seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Submission: On May 15 via api (May 15th 2020, 4:20:25 pm UTC) from US

Summary HTTP 228 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 25 domains to perform 228 HTTP transactions. The main IP is 2606:4700:3037::681b:bc6c, located in United States and belongs to CLOUDFLARENET, US. The main domain is seguranca-informatica.pt.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.

This is the only time seguranca-informatica.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
82	2606:4700:303... 2606:4700:3037::681b:bc6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
71	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
4	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY)
228	28

82 2606:4700:3037::681b:bc6c (United States)

ASN13335 (CLOUDFLARENET, US)

seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feed.seguranca-informatica.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.75 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:5d6 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

seguranca-informatica.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	seguranca-informatica.pt seguranca-informatica.pt feed.seguranca-informatica.pt	5 MB
73	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com	779 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	110 KB
8	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com q.addthis.com	198 KB
7	doubleclick.net googleads.g.doubleclick.net
7	gstatic.com fonts.gstatic.com	69 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	183 KB
6	disqus.com seguranca-informatica.disqus.com disqus.com links.services.disqus.com	32 KB
5	facebook.com www.facebook.com graph.facebook.com	1 KB
4	disquscdn.com c.disquscdn.com	226 KB
4	facebook.net connect.facebook.net	278 KB
2	pinterest.com widgets.pinterest.com	510 B
2	reddit.com www.reddit.com	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	addthisedge.com v1.addthisedge.com	1 KB
1	moatads.com z.moatads.com	1 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	youtube.com www.youtube.com
1	onesignal.com cdn.onesignal.com	3 KB
1	licensebuttons.net licensebuttons.net	1 KB
1	paypalobjects.com www.paypalobjects.com
1	paypal.com 1 redirects www.paypal.com	576 B
1	googleapis.com fonts.googleapis.com	1 KB
228	25

	Domain	Requested by
81	seguranca-informatica.pt	seguranca-informatica.pt www.google-analytics.com
54	pbs.twimg.com	seguranca-informatica.pt platform.twitter.com
16	abs.twimg.com	seguranca-informatica.pt platform.twitter.com
7	platform.twitter.com	seguranca-informatica.pt platform.twitter.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	fonts.gstatic.com	seguranca-informatica.pt
5	pagead2.googlesyndication.com	seguranca-informatica.pt pagead2.googlesyndication.com
4	c.disquscdn.com	seguranca-informatica.disqus.com
4	connect.facebook.net	seguranca-informatica.pt connect.facebook.net
4	s7.addthis.com	seguranca-informatica.pt s7.addthis.com
3	www.facebook.com	seguranca-informatica.pt connect.facebook.net
3	seguranca-informatica.disqus.com	seguranca-informatica.pt seguranca-informatica.disqus.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	disqus.com	seguranca-informatica.disqus.com
2	ton.twimg.com	platform.twitter.com
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	api-public.addthis.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	syndication.twitter.com	1 redirects seguranca-informatica.pt
2	www.google-analytics.com	seguranca-informatica.pt www.google-analytics.com
1	links.services.disqus.com	c.disquscdn.com
1	q.addthis.com	s7.addthis.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.youtube.com	seguranca-informatica.pt
1	cdn.onesignal.com	seguranca-informatica.pt
1	licensebuttons.net	seguranca-informatica.pt
1	www.paypalobjects.com	seguranca-informatica.pt
1	www.paypal.com	1 redirects
1	feed.seguranca-informatica.pt	seguranca-informatica.pt
1	fonts.googleapis.com	seguranca-informatica.pt
228	37

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
feed.seguranca-informatica.pt
malpedia.caad.fkie.fraunhofer.de
github.com
ind.millenniumbcp.pt
www.linkedin.com
www.facebook.com
twitter.com
t.me
facebook.com
plus.google.com
youtube.com
www.pinterest.pt
www.trignosfera.pt
creativecommons.org
www.addthis.com
v1.addthis.com
linkedin.com
www.reddit.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-31` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh

This page contains 17 frames:

Primary Page: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Frame ID: 299C07A62815ADC376C0E34AB5899A3B
Requests: 144 HTTP requests in this frame

Frame: https://www.youtube.com/embed/eqyuAj9hvy4
Frame ID: 336998C05536DAD5F5C2C5C43D953340
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html
Frame ID: 77EBFA68A0C95857D3CFD3AA56A5574D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7AF3C6C5E9F875FB481944D1B310A5A9
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B2299F7DBC44FB367EFC6B734C93C981
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=113310500&adf=1156217956&w=740&fwrn=4&lmt=1589559607&rafmt=11&psa=1&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&wgl=1&adsid=NT&dt=1589559607128&bpp=21&bdt=399&idt=334&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5934179784681&frm=20&pv=2&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=2826483617709887&dssz=75&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1203&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8NHB5zs5Ae&p=https%3A//seguranca-informatica.pt&dtd=356
Frame ID: 234E509255102245F8556540721A6C63
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Frame ID: 8A2FC38F58C60A2B1549D68EB3EC7BEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559607&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559607397&bpp=3&bdt=668&idt=270&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=276
Frame ID: 1B6E8D95D593F26308C60465456A36B9
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f9d0.png
Frame ID: 9D5D5B6526B04A13FEC1D481D73FEBE1
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559607&rafmt=1&to=qs&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=1&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=hl5PBShf7O&p=https%3A//seguranca-informatica.pt&dtd=86
Frame ID: 9B076671799D92EAE0821078BFF27791
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=3429474278&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=2&bdt=1157&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2785&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jsgeuSC2Ba&p=https%3A//seguranca-informatica.pt&dtd=33
Frame ID: D0BCB8C293CA24AC6464BC3BFCCC3474
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1890291405&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4668&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=a7AmF6MFQD&p=https%3A//seguranca-informatica.pt&dtd=78
Frame ID: F3CE8D524E91FC4A0993D39F933717FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1753594591&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=6982&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=0ESy3vUPuB&p=https%3A//seguranca-informatica.pt&dtd=82
Frame ID: 01D921223F7489CCC2E0582638FBD15C
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=7587%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7587&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&t_e=Trojan%20Lampion%20is%20back%20after%203%20months&t_d=Trojan%20Lampion%20is%20back%20after%203%20months&t_t=Trojan%20Lampion%20is%20back%20after%203%20months&s_o=default
Frame ID: 69DD92571B8515FE28E40FCAE1582610
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e5d0949a2770c%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff1e0fba49200c04%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: E733740DED14373B099125FA3A3150BF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F6B35F2EFDF61C45F6E6FEB06B50CBD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7B49ABCE03E71B5A9C80C8596FFD0134
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

228
Requests

100 %
HTTPS

64 %
IPv6

25
Domains

37
Subdomains

28
IPs

6
Countries

6945 kB
Transfer

9252 kB
Size

1
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/
Title: 0xSI_f33d

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/vbs.lampion
Title: Trojan Lampion

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares/SI-LAB-malware/blob/master/decryption-strings-lampion.vbs
Title: here

Search URL Search Domain Scan URL

URL: https://ind.millenniumbcp.pt/pt/Particulares/seguranca/Pages/avisos2019/aviso-2309.aspx
Title: courtesy of MllenniumBCP – Portugal

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares/
Title: Pedro Tavares

Search URL Search Domain Scan URL

URL: https://www.facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://twitter.com/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/sirpedrotavares

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.pdf

Search URL Search Domain Scan URL

URL: https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png
Title: PNG

Search URL Search Domain Scan URL

URL: https://t.me/segurancainformatica

Search URL Search Domain Scan URL

URL: https://facebook.com/segurancainformatica

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+PedroTavaresSir

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCGs6Ju6rSM9BHP5UGtVvdXw?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.pinterest.pt/sirpedrotavares/seguranca-informaticapt/

Search URL Search Domain Scan URL

URL: https://www.trignosfera.pt/

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

URL: https://v1.addthis.com/live/redirect/?url=http%3A%2F%2Fseguranca-informatica.pt%2Falerta-campanha-de-phishing-em-nome-do-banco-santander%2F%23at_pco%3Dsmlwn-1.0%26at_si%3D5ebec1377632658d%26at_ab%3Dper-2%26at_pos%3D0%26at_tot%3D1&uid=5ebec13788905baa&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&per=undefined&pco=smlwn-1.0

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image&utm_campaign=Sharing%20tools%20logo
Title: AddThis

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image&utm_campaign=Recommended%20content%20logo
Title: AddThis

Search URL Search Domain Scan URL

URL: https://v1.addthis.com/live/redirect/?url=http%3A%2F%2Fseguranca-informatica.pt%2Favaliacao-da-performance-dns-cloudflare-x-google-x-opendns%2F%23at_pco%3Djrcf-1.0%26at_si%3D5ebec1377632658d%26at_ab%3Dper-2%26at_pos%3D0%26at_tot%3D3&uid=5ebec1373b66a163&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&per=undefined&pco=jrcf-1.0

