb88b6b45002b4bbbc4b978c9953874ec4faa0b88482ef3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
261a1dfeeccd3f6747dd6bb49e60579c2582910c2b225d23677772825bf7bc3d
268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354
268869c32bd3b6dc1805fa7bc931866cfede2a010a770beb30d50f2a760010f9
28670d388bf93eb7915514ba914ba5b8d4a93da1c06d1eca5b6b1a417e909988
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
310ccd71effae748ebe26c3e548967f4f002096241942721f5003898f6cbfbe7
315e735bd54203f4ef4cbcd46b701a31c793861ad8bcf5684752dd4db59ef6b6
3249ae2fcee39969b14fda48ab3f363d8c83f0ec7924ac670c38a010c8668dd5
343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b1654fb499c04eef32262ac25b45f10f4390b92bc659205ef776af5f84b190
355345ae3fc3603671600739d1f836c6e04de212ea4b0baa3451c0aa516fdcde
35b0c0e6482d5ba932ef33122c8d15386dcb7b4257dbbca42282893996e1cf29
36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c
37fc83e6a5db0a3eb9fcea9e7d21ee94624f2f7caa7f7f5f244c11f378a7e2ff
3a19c77ff33f8ea325055b8563e7415ffd2ae37f0bb50a12898801613037721e
3a1f5fbfd21b64afa6b60f528452f0ab2d36ed4c5f60f38d16d39cdda111b5d6
3b126de90fac31db6f811d47bf0ed21fa3293a3bb375de8017fb3fab44e3d760
3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f
432cdf4a4c9797770ae30301462b910af6cd2b540eed43ef1ef71fb4d7e28507
4348db802338ee15d892aad2e8f5d23067db2b031334f75c2dab3e0d62c5bca6
438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0
438ece90b026f0fd27af929b11c19095833e260007cdec2b2153f1aa6bdd169b
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4520fa38874ff6346df413a9de9e1494c47347f1f6ac142d4ba6c4ee379507fc
45ad846cd889fa2a8b4c5c8ae82aabcd9c30d4564ca80b2248b3508de331e852
47cfc4fe8ba0a0a7c7d077c1bb63c0e66d3b53947e5bd39a9ee4f6e2d3266991
48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028
49dfb51713d4b9ed7e7d9ea6b19e962739073df82adf08b78ab1546956d3e4e3
4bf08d76bba22604018e75f1f552f4b0e9c3c279e9b8e42d3908925f0b9e0ae6
4d70110191d592cb4471af6c2a099005ffc4c27a570fdbb6609e3ea2f4e003b5
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5037d3401856321993cf6dee7648d99d11a57659d3674dce0967f3d66b009191
507700dafc43742dff9cb5da9cf28338d46387ccdbebfe27dc9380af072149b8
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
52c7583dede85162c6b20a3fc8454e48d859f4fe0715401974cd589367625967
544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17
545cb2ffa0689c8e0ce6b87f092c0c2ec61908ddeafef54ace51f17a82972857
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565971e8c09ac170cfd188d5cafd137444e336b5e71120fb8736d2ef427596da
56f2e0ce4fae140920ac3bb2816c20d518839d892a47ac06274688e33316db95
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
59f063db3d46e0913c719064f2690a50120b97adec3ed9a452d9f5f13d73a3a9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2
5b5204469495d7e7f9912ff2fc0ab6db4e6b461119b5ffbcb160ab1d3f3b1634
5b9973a9922bbeb2fdd16f97e181350e2d803727d9ddcdf15f5d7f05cf942229
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
600ea43b9e01855ac53ae937648edcfb5e840a82b9a031b4625445c474dff0e0
603f97a3d74c8a23fdf6eedc6871ab25b92f203ce2b854120ba73f206d97ef00
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0
62d08378d888ba9b22ef1d896afa70861402b847307863ef32c8e5a841b3818a
62f40cb189a9c5e386f134167e4a6f9e7c4f98206a08f414b5d165ca632341dc
659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3
6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864
70bbfe5ccf646c79d71f3b3f07475510ba46619dd1cdaa4f2306923985b53e0f