Search URL Search Domain Scan URL

URL: https://github.com/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+PedroTavaresSir
Title:

Search URL Search Domain Scan URL

URL: https://linkedin.com/in/sirpedrotavares
Title:

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/sirpedrotavares
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://www.paypal.com/en_PT/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

Request Chain 230

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

228 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/ 104 KB
25 KB 705ms
704ms Document
text/html 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

cfcd2d0c165047a6f4ce42f4d5bf6b1d159580756444663632d901c087de50d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: seguranca-informatica.pt
:scheme: https
:path: /trojan-lampion-is-back-after-3-months/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 16:20:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db80f934dce618e3206ad19116097779e1589559606; expires=Sun, 14-Jun-20 16:20:06 GMT; path=/; domain=.seguranca-informatica.pt; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.5
x-pingback: https://seguranca-informatica.pt/xmlrpc.php
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/", <https://seguranca-informatica.pt/?p=7587>; rel=shortlink, </wp-content/cache/minify/398c6.css>; rel=preload; as=style, </wp-content/cache/minify/eabb6.css>; rel=preload; as=style, </wp-content/cache/minify/021e7.css>; rel=preload; as=style, </wp-content/cache/minify/c841a.css>; rel=preload; as=style
vary: Accept-Encoding
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 593e2f31aadb1f39-FRA
content-encoding: br
cf-h2-pushed: </wp-content/cache/minify/398c6.css>,</wp-content/cache/minify/eabb6.css>,</wp-content/cache/minify/021e7.css>,</wp-content/cache/minify/c841a.css>
cf-request-id: 02babbd30600001f39e9b86200000001

GET
H2 200 398c6.css
seguranca-informatica.pt/wp-content/cache/minify/ 60 KB
9 KB 2ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/398c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0de0d4de1311eb99b9327550146b23da220725b6739baa3158eb12f12d358a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=63257
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5c000001f39e9803200000001
referrer-policy
last-modified: Tue, 12 May 2020 12:49:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e2f360f681f39-FRA
cf-bgj: minify

GET
H2 200 eabb6.css
seguranca-informatica.pt/wp-content/cache/minify/ 43 KB
9 KB 4ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=45567
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5c000001f39e9804200000001
referrer-policy
last-modified: Tue, 12 May 2020 18:15:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e2f360f691f39-FRA
cf-bgj: minify

GET
H2 200 021e7.css
seguranca-informatica.pt/wp-content/cache/minify/ 82 KB
10 KB 4ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/021e7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b867e89571d23202e9a1cf026372048737c930c3e0c6002231ef5729297e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=87101
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5c000001f39e9805200000001
referrer-policy
last-modified: Tue, 12 May 2020 09:18:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e2f360f6a1f39-FRA
cf-bgj: minify

GET
H2 200 c841a.css
seguranca-informatica.pt/wp-content/cache/minify/ 80 KB
15 KB 11ms
0ms Stylesheet
text/css 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41842b8a7787f30dd7c129b53b921da9705e8420e0926550013d0252822547ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=83892
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5c000001f39e9806200000001
referrer-policy
last-modified: Tue, 12 May 2020 12:49:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=14400
cf-ray: 593e2f360f6c1f39-FRA
cf-bgj: minify

GET
H2 200 dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js Show response
seguranca-informatica.pt/cdn-cgi/apps/head/ 6 KB
2 KB 28ms
22ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/head/dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a12b82bb4b7e9b29fd41e3f22c394ee3d3737f8f9af9f7ae041d0bb895d8bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
x-amz-request-id: 5A6D031A65A7B0C2
x-amz-id-2: 4XbYJlareRgd91xRUSuuPE4CqNGm5f+IG/gdWfs+X50vzASXyUcegjznKMbnxmRdiQ/30sGoWaU=
last-modified: Sun, 05 Apr 2020 15:14:50 GMT
server: cloudflare
etag: W/"0393fdb4c7fd5923b28dfb50d125f8c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: lJHzaW_9htzRbalNZ7mokDHK2gBXM6Ql
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 02babbd5de00001f39e980b200000001
cf-ray: 593e2f3638071f39-FRA

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 29ms
24ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Origin: https://seguranca-informatica.pt

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 16:20:06 GMT
server: ESF
date: Fri, 15 May 2020 16:20:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 16:20:06 GMT

GET
H2 200 jquery.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 95 KB
32 KB 28ms
23ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=96873
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e980c200000001
referrer-policy
last-modified: Tue, 21 May 2019 20:30:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36380a1f39-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
seguranca-informatica.pt/wp-includes/js/jquery/ 10 KB
4 KB 25ms
21ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e980d200000001
referrer-policy
last-modified: Tue, 21 Jun 2016 18:04:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36380c1f39-FRA

GET
H2 200 frontend.min.js Show response
seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 16ms
12ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.0.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e980e200000001
referrer-policy
last-modified: Thu, 27 Feb 2020 10:54:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36380f1f39-FRA

GET
H2 200 nivo-lightbox.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/ 8 KB
2 KB 26ms
21ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/nivo/nivo-lightbox.min.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e980f200000001
referrer-policy
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f3638101f39-FRA

GET
H2 200 infinite-scroll.pkgd.min.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 25 KB
7 KB 27ms
23ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e9810200000001
referrer-policy
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f3638111f39-FRA

GET
H2 200 front.js Show response
seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/ 16 KB
4 KB 26ms
22ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a44ab6217570448889e9e625c86288f47692343285d48fd2642e9f9e46c3158

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=26898
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e9811200000001
referrer-policy
last-modified: Mon, 25 Nov 2019 22:36:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f3638121f39-FRA
cf-bgj: minify

GET
H2 200 wpp-5.0.0.min.js Show response
seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/ 1 KB
739 B 17ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.1.0

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd5de00001f39e9812200000001
referrer-policy
last-modified: Tue, 31 Mar 2020 16:24:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f3638131f39-FRA

GET
H2 200 logotipox600.png
seguranca-informatica.pt/logotipo/ 20 KB
20 KB 14ms
14ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/logotipox600.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 20475
cf-request-id: 02babbd66c00001f39e983a200000001
referrer-policy
last-modified: Tue, 13 Feb 2018 18:11:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f371a591f39-FRA

GET
H2 200 twitter_PNG28-e1517184971128.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 600 B
737 B 15ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/twitter_PNG28-e1517184971128.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 600
cf-request-id: 02babbd67700001f39e983c200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 00:16:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f372a7e1f39-FRA

GET
H2 200 icon-circle-150x150-youtube.png
seguranca-informatica.pt/ 7 KB
8 KB 16ms
13ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/icon-circle-150x150-youtube.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 7592
cf-request-id: 02babbd67700001f39e983e200000001
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f372a811f39-FRA

GET
H2 200 0xsi-f33d-2.png
seguranca-informatica.pt/wp-content/uploads/2020/04/ 874 B
986 B 11ms
10ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/0xsi-f33d-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c848f8748dcbd3ae9248bd4ef3309e931660b0ebd18b20b7c3989ac54144e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430
status: 200
vary: Accept-Encoding
content-length: 874
cf-request-id: 02babbd67700001f39e983f200000001
referrer-policy
last-modified: Mon, 06 Apr 2020 13:02:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f372a851f39-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1615095a9e662d58ed44a7fc6c80c04b642ee9122a037e620680008463b3e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39297
x-xss-protection: 0
server: cafe
etag: 18167252803202742783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:20:06 GMT

GET
H2 200 email-sapo_-768x689.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 243 KB
243 KB 293ms
292ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/email-sapo_-768x689.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4629215841e2459796d3c92ef2d6de1e1bcb7b4bb89d582603b6ef249c28115e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 248701
cf-request-id: 02babbd67800001f39e9840200000001
referrer-policy
last-modified: Mon, 11 May 2020 17:55:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f372a871f39-FRA

GET
H2 200 email-sapo-attachements-768x758.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 284 KB
284 KB 279ms
276ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/email-sapo-attachements-768x758.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b20b80840e838daddc25ee9bc2683ad61601b0818207b1804a38e28bf03f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 290470
cf-request-id: 02babbd67d00001f39e9842200000001
referrer-policy
last-modified: Mon, 11 May 2020 18:03:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f372a9c1f39-FRA

GET
H2 200 lampion_vodafone_template.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 114 KB
114 KB 344ms
344ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/lampion_vodafone_template.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73ed7d7dd15a1989add842a0676d03e2729f864e58c062816275cbd384bf08f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 116730
cf-request-id: 02babbd68400001f39e9843200000001
referrer-policy
last-modified: Mon, 11 May 2020 18:16:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f373ab31f39-FRA

GET
H2 200 governo_portugues.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 113 KB
113 KB 278ms
277ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/governo_portugues.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1dca885792b34dbde1c02ff0b4681cfd52826f5cb04ce4d9a1ee07ce80aa8fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 115647
cf-request-id: 02babbd68400001f39e9844200000001
referrer-policy
last-modified: Mon, 11 May 2020 18:24:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f373ab41f39-FRA

GET
H2 200 msfi-file-details.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 84 KB
85 KB 343ms
343ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/msfi-file-details.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79193a8d7b1725f67c6653d4d176eae10668fdf2025c738ddfa135d7b5bad114

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 86518
cf-request-id: 02babbd68600001f39e9846200000001
referrer-policy
last-modified: Mon, 11 May 2020 18:58:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f373abb1f39-FRA

GET
H2 200 msi-installation.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 116 KB
117 KB 286ms
283ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/msi-installation.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057920366cab5943adbe71a5c960c743daf84bf49e13c684d2166efaffc91dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 119263
cf-request-id: 02babbd7e000001f39e987c200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:02:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3968061f39-FRA

GET
H2 200 after_install.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 39 KB
39 KB 249ms
248ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/after_install.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0065a533b9122944853cc307a85f84133bb277dc6057cefeebab142c071d9230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 40000
cf-request-id: 02babbd7e000001f39e987d200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:05:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f39680a1f39-FRA

GET
H2 200 obfuscation-changes.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 121 KB
121 KB 301ms
301ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/obfuscation-changes.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daae27b31cc02284fca11559e6bad641f8f4a27f711469be53cd7f558b73072c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 123681
cf-request-id: 02babbd7e000001f39e987e200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:14:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f39680c1f39-FRA

GET
H2 200 size-files.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 39 KB
40 KB 292ms
292ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/size-files.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7520aaa7768147f79f050cc16d0203c51a841b15ab006e1a474a47269951bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 40365
cf-request-id: 02babbd81100001f39e988a200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:36:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f39b8d61f39-FRA

GET
H2 200 images-size_.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 135 KB
135 KB 278ms
278ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/images-size_.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1dcd0fc3074c9f571e9d8d3b2784e8b71325071ee6e9a7b272b2c28445c9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 138305
cf-request-id: 02babbd82100001f39e988c200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:44:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f39c9231f39-FRA

GET
H2 200 delphi.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 6 KB
6 KB 198ms
197ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/delphi.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b531f80fbec5d7a5e115d897d206441d9dee317ea5bdeb5072649d0f40e178

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 6419
cf-request-id: 02babbd8c400001f39e989c200000001
referrer-policy
last-modified: Mon, 11 May 2020 19:49:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3adc381f39-FRA

GET
H2 200 iocs.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 174 KB
175 KB 293ms
293ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/iocs.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da878137fa50efbe120c897b388ef6c1d2c589010a7fffd7924fd50e0b941203

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 178460
cf-request-id: 02babbd8db00001f39e98a1200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:05:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3afca31f39-FRA

GET
H2 200 screen_from_millennium_bcp_pt_png.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 709 KB
710 KB 282ms
282ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/screen_from_millennium_bcp_pt_png.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d67e12d3b25210c485d4d39ebd124cd187eacd43b21f5547b2bead3943c0d649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 725769
cf-request-id: 02babbd92700001f39e98a4200000001
referrer-policy
last-modified: Thu, 14 May 2020 14:14:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3b7dd21f39-FRA

GET
H2 200 overlay.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 6 KB
6 KB 213ms
213ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/overlay.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00ee1ea9007c443208c093c279ea2362f86f8a54fc3b1e7d39eb981802a65bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 5635
cf-request-id: 02babbd92e00001f39e98a6200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:11:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3b7dec1f39-FRA

GET
H2 200 trojan.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 66 KB
67 KB 294ms
293ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/trojan.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d124e7af3146ee54b7dc8e7fc3b9798efa711e495de0498b17b58ff732fa30dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 68083
cf-request-id: 02babbd93700001f39e98aa200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:21:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3b8e231f39-FRA

GET
H2 200 blocks.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 78 KB
79 KB 283ms
282ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/blocks.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3759d104e1d7d41f0261cfb7de4a420b0ac04925beb371126b6a6959703e46cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 80191
cf-request-id: 02babbd96300001f39e98b3200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:24:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3bdec21f39-FRA

GET
H2 200 ida.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 3 KB
3 KB 204ms
204ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/ida.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f022f37e3d06f61b60f5e284f22687bcc7f675bdef9ebb370af12adb98ed2c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 3032
cf-request-id: 02babbd98a00001f39e98b6200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:27:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3c1f5c1f39-FRA

GET
H2 200 wireshark.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 275 KB
276 KB 280ms
280ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/wireshark.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a10648b57b061f2ecbcf75ab66d43c7faa1e0b3b1aa42fcf6fed1a65b2415c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 282046
cf-request-id: 02babbda0000001f39e98c1200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:43:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3cc92d1f39-FRA

GET
H2 200 c2.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 32 KB
32 KB 239ms
239ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/c2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b06395cfed65d6d023a266d7720d5eda962bbbfbaa7269e278820b66729b2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 32890
cf-request-id: 02babbda5000001f39e98c6200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:46:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3d4ad01f39-FRA

GET
H2 200 c2-geo-768x370.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 87 KB
88 KB 276ms
275ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/c2-geo-768x370.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34bce8bd1669a3e3161e4ded982cd9988c9dcd2154559198d519751d2718f481

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 89374
cf-request-id: 02babbda5800001f39e98c9200000001
referrer-policy
last-modified: Mon, 11 May 2020 20:47:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3d5af91f39-FRA

GET
H2 200 prevention-measures.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 44 KB
44 KB 278ms
278ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/prevention-measures.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba6156a938774b6d006922b40ded2d8262d1a4cabdb7f6a066978d887f6ed7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 45131
cf-request-id: 02babbda5d00001f39e98ca200000001
referrer-policy
last-modified: Mon, 11 May 2020 21:12:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3d6b121f39-FRA

GET
H2 200 pedro-tavares-300x200.jpg
seguranca-informatica.pt/wp-content/uploads/2018/11/ 80 KB
80 KB 12ms
11ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/11/pedro-tavares-300x200.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 82070
cf-request-id: 02babbd73400001f39e985f200000001
referrer-policy
last-modified: Fri, 02 Nov 2018 14:44:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f385d951f39-FRA

GET
H2 200 email-decode.min.js Show response
seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
843 B 10ms
9ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd62600001f39e981e200000001
last-modified: Tue, 12 May 2020 16:13:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ebacb43-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 593e2f36a9171f39-FRA
expires: Sun, 17 May 2020 16:20:06 GMT

GET
H2 200 si_f33d.png
seguranca-informatica.pt/wp-content/uploads/2020/04/ 5 KB
5 KB 11ms
10ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/si_f33d.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

575593b187efc8e164cf80d79952d18b79ecad5fb42a81b1711dedf7a2af46b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 5308
cf-request-id: 02babbda9c00001f39e98cf200000001
referrer-policy
last-modified: Mon, 06 Apr 2020 14:06:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3dcc2a1f39-FRA

GET
H2 200 Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png
feed.seguranca-informatica.pt/reports/2020/ 192 KB
192 KB 23ms
17ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feed.seguranca-informatica.pt/reports/2020/Infographic%20-%20Threat%20Report%20Portugal%20Q1%202020.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0154bc5c5f57538a82d600332062423bc61361a127b27cb1be7077c07e34fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430
status: 200
vary: Accept-Encoding
content-length: 196135
cf-request-id: 02babbd64800001f39e9829200000001
last-modified: Sun, 19 Apr 2020 23:20:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f36d9ac1f39-FRA

GET
H2 200 blog-cover.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 589 KB
590 KB 11ms
11ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/blog-cover.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caace78c6f887ecbf780bdf5b71e57a02776d7ef5a0e54e797e3e007130262e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
content-length: 603351
cf-request-id: 02babbdaa800001f39e98d0200000001
referrer-policy
last-modified: Wed, 06 May 2020 22:18:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3ddc621f39-FRA

GET
H2 200 cover_lampion-768x315.png
seguranca-informatica.pt/wp-content/uploads/2019/12/ 261 KB
261 KB 11ms
10ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/12/cover_lampion-768x315.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 266845
cf-request-id: 02babbdb4100001f39e98dd200000001
referrer-policy
last-modified: Sat, 28 Dec 2019 02:40:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3eceea1f39-FRA

GET
H2 200 blog-cover__.png
seguranca-informatica.pt/wp-content/uploads/2020/05/ 86 KB
86 KB 12ms
11ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/05/blog-cover__.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8742843c9c346c419f6a487e08a8f6d6c5f3200d4f7a7c0e15dab4a4a7c0c65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 430
status: 200
vary: Accept-Encoding
content-length: 87653
cf-request-id: 02babbd6ae00001f39e984d200000001
referrer-policy
last-modified: Mon, 11 May 2020 21:38:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f377b681f39-FRA