70cb0ece268e5034f651baab3ea64a9679f1c40c7d2fca3be22982b4f529da29
70e1750f8a0ba5a98952d23016d63d033d744901ecf9846e117c4a2045e761cb
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
785544b635ceb6a5b5d2a9315ffc068cd9524d9339845871b9473d281630aaca
78fe94eba585051f39065ad92b635dde205c1c630119d1ccc053dd91c7125e90
7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e
7b7642ee69bfb367b8471fa2ce3c750c0e9a672acb55c268abd5e541ecfe16bf
7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd
7dbff78b07c5dab30683821fdc680d8922841dac080230b8a3e8c727f132e546
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215
7fda4040bb8d1c1a1aa10331591eb8e1ebf0565f794d3c9e35b873f5e04b3b65
818d4a89c0d981ee5cd138bffd9bed1977fbce5ee5310efffacdd67c4002aa28
8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84294b65bbfc0cd6021e609bbb7d36c432d242a66bd024d959ced0218db6ec3f
84c21dee42b3a9b17f07771e6d67e256f59acd345f20c3575ea0c1861d82662f
8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45
854b43d16805a4c287a71084fd69eab2c4b70dabfcc784416e56d7697e3227d7
85606bbfd0b2d0346f9de43f792d2924ded185c47027412c41241565ebae5fd0
85af764caf1a06ae6a5157778f0948982feda127210fea8b9cbd9c8e411addf4
85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f
88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cd1070f7b166dd6bc51cfc4b7adf763b048e6a93d7a9867adc1bec8f64162b4
8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f
8fa1af06ef97f5260ad3049ee4a357a0a947bb0ceb74ae974073ca78829dd6e5
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92dabae279cc6f895dbf8643d95c1b8e7e358c20dcb9c1bebe31ed035dfbf5c0
94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510
95481452eac7f0e75a07e3247d1467489abed5109f31b5aea93ee4d3bfe02b33
96e5bc74d3a4296adc46b9e562d35d1df18dbbd1c7830e9b2e51e48bdb1b8557
97acbdd74b54a6d22ea8714620e97e162da1531fea7af1c7c880f72fe1ffe9e8
99b90a86b2f904c81a7280d1f47325d0a02568f5c4e913cee34614b472e57538
9a44ab6217570448889e9e625c86288f47692343285d48fd2642e9f9e46c3158
9b8bec7394a89e0648c80ed02be277a6b215e7c20c55be122fc7966839aa7330
9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea
9e8ba191ff485ca1042fbf69d369385fa1917f924d6437b51ac67467b5dbcea3
a1ca138ac4d03a94874ccf301f0beccce0359fefc3858016c05fc4f98f50d711
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396
a381ca264fd10dd9ccd65210fb7b98590396a7e5a5771d8977210a51e533369a
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4d3d5b164af56834df5f29607bcafe2cae07e0bc743bab1cabe4680c647640d
a526ec72bf2fc2268364218f865eb1bd7fe4c9a3b58dade9803403bd7de0b6d9
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5c5d2fdd199f132fad9224b04c4437a6f4474a5ddd84c8ed74c9d5717c7e0fb
a67e459108a1befb4333028d197385ad0c08b1993849e6ff788a3a73eaf281ec
a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
ab6e2aea36fc00f1e9bc1144915120c12372316926364a001fcf0891f5c9992c
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
aba46cade7649c006f9326d7c0541c1dc72c65ef3e688f615e3d0492659d92f6
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd020b8dd50b9870a0161998ecd24d486cb2fa1edcba53301b11466ab9c1b20
b2d95aab1fa68f5a4992d77c81e6f22ff2b3cd9e2cf973574a40ee570b33e201
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b6243a76125ef19bcf4bac1c4e3aa9dc43fabd4fcf0a269524333bd29cef8f49
b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87
b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6
b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b
ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4