GET
H2 200 emotet-ryuk-portugal-768x425.png
seguranca-informatica.pt/wp-content/uploads/2020/01/ 361 KB
361 KB 13ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/01/emotet-ryuk-portugal-768x425.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 369542
cf-request-id: 02babbdb4f00001f39e98df200000001
referrer-policy
last-modified: Thu, 30 Jan 2020 14:44:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3eef361f39-FRA

GET
H2 200 youtube-subscribe-button-2.png
seguranca-informatica.pt/ 4 KB
5 KB 10ms
10ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/youtube-subscribe-button-2.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 4586
cf-request-id: 02babbdb5d00001f39e98e5200000001
referrer-policy
last-modified: Wed, 07 Jun 2017 10:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3eff681f39-FRA

GET
H2 200 telegram.jpg
seguranca-informatica.pt/wp-content/uploads/2018/12/ 11 KB
11 KB 17ms
17ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/12/telegram.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 11537
cf-request-id: 02babbdb6800001f39e98e7200000001
referrer-policy
last-modified: Thu, 27 Dec 2018 12:10:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f0f861f39-FRA

GET
H2 200 if_60-rss_104443.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 13ms
13ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_60-rss_104443.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 2265
cf-request-id: 02babbdb6d00001f39e98e9200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 13:11:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f1f971f39-FRA

GET
H2 200 if_1_Media_social_website_facebook_2657542.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 14ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_1_Media_social_website_facebook_2657542.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 1792
cf-request-id: 02babbdb7c00001f39e98eb200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f2fe81f39-FRA

GET
H2 200 if_18_Media_social_website_in_2657551.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_18_Media_social_website_in_2657551.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 2141
cf-request-id: 02babbdb7c00001f39e98ec200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f2fe91f39-FRA

GET
H2 200 if_12_Media_social_website_Twitter_2657545.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 12ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_12_Media_social_website_Twitter_2657545.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 2756
cf-request-id: 02babbdb7c00001f39e98ed200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f2fea1f39-FRA

GET
H2 200 if_5_Media_social_website_gmail_2657573.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 13ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_5_Media_social_website_gmail_2657573.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 2512
cf-request-id: 02babbdb8b00001f39e98f1200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f48321f39-FRA

GET
H2 200 if_11_Media_social_website_youtube_2657544.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 2 KB
3 KB 14ms
13ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_11_Media_social_website_youtube_2657544.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 2502
cf-request-id: 02babbdb8b00001f39e98f2200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f48341f39-FRA

GET
H2 200 if_14_Media_social_website_pinterest_2657547.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 3 KB
3 KB 13ms
12ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/if_14_Media_social_website_pinterest_2657547.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 3147
cf-request-id: 02babbdb8b00001f39e98f3200000001
referrer-policy
last-modified: Mon, 29 Jan 2018 12:51:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f48361f39-FRA

GET
H2 200 trignosfera.png
seguranca-informatica.pt/logotipo/partners/ 45 KB
45 KB 13ms
11ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/logotipo/partners/trignosfera.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 46166
cf-request-id: 02babbdb9900001f39e98f4200000001
referrer-policy
last-modified: Fri, 16 Feb 2018 16:25:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f585d1f39-FRA

GET
H2 200 81231ea4f1f1574817ce729145adde5b.gif
seguranca-informatica.pt/wp-content/uploads/2018/07/ 7 KB
7 KB 17ms
15ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/07/81231ea4f1f1574817ce729145adde5b.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 7181
cf-request-id: 02babbdb9900001f39e98f5200000001
referrer-policy
last-modified: Mon, 30 Jul 2018 13:41:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f58601f39-FRA

GET
H2 200 scam.gif
seguranca-informatica.pt/wp-content/uploads/2019/01/ 22 KB
23 KB 15ms
14ms Image
image/gif 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/01/scam.gif

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 22962
cf-request-id: 02babbdb9900001f39e98f6200000001
referrer-policy
last-modified: Wed, 23 Jan 2019 10:49:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f58621f39-FRA

GET
H2 200 coffepaypal.png
seguranca-informatica.pt/wp-content/uploads/2019/02/ 52 KB
52 KB 13ms
13ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2019/02/coffepaypal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 53007
cf-request-id: 02babbdb9900001f39e98f7200000001
referrer-policy
last-modified: Mon, 11 Feb 2019 23:55:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f58651f39-FRA

GET
H2

404

pixel.gif
www.paypalobjects.com/en_PT/i/scr/
Redirect Chain

https://www.paypal.com/en_PT/i/scr/pixel.gif
https://www.paypalobjects.com/en_PT/i/scr/pixel.gif

0
0

332ms
222ms

Image
text/html

151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency: 27
date: Fri, 15 May 2020 16:20:07 GMT
x-edgeconnect-midmile-rtt: 139
status: 301
location: https://www.paypalobjects.com/en_PT/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 52bccbf581958
strict-transport-security: max-age=63072000
dc: ccg11-origin-www-1.paypal.com
content-length: 0

GET
H2 200 88x31.png
licensebuttons.net/l/by/4.0/ 1 KB
1 KB 23ms
20ms Image
image/png 2606:4700:20::681a:5d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by/4.0/88x31.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3575
cf-polished: origSize=4739
status: 200
vary: Accept-Encoding
content-length: 1283
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
x-frame-options: deny
etag: "5eab4a31-1283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
content-type: image/png
cache-control: max-age=432000
cf-request-id: 02babbd646000097a858099200000001
accept-ranges: bytes
cf-ray: 593e2f36dd4297a8-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cherry-js-core.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/ 994 B
564 B 11ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-js-core/assets/js/min/cherry-js-core.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd62600001f39e981f200000001
referrer-policy
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36a91b1f39-FRA

GET
H2 200 comment_count.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 708 B
453 B 28ms
15ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=889
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd64600001f39e9824200000001
referrer-policy
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36d9a01f39-FRA
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/ 828 B
435 B 27ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=1150
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd64600001f39e9825200000001
referrer-policy
last-modified: Wed, 06 Mar 2019 09:03:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36d9a21f39-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 2 KB
735 B 29ms
16ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/main.js?ver=20170211

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=2332
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd64600001f39e9826200000001
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36d9a61f39-FRA
cf-bgj: minify

GET
H2 200 jquery.sticky.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 4 KB
1 KB 27ms
14ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/jquery.sticky.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf3003543c3572ba8dfc6a87a9289ebadde2db18f09a36657301eaccd157866

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=7171
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd64600001f39e9827200000001
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36d9a81f39-FRA
cf-bgj: minify

GET
H2 200 sticky-setting.js Show response
seguranca-informatica.pt/wp-content/themes/xmag/js/ 213 B
215 B 28ms
15ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/js/sticky-setting.js?ver=20160906

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2401623ae567bc1ee575b6702e3a178c8b4f6a58d29cdfa3caae48e03ff9b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=289
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd64800001f39e9828200000001
referrer-policy
last-modified: Sun, 04 Jun 2017 20:13:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36d9a91f39-FRA
cf-bgj: minify

GET
H2 200 comment-reply.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 2 KB
1 KB 13ms
10ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/comment-reply.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd65b00001f39e982e200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36fa041f39-FRA

GET
H2 200 cherry-handler.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/ 3 KB
1 KB 14ms
10ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/cherry-framework/modules/cherry-handler/assets/js/min/cherry-handler.min.js?ver=1.5.11

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd65b00001f39e982f200000001
referrer-policy
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36fa061f39-FRA

GET
H2 200 validate.js Show response
seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/ 880 B
398 B 15ms
12ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/newsletter/subscription/validate.js?ver=6.6.5

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9739d0d7392121fdc9d51cee01553a500980a5ce417343483982c68e3e2625

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
cf-polished: origSize=1089
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd65b00001f39e9830200000001
referrer-policy
last-modified: Tue, 12 May 2020 09:10:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36fa071f39-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 84ms
72ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 13:56:52 GMT
server: nginx/1.15.8
etag: W/"5e8dd824-582c2"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Fri, 15 May 2020 16:20:06 GMT
x-host: s7.addthis.com
content-length: 116281

GET
H2 200 enlighterjs.min.js Show response
seguranca-informatica.pt/wp-content/plugins/enlighter/resources/enlighterjs/ 55 KB
15 KB 19ms
16ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/enlighter/resources/enlighterjs/enlighterjs.min.js?ver=4.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a20b3be7d4327e93b19c5f9294f18c262e209b1831db3daee58a82baf8f96ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd65c00001f39e9831200000001
referrer-policy
last-modified: Wed, 29 Apr 2020 21:38:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36fa091f39-FRA

GET
H2 200 wp-embed.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
777 B 13ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-embed.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd65c00001f39e9832200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f36fa0d1f39-FRA

GET
H2 200 scripts.js Show response
seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/ 2 KB
895 B 15ms
13ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/eu-cookie-law/js/scripts.js?ver=3.1.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
cf-polished: origSize=2960
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd66700001f39e9835200000001
referrer-policy
last-modified: Fri, 01 May 2020 13:59:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f370a3e1f39-FRA
cf-bgj: minify

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 17ms
13ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.1
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2450
etag: W/"9d9aed5a8d74707da3c47d0230168852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 593e2f36fbf4e003-FRA
cf-request-id: 02babbd65c0000e00356afa200000001
expires: Mon, 18 May 2020 16:20:06 GMT

GET
H2 200 underscore.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 16 KB
6 KB 12ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/underscore.min.js?ver=1.8.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd66800001f39e9836200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f370a421f39-FRA

GET
H2 200 wp-util.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 1 KB
665 B 13ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-util.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd66a00001f39e9838200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f371a521f39-FRA

GET
H2 200 cherry-search.min.js Show response
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/ 2 KB
1015 B 13ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/js/min/cherry-search.min.js?ver=1.1.5

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 288
status: 200
vary: Accept-Encoding
cf-request-id: 02babbd66a00001f39e9839200000001
referrer-policy
last-modified: Tue, 07 May 2019 09:01:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f371a541f39-FRA

GET
H2 200 qNcmPTj79EMUOrzZ4I-EprFF7Y8.js Show response
seguranca-informatica.pt/cdn-cgi/apps/body/ 28 KB
6 KB 18ms
13ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/cdn-cgi/apps/body/qNcmPTj79EMUOrzZ4I-EprFF7Y8.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/cdn-cgi/apps/head/dI4tRH6z5eYOCbLZuWBC7Ig0Jis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
x-amz-request-id: B1A34C54B00795F5
x-amz-id-2: VyLprAeAEHyQzkdWParS9BRVX3BWymAqexBJx0ZGlHXKZwc6m6gjUnNVfnZNXvKti8lSly16zlo=
last-modified: Sun, 05 Apr 2020 15:14:50 GMT
server: cloudflare
etag: W/"2f0664ac054357af08048b56dbb23ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-version-id: 39Vrrl1hwaQV.tQQHe0gpcneNyDq0WPl
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-request-id: 02babbdbab00001f39e98f9200000001
cf-ray: 593e2f3f78ad1f39-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6091
date: Fri, 15 May 2020 14:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 16:38:35 GMT

GET
H2 200 wp-emoji-release.min.js Show response
seguranca-informatica.pt/wp-includes/js/ 14 KB
4 KB 14ms
11ms Script
application/javascript 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 290
status: 200
vary: Accept-Encoding
cf-request-id: 02babbdbab00001f39e98fa200000001
referrer-policy
last-modified: Wed, 01 Apr 2020 14:18:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 593e2f3f78af1f39-FRA

POST
H2 201 popular-posts Show response
seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/ 55 B
505 B 650ms
649ms XHR
application/json 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-json/wordpress-popular-posts/v1/popular-posts

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/wordpress-popular-posts/assets/js/wpp-5.0.0.min.js?ver=5.1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

d752b2e79c9d49bb8911c45af0a25e1352f18e9679cbc7cac69e6da4ddbb093e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.5
status: 201
vary: Origin,Accept-Encoding
cf-request-id: 02babbd63800001f39e9822200000001
referrer-policy
access-control-allow-headers: Authorization, Content-Type
allow: GET, POST
server: cloudflare
x-wp-nonce: d87d90e536
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://seguranca-informatica.pt
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 593e2f36c9651f39-FRA
link: <https://seguranca-informatica.pt/wp-json/>; rel="https://api.w.org/"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
32 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: MfqN/iV09V6NBZ7PAC9pANU4soeeU2kYdqc0kkiKo+atAR7AYOjEPkYCfm/w6IriuT6ITMv3yxKqfyKzGhmWeg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:06 GMT, Fri, 15 May 2020 16:20:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 12ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7/M7HcdSABtYBNj/dvVQRg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "8fb486b9c804808d762fe05a985a4fac"
x-fb-debug: ls2SpChS2BBu9rMFqy1Xcn3v/XPmiOZcUXkpT1GkC/XIIWlv7bx5dvCiQ5XTjyflRFSuaGHBhvHgG9pThlrq3Q==
x-fb-trip-id: 664085054
x-fb-content-md5: 4e2ac3d85fd9e47184840fd03051d43f
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:06 GMT, Fri, 15 May 2020 16:20:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:24:47 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Wed, 06 May 2020 00:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 833389
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 06 May 2021 00:50:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2476215
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 17 Apr 2021 00:29:51 GMT

GET
H2 200 simple-line-icons.ttf
seguranca-informatica.pt/wp-content/themes/xmag/fonts/ 18 KB
12 KB 14ms
13ms Font
font/ttf 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/themes/xmag/fonts/simple-line-icons.ttf?v=2.2.2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/wp-content/cache/minify/eabb6.css
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 15 May 2020 16:20:06 GMT
content-encoding: br
referrer-policy
cf-cache-status: HIT
server: cloudflare
age: 288
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
status: 200
cache-control: max-age=14400
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 593e2f36d9af1f39-FRA
cf-request-id: 02babbd64900001f39e982b200000001

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 10 Apr 2020 06:12:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 3060451
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 10 Apr 2021 06:12:35 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Thu, 09 Apr 2020 23:10:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:15 GMT
server: sffe
age: 3085778
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9416
x-xss-protection: 0
expires: Fri, 09 Apr 2021 23:10:28 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Thu, 09 Apr 2020 03:33:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 3156408
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Fri, 09 Apr 2021 03:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 08 May 2020 19:19:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 594061
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 08 May 2021 19:19:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7CRoboto%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin: https://seguranca-informatica.pt

Response headers

date: Wed, 13 May 2020 20:33:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 157598
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 13 May 2021 20:33:29 GMT

GET
H2 200 eqyuAj9hvy4
www.youtube.com/embed/ Frame 3369 0
0 133ms
133ms Document
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/eqyuAj9hvy4

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/eqyuAj9hvy4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Fri, 15 May 2020 16:20:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=Gf9NgBCBtlg; path=/; domain=.youtube.com; secure; expires=Wed, 11-Nov-2020 16:20:07 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 15-May-2020 16:50:07 GMT YSC=1igtUdVUSjo; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=Gf9NgBCBtlg; path=/; domain=.youtube.com; secure; expires=Wed, 11-Nov-2020 16:20:07 GMT; httponly; samesite=None
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 395 KB
115 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=edf0f15c033aa2529b37e0789fcc1c9b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Origin: https://seguranca-informatica.pt

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BVBccG0Oxjyz1acP5fS4YA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 117433
etag: "b65851d51456c6eaf72c44587b25f8c4"
x-fb-debug: Y6SgFuOZaMgcqOkbZPAMf64Boaz91S+Iq+oHVcFyW+/MzPco4PbsICn2XqwTIHGLenuJnCNDIsUdoMT66eiJbw==
x-fb-trip-id: 664085054
x-fb-content-md5: d5b0dc6beb43a6929dabe2b6b9d31a0e
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:07 GMT, Fri, 15 May 2020 16:20:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 15 May 2021 16:04:47 GMT

GET
H2 200 E-mail-Icon-co%CC%81pia-e1515360297525.png
seguranca-informatica.pt/wp-content/uploads/2018/01/ 1009 B
1 KB 16ms
14ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/01/E-mail-Icon-co%CC%81pia-e1515360297525.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 432
status: 200
vary: Accept-Encoding
content-length: 1009
cf-request-id: 02babbdbab00001f39e98fb200000001
referrer-policy
last-modified: Wed, 24 Jan 2018 22:17:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3f78b01f39-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
128 B 13ms
13ms XHR
text/plain 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j82&a=1097600956&t=pageview&_s=1&dl=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&ul=en-us&de=UTF-8&dt=Trojan%20Lampion%20is%20back%20after%203%20months&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAcABCAAAAC~&jid=53392375&gjid=738304988&cid=676357214.1589559607&tid=UA-100437516-1&_gid=927724571.1589559607&_r=1&z=334385132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://seguranca-informatica.pt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134215180689421 Show response
connect.facebook.net/signals/config/ 516 KB
129 KB 12ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/134215180689421?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee855adef8d74ff58e90a1c1c1efcf2550e3ba6d0db5a80a417b0dc22a3efb94

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131653
x-xss-protection: 0
pragma: public
x-fb-debug: 2MbA23EwaH8Jaz54q3/kb6JPyE6zBIRuYkzC8xK2FfXifZMsa6mRkvw4yc5JBEfPwBMgYia4Wc9DKszHxwvYog==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 15 May 2020 16:20:07 GMT, Fri, 15 May 2020 16:20:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 17ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=seguranca-informatica.pt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/ 218 KB
82 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84031
x-xss-protection: 0
server: cafe
etag: 11558267481566639666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:20:07 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/ Frame 77EB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 12 May 2020 03:57:00 GMT
expires: Tue, 26 May 2020 03:57:00 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 303787
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash: cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:25:55 GMT
Server: ECS (fcn/4196)
Age: 899
Etag: "580310dcde7e145486d79be6e5257680+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29223