ba248c9f36442fceef93b25bc4577993797ab7255b16ec87be25d8cec31d559d
bbfff8d3134bdd9566c20dbf5e0a1298d868ad9597f7384681c66ac0ae2ceaaf
bc9739d0d7392121fdc9d51cee01553a500980a5ce417343483982c68e3e2625
bdb197e8ba174a576c0cc3b427288a16d53c0d82ab2d65ae556a30ca7260864e
be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a
bf72b1c7d9d0c312ef873099b2b5e7c0a96224f9bbb5aef62071ecd7aa9ad058
c09b261376b866f8af03a5f7e5acdf9c2fe2016a34782755158f31ffc67c0cf1
c15eccda5948fdbe2395f1facf149968199ecce24d5bab6d9e7fe618a54113cf
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e
c76796695c69c98de7907be3c50637347c33fe203414c13d6bfc1a2f67302b63
c78ee3559d01870f71de91e1771700ea5f98a27e6a8e8352adbf692e761f2c7c
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
c9eaf7c7edd128a8c797040b2b04c0e317aade07da069187644b1dde10a333d9
ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886
cf32d78a54a1e4bdb4d9e70fb1afd39def53bbdd140909115d3215e62811512c
cfcaf919a79f4975d1ea9cc8f37943a0f1b82a74f9eef3dc8a37205ea8b2d596
d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad
d1c72132e145825babf38b0f8c896196a6d818074ae0f800492ea9de76e3758f
d1fc775c909fc62733b5b04f281a95bc38e8adef61ac3831cd69bc777a5146b2
d232efc4e19febae2ac33a834e2030452117523cbb6df3a6082c244783926396
d49cba82eb834ffdfbed256f055b035415fd2ea872f479ddd986baf338f81205
d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b
d917db98be0c63fe067de6db8e05a355d485b23ce1a9ae1f448917d917c1703e
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
dead231224efb0abfe1c6421801b8bb2bc7258b2d9450efa32a3106ff8b7560e
debd2c4ea27fdfe9fc4dcb188dbf92eb249225f62400f878cf6ca98ad0fb906a
e0013618876b34d5f4dd21bac1fbcf419bb41e4929ec93a7acac9061ba2050a9
e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d
e28aa2ae8428af731b24b14069aa5764d15ba96a610c02d4873fde753fbba4e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5
e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056
e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794
e94a437cbb5995db9ff17e91bee85ffde16301a32199732d20b1dcc2ae356614
e9baf8a2947cbb0d036aa759956cb481c7013f86f33fdabc8ff9c13a270bc7cb
ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9
eab8de27de645e5b26b6cbd48545a6997f72956e40401714a0be09b2e2fa8d58
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
edc75bb3f98bff0eabe5354274629f5fb64939798c4654d6c245851718350211
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83
f2401623ae567bc1ee575b6702e3a178c8b4f6a58d29cdfa3caae48e03ff9b2e
f651c9826c89e6b04937027ce4205717f61ef9489c0f6927c4ac2d07945ded20
f6c8b579c8464973ba12d2e9295c17b074ded75edd820a08714cd5e1c3b328b8
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c
fab8055997ff0288350c3f33ae344454da6703a815690e3d9d762e21d2f88b97
fd7514da60aafd1648026a1ec16801b53e6eae3415a1296f2285ede8640066d4
fdf3003543c3572ba8dfc6a87a9289ebadde2db18f09a36657301eaccd157866
fe67d41f8bbad5601512b523e13cc623dfb5fa7290eee10780044420582a2f9f
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

seguranca-informatica.pt Open in urlscan Pro 2606:4700:3037::681b:bc6c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

100 %HTTPS

61 %IPv6

26 Domains

34 Subdomains

28 IPs

6 Countries

7252 kBTransfer

9525 kBSize

9 Cookies

25 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

100 %
HTTPS

61 %
IPv6

26
Domains

34
Subdomains

28
IPs

6
Countries

7252 kB
Transfer

9525 kB
Size

9
Cookies

248 HTTP transactions
16 data transactions