GET
H/1.1 200
OK count.js Show response
seguranca-informatica.disqus.com/ 1 KB
1 KB 210ms
55ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2486475
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 16 Apr 2020 19:48:14 GMT
Server: nginx
ETag: "5e98b67e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
seguranca-informatica.disqus.com/ 66 KB
22 KB 568ms
413ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/embed.js

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

02d07d10acd4601389f7e765aa1bf98ec42f568c37f1e7ff40b7ed1dbc8d15af

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22123

GET
H2 200 fontawesome-webfont.woff2
seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/ 70 KB
70 KB 19ms
18ms Font
font/woff2 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.pt/wp-content/plugins/cherry-search/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/wp-content/cache/minify/c841a.css
Origin: https://seguranca-informatica.pt

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 110
status: 200
vary: Accept-Encoding
content-length: 71896
cf-request-id: 02babbd7e300001f39e987f200000001
referrer-policy
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f3968161f39-FRA

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7AF3 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 170ms
56ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: CD83941857724976
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=7907
accept-ranges: bytes
content-length: 948
x-amz-id-2: 0ZTpgIpnUMxQCBXeH9ew/82I9oq7GJ2Gfze78bXzMcqS1BRoWTIwh8fvZ+vN96IwbFGZ6f5C0Hk=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/ 7 KB
1 KB 231ms
229ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5a74cca42a90a07e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
etag: -713750497--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=53, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1214

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 201ms
201ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ebec1377632658d&bkl=0&bl=5&pdt=726&sid=5ebec1377632658d&pub=ra-5a74cca42a90a07e&rev=v8.28.5-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=seguranca-informatica.pt&fp=trojan-lampion-is-back-after-3-months%2F&fr=&fcu=Xr7BN9OxX0M&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1589559607413&wpv=wpp-6.2.6&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.6%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-1c09be8100890cf963a4479ddde30a88%22%2C%22page_info%22%3A%7B%22template%22%3A%22posts%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=129&uvs=5ebec137ffe967ac000&skipb=1&callback=addthis.cbs.jsonp__95978307254309180
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 771f2d631fbd9243573f7663d06be4c3b9eea49b81de12a3f1991b348d11a616

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 15 May 2020 16:20:07 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B229 0
0 58ms
57ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Fri, 15 May 2020 16:20:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 170ms
58ms XHR
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
status: 200
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Fri, 15 May 2020 16:20:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 234E 0
0 217ms
215ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=113310500&adf=1156217956&w=740&fwrn=4&lmt=1589559607&rafmt=11&psa=1&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&wgl=1&adsid=NT&dt=1589559607128&bpp=21&bdt=399&idt=334&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5934179784681&frm=20&pv=2&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=2826483617709887&dssz=75&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1203&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8NHB5zs5Ae&p=https%3A//seguranca-informatica.pt&dtd=356

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=185&slotname=8346471494&adk=113310500&adf=1156217956&w=740&fwrn=4&lmt=1589559607&rafmt=11&psa=1&guci=1.2.0.0.2.2.0.0&format=740x185&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&wgl=1&adsid=NT&dt=1589559607128&bpp=21&bdt=399&idt=334&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5934179784681&frm=20&pv=2&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=2826483617709887&dssz=75&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=1203&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=8NHB5zs5Ae&p=https%3A//seguranca-informatica.pt&dtd=356
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:07 GMT
server: cafe
content-length: 22938
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 15-May-2020 16:35:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 15 May 2020 16:20:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589369616634380"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134215180689421&ev=PageView&dl=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&rl=&if=false&ts=1589559607527&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589559607526.891918485&it=1589559607113&coo=false&rqm=GET

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT, Fri, 15 May 2020 16:20:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 May 2020 16:20:07 GMT

GET
H/1.1 200
OK widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame 8A2F 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Fseguranca-informatica.pt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 78903
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 15 May 2020 16:20:07 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 12 May 2020 17:24:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40AE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H/1.1 200
OK count-data.js Show response
seguranca-informatica.disqus.com/ 281 B
820 B 178ms
178ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://seguranca-informatica.disqus.com/count-data.js?1=7587%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7587

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

df8fc8bcdd04abe87a962c9b8d0dbdaeca4403a79f478d1659097f834491e627

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 806
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 281
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js Show response
platform.twitter.com/js/ 24 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D9) /
Resource Hash: 9c677df6c0eccea7dfe6231398ee68e1e1fcd0061912fb23275f631d8c1c8bae

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:16 GMT
Server: ECS (fcn/40D9)
Age: 78902
Etag: "8d1aa2559c6c7464859f2e6be8063257+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7868

GET
H/1.1 200
OK timeline.dcd659352714d721a9f3457b8601524a.js Show response
platform.twitter.com/js/ 21 KB
7 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.dcd659352714d721a9f3457b8601524a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash: cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:16 GMT
Server: ECS (fcn/4196)
Age: 78900
Etag: "035c82c5b07090eda0eec374cd2886c7+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6659

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 58ms
58ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 15 May 2020 16:20:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1B6E 0
0 89ms
89ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559607&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559607397&bpp=3&bdt=668&idt=270&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&adk=1812271804&adf=3025194257&lmt=1589559607&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1589559607397&bpp=3&bdt=668&idt=270&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185&nras=1&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&pvsid=2833514608683535&pem=412&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=5&uci=a!5&fsb=1&dtd=276
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnikDX63oGF_tRRtHvOSBFDklwccdmedgBzNGTvp3cjPMvYbYa2lNdhwIi5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:07 GMT
server: cafe
content-length: 1075
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 190 KB
16 KB 7ms
6ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_sirpedrotavares_old&dnt=false&domain=seguranca-informatica.pt&lang=pt&screen_name=sirpedrotavares&suppress_response_codes=true&t=1766177&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

478e89099e0fddf654e7590276191089e55570461d34a1b50a2abefd95019b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
x-cache: HIT
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 15666
x-xss-protection: 0
x-response-time: 203
last-modified: Fri, 15 May 2020 16:15:21 GMT
server: ECS (fcn/40D7)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
expires: Fri, 15 May 2020 16:25:07 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: a273e980b6a91442ddc15b3256aa99a2
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 003cce15005ed659
access-contol-allow-origin: platform.twitter.com

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
454 B 169ms
166ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1589559607722%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 15 May 2020 16:20:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: abebb0ff865562a13598e560b50a52ff
x-transaction: 00cf6fe2001a2089
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 1 KB
1 KB 10ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 26864128
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 715 B
864 B 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 21830573
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7f221139df6ccec7082a82d479eaf700
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 595 B
750 B 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 12199479
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:05 GMT

GET
H2 200 2622.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 755 B
876 B 8ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2622.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 28573003
x-ton-expected-size: 755
x-cache: HIT
status: 200
content-length: 755
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/4190)
etag: "noPKYKGFNOZUq+jtdn1H7Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c8e143c7c44c839e0b908883c3b7c016
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 9D5D 4 KB
5 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 98934
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 bOXSAGDp
pbs.twimg.com/card_img/1260880527042777090/ Frame 9D5D 2 KB
2 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260880527042777090/bOXSAGDp?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 107263
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1260880527042777090
last-modified: Thu, 14 May 2020 10:29:58 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d467480b3cee22e40d7be671cd223fc
accept-ranges: bytes

GET
H2 200 iRaKib4f
pbs.twimg.com/card_img/1260727687439618048/ Frame 9D5D 55 KB
55 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260727687439618048/iRaKib4f?format=jpg&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 124599
x-cache: HIT
status: 200
content-length: 56026
x-response-time: 149
surrogate-key: card_img card_img/bucket/5 card_img/1260727687439618048
last-modified: Thu, 14 May 2020 00:22:38 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c4647d244ff72f7fd01c22cfe1e1709
accept-ranges: bytes

GET
H2 200 2623.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 1 KB
1 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2623.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

91d4207e7c66e4f58b75db09d4bf19e44186e48913d9f9fb8a15823019ea143b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 24898919
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/40D4)
etag: "RmsuVSL5GfkT0nAdRbywqg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 33e481a24c36c56d6e4675eb63f696be
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 27a1.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 363 B
521 B 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/27a1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 30876363
x-ton-expected-size: 363
x-cache: HIT
status: 200
content-length: 363
x-response-time: 16
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/40D1)
etag: "80IPnYtwZPbD8vd5/RBI8A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 4dbe75df63108177785b2cb63a49f9f6
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 1f4b3.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 439 B
582 B 30ms
30ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f4b3.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E9) /

Resource Hash

66a1646024f0fd58b7fbc8f674b9c097d9e9a96ab0dbb11b92bb377a2eccfa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 28664991
x-ton-expected-size: 439
x-cache: HIT
status: 200
content-length: 439
x-response-time: 22
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:24 GMT
server: ECS (fcn/40E9)
etag: "ZL78/npQ0q6CVv3uroQDcg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 32d2858c50357697ee3892e072942f68
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 2705.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 525 B
726 B 30ms
30ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2705.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 12053400
x-ton-expected-size: 525
x-cache: HIT
status: 200
content-length: 525
x-response-time: 8
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E4)
etag: "7zUYLT41o1+zuu1kEClhZw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b4a7deb331d83726a6482563cdaa204
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 Bj3eS0F8
pbs.twimg.com/card_img/1260313571361042433/ Frame 9D5D 6 KB
6 KB 37ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260313571361042433/Bj3eS0F8?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 240395
x-cache: HIT
status: 200
content-length: 6408
x-response-time: 152
surrogate-key: card_img card_img/bucket/9 card_img/1260313571361042433
last-modified: Tue, 12 May 2020 20:57:05 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 060b725ecae9640d7f5632c45fa259a3
accept-ranges: bytes

GET
H2 200 1f3ac.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 697 B
874 B 10ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3ac.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

0952427c6f4fa6f960b8954afbf10c45ab099876ec25e748b73ade0757e88207

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 28668309
x-ton-expected-size: 697
x-cache: HIT
status: 200
content-length: 697
x-response-time: 19
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:31 GMT
server: ECS (fcn/40E5)
etag: "aXu0aU2odwMElU/npBtK3w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 251b256d854f56d742e225ad4f2bd243
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 1f41e.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 998 B
1 KB 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f41e.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

e69c8d33258983d26a64c123163df7cccdccffc8178e8c4365ae5c58e48040d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 30974078
x-ton-expected-size: 998
x-cache: HIT
status: 200
content-length: 998
x-response-time: 66
surrogate-key: twitter-assets
last-modified: Mon, 17 Sep 2018 19:12:54 GMT
server: ECS (fcn/40DE)
etag: "wQtQ1Npn7ccQl1w0b/vQIA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2587fb3ccab86103942acaac20d85f01
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 1f3e6.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 526 B
669 B 8ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f3e6.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

18f1e1f4fe5585108349cf029e48ad91a12dae4627be962667fb0b4933c69bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 20631413
x-ton-expected-size: 526
x-cache: HIT
status: 200
content-length: 526
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:33 GMT
server: ECS (fcn/40FA)
etag: "7oybjS8/zWyVdOorER5KGA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 31a9e160c2975bee464fb1c3db1dd792
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 1f1ef-1f1f5.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 335 B
465 B 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ef-1f1f5.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 21481150
x-ton-expected-size: 335
x-cache: HIT
status: 200
content-length: 335
x-response-time: 30
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/40DE)
etag: "i1up/RvmEhvPjzMdgrv7nw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 0b79638f44ecd55bcf6b3e20f597fcde
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:07 GMT

GET
H2 200 7uHJC-KV
pbs.twimg.com/card_img/1259974755957997570/ Frame 9D5D 4 KB
4 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1259974755957997570/7uHJC-KV?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 323228
x-cache: HIT
status: 200
content-length: 4303
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1259974755957997570
last-modified: Mon, 11 May 2020 22:30:45 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09fefbe59989eaba26df6deb730afe00
accept-ranges: bytes

GET
H2 200 Ut37ZGRp
pbs.twimg.com/card_img/1257322194239025158/ Frame 9D5D 5 KB
5 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1257322194239025158/Ut37ZGRp?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
x-content-type-options: nosniff
age: 226429
x-cache: HIT
status: 200
content-length: 4867
x-response-time: 143
surrogate-key: card_img card_img/bucket/5 card_img/1257322194239025158
last-modified: Mon, 04 May 2020 14:50:25 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 794e6d1d4d98dc958a6bd2265bf03a85
accept-ranges: bytes

GET
H/1.1 200
OK timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ Frame 9D5D 52 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:12 GMT
Server: ECS (fcn/419E)
Age: 78902
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H/1.1 200
OK timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 7ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.d41c1d7e4bac44f4658ca45d09564e79.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419E) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:12 GMT
Server: ECS (fcn/419E)
Age: 78902
Etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12155

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/ 142 KB
51 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c6c8175c556f53109ae8579fcd763478eb74c8b756e98f1f651ccf58732aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52596
x-xss-protection: 0
server: cafe
etag: 4912600474625003837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 May 2020 16:20:07 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9B07 0
0 344ms
343ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559607&rafmt=1&to=qs&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=1&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=hl5PBShf7O&p=https%3A//seguranca-informatica.pt&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=1909131177&adf=3723832354&w=340&fwrn=4&fwrnh=100&lmt=1589559607&rafmt=1&to=qs&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&format=340x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=1&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1023&ady=1665&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=hl5PBShf7O&p=https%3A//seguranca-informatica.pt&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnikDX63oGF_tRRtHvOSBFDklwccdmedgBzNGTvp3cjPMvYbYa2lNdhwIi5; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:08 GMT
server: cafe
content-length: 23153
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 112 B
296 B 62ms
48ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_2g6n0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80d813a47b71cff017c93dcfe2ede62f31e87d3e2cbe1f4e57c87a2241c67eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "80f3881f6f733e9c8c7bad929d50ebebcd1ee3b7"
status: 200
x-fb-rev: 1002132105
alt-svc: h3-27=":443"; ma=3600
content-length: 112
pragma: no-cache
x-fb-debug: J5f+Vw6SuObQKRctcA864KDBowVN+d9GFqgTa1ubk7vqjP3AcPaOS93LNKs7l2hpmLXdFqSdueeqBYxkCuUMcQ==
x-fb-trace-id: CtUqUwb/E5a
date: Fri, 15 May 2020 16:20:08 GMT, Fri, 15 May 2020 16:20:08 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AAsqklerzlh-l6_Y4sh8akt
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 34 B
315 B 257ms
256ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&callback=_ate.cbs.rcb_c8cq0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e2fc3f5bd7343073782ade085f8274c2064dd0a531604b7758312a0e04b24b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
last-modified: Fri, 15 May 2020 16:20:08 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:20:08 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 54

GET
H2 200 / Show response
graph.facebook.com/ 111 B
515 B 60ms
47ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_837w0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

433b7df4f919578f5d1f18f7a0f5b97b0eca0f2ea5e7385d5d1c4c4520f8e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "492fd324597f655cf20271004879687e57b870a8"
status: 200
x-fb-rev: 1002132105
alt-svc: h3-27=":443"; ma=3600
content-length: 111
pragma: no-cache
x-fb-debug: A0tcM+OPN3fVLQY50GQxoUCztyPrrQEims84z7c0CU9AnW6NA97HVgn/zu3ae5LuEwyFXZbDteSMsMQW6DMCZg==
x-fb-trace-id: GQBqJFn9C+0
date: Fri, 15 May 2020 16:20:08 GMT, Fri, 15 May 2020 16:20:08 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AW_YrL2mzgV-Nxup424jKKL
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
314 B 263ms
262ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&callback=_ate.cbs.rcb_5ex0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

509cd2b3c4096ad38fe25fcf8ed9b4383d89d3146994047db1bce679a74a74d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
last-modified: Fri, 15 May 2020 16:20:08 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:20:08 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 info.json Show response
www.reddit.com/api/ 3 KB
2 KB 315ms
182ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&jsonp=_ate.cbs.rcb_44cp0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

535d4dba80513640606bf89cea7c3a77e973ee75a3597191acf38107cc592d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 1139
x-xss-protection: 1; mode=block
x-served-by: cache-man4131-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1589559608.230178,VS0,VE115
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 118 B
345 B 296ms
184ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&callback=window._ate.cbs.rcb_ciab0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fbb58951c7e42cc7ad17218289253d319c38b399d18611d86c43e6f49e17ba3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 9025889930528436
expires: Fri, 15 May 2020 16:35:08 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 125 B
258 B 176ms
174ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&jsonp=_ate.cbs.rcb_3ua0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

ccdee7c3f90a2656e5ff45d3cb4ca2775080951798189fbc78de4c4915a7d357

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 125
x-xss-protection: 1; mode=block
x-served-by: cache-man4131-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1589559608.267684,VS0,VE108
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 117 B
165 B 154ms
152ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&callback=window._ate.cbs.rcb_46h50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78bbc9f54e7286eccdcd41ef32fe47eed7adee8135e8fa007900c04b0be5e196

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 8106202073260790
expires: Fri, 15 May 2020 16:35:08 GMT

GET
H2 200 views2.json Show response
q.addthis.com/feeds/1.0/ 34 KB
5 KB 58ms
57ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://q.addthis.com/feeds/1.0/views2.json?pubid=ra-5a74cca42a90a07e&domain=seguranca-informatica.pt&limit=50&callback=_ate.cbs.fds_ra5a74cca42a90a07eviews2json0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.4.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

629df1def5e236ed0725d530df2de471a917221677057d58baa8686f4456308c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ra-5a74cca42a90a07e
last-modified: Fri, 15 May 2020 16:13:11 GMT
server: nginx/1.15.8
date: Fri, 15 May 2020 16:20:08 GMT
vary: Accept-Encoding
cache-tag: ra-5a74cca42a90a07e
status: 200
cache-control: max-age=0, s-maxage=3600
content-type: application/javascript;charset=UTF-8
content-length: 4803

GET
H2 200 1f9d0.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9d0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 26864129
x-ton-expected-size: 1105
x-cache: HIT
status: 200
content-length: 1105
x-response-time: 14
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:38 GMT
server: ECS (fcn/41D7)
etag: "oA1ovLweWKnd1llNXl6J9g=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 6b4e9879fbd20b51dad5368df81c0d1e
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:08 GMT

GET
H2 200 1f1f5-1f1f9.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 715 B
870 B 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f5-1f1f9.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 21830574
x-ton-expected-size: 715
x-cache: HIT
status: 200
content-length: 715
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/4191)
etag: "FTmpXqH4P3R1TK0OI32VdQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7f221139df6ccec7082a82d479eaf700
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:08 GMT

GET
H2 200 26a0.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 595 B
750 B 9ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/26a0.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 12199480
x-ton-expected-size: 595
x-cache: HIT
status: 200
content-length: 595
x-response-time: 2244
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/418E)
etag: "Z7wDoqWvSIaJGOXpgObfsw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9d58789b3c8608664e2f04bd4858f222
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:06 GMT

GET
H2 200 2622.png
abs.twimg.com/emoji/v2/72x72/ Frame 9D5D 755 B
914 B 9ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2622.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 28573004
x-ton-expected-size: 755
x-cache: HIT
status: 200
content-length: 755
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:42 GMT
server: ECS (fcn/4190)
etag: "noPKYKGFNOZUq+jtdn1H7Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c8e143c7c44c839e0b908883c3b7c016
accept-ranges: bytes
expires: Sat, 15 May 2021 16:20:08 GMT

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 9D5D 4 KB
4 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.4b4530aef3cb5159868348e8a492de60.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 98935
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 TB7O3TW0_normal.jpg
pbs.twimg.com/profile_images/1058367083518529536/ Frame 9D5D 2 KB
2 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1058367083518529536/TB7O3TW0_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 5386
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 128
surrogate-key: profile_images profile_images/bucket/1 profile_images/1058367083518529536
last-modified: Fri, 02 Nov 2018 14:33:50 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a20ebe630e0c8de244ed1ce3e4ae49c9
accept-ranges: bytes

GET
H2 200 rAT-5Sgb_normal.jpg
pbs.twimg.com/profile_images/1250537180499509250/ Frame 9D5D 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1250537180499509250/rAT-5Sgb_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f403b8185a2a6777d3ca85a914289b03522d148b1f12d4087b564a35417a1f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 152841
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/3 profile_images/1250537180499509250
last-modified: Wed, 15 Apr 2020 21:29:12 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 81d219c5e3dc28c96b5202b0b1cf750e
accept-ranges: bytes

GET
H2 200 ETgkedSV_normal.jpg
pbs.twimg.com/profile_images/838808063163396096/ Frame 9D5D 2 KB
2 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/838808063163396096/ETgkedSV_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

7c4d72e2d472e7e06026bb5d0015364bf5592cce84d6e747af34f90227b15821

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 238300
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/5 profile_images/838808063163396096
last-modified: Mon, 06 Mar 2017 17:44:41 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a363f0f181614d5ccff05ee7a5b58d3c
accept-ranges: bytes

GET
H2 200 hIimMJ6R_normal.jpg
pbs.twimg.com/profile_images/1216860398118371329/ Frame 9D5D 2 KB
2 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1216860398118371329/hIimMJ6R_normal.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

78f1e4753f574162c7ab58a2ab05779e44cb50b8c53ef59852e4d801597abfaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 296746
x-cache: HIT
status: 200
content-length: 2339
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/3 profile_images/1216860398118371329
last-modified: Mon, 13 Jan 2020 23:09:41 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3af2a2587c4691a4556f23c969fd2f09
accept-ranges: bytes

GET
H2 200 1cjg0aMs_normal.png
pbs.twimg.com/profile_images/594161373703188480/ Frame 9D5D 2 KB
2 KB 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/594161373703188480/1cjg0aMs_normal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

2cf6e3735711cb747ba8bdf53c78cf954bf3579d10d691dfefefd243f1a5dd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 131749
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/6 profile_images/594161373703188480
last-modified: Fri, 01 May 2015 15:26:05 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 03c68d6bc089fcc504ed639b2f3aea18
accept-ranges: bytes

GET
H2 200 4ae724ea6ed248d871bc9d523ae1c24e_normal.png
pbs.twimg.com/profile_images/3703513695/ Frame 9D5D 7 KB
7 KB 11ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 197666
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/2 profile_images/3703513695
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0ef0ec2689378102f0278e97c3c402e
accept-ranges: bytes

GET
H2 200 EYAlJ8fWAAElsTX
pbs.twimg.com/media/ Frame 9D5D 49 KB
50 KB 11ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYAlJ8fWAAElsTX?format=jpg&name=small

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

174d3edd8918d63b407da0dd216c05ed0f8c7a1844b835825b96d8501c9744b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 20808
x-cache: HIT
status: 200
content-length: 50645
x-response-time: 121
surrogate-key: media media/bucket/1 media/1261048748450381825
last-modified: Thu, 14 May 2020 21:38:25 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 47b1e588ff566dc68d7aee5493f1055d
accept-ranges: bytes

GET
H2 200 EX7m9-PXsAMDE_k
pbs.twimg.com/media/ Frame 9D5D 19 KB
20 KB 13ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7m9-PXsAMDE_k?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

7a5de508f163596415bb264f8f130f70d18ca0deddfcbc0fd7312de00214f9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 150281
x-cache: HIT
status: 200
content-length: 19852
x-response-time: 172
surrogate-key: media media/bucket/8 media/1260698898064191491
last-modified: Wed, 13 May 2020 22:28:14 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ce895ded0dbb6a630227bc97a33dac8e
accept-ranges: bytes

GET
H2 200 EXxYHQHXQAAL52C
pbs.twimg.com/media/ Frame 9D5D 37 KB
37 KB 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXxYHQHXQAAL52C?format=png&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

7c7399d32456ccf860fbaee43cbfb0b746f6efcffc5537851eab271e73b5b7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 321835
x-cache: HIT
status: 200
content-length: 37452
x-response-time: 154
surrogate-key: media media/bucket/0 media/1259978877365075968
last-modified: Mon, 11 May 2020 22:47:08 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 540e1cb874ecb45a422bf931ee942c57
accept-ranges: bytes

GET
H2 200 EYDWXn7XQAAsqXC
pbs.twimg.com/media/ Frame 9D5D 14 KB
14 KB 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYDWXn7XQAAsqXC?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

53056a4566d25ac95d51f9927a5e328358a9726a7800a2c36f05910f710cce85

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 20408
x-cache: HIT
status: 200
content-length: 14542
x-response-time: 142
surrogate-key: media media/bucket/5 media/1261243597007044608
last-modified: Fri, 15 May 2020 10:32:40 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 709494882b5cd07e5c1989344c48501a
accept-ranges: bytes

GET
H2 200 EYDWahLWsAIiXnw
pbs.twimg.com/media/ Frame 9D5D 48 KB
48 KB 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EYDWahLWsAIiXnw?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

4135944d69b30495fe01a8d8474077055a055c913489125cb52a675841ab2e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 20408
x-cache: HIT
status: 200
content-length: 48719
x-response-time: 144
surrogate-key: media media/bucket/3 media/1261243646734675970
last-modified: Fri, 15 May 2020 10:32:52 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2d9e46d3d95902287b0101f0846e40c
accept-ranges: bytes

GET
H2 200 EX_gzcRWAAM-nmk
pbs.twimg.com/media/ Frame 9D5D 4 KB
4 KB 12ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_gzcRWAAM-nmk?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

ba0250e71d8796cbd2f3310cdac52c8c1723c611df9a0f5b747934945d49140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 76805
x-cache: HIT
status: 200
content-length: 4304
x-response-time: 138
surrogate-key: media media/bucket/9 media/1260973595053916163
last-modified: Thu, 14 May 2020 16:39:47 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7159b3118a8027ec427ae709105bf841
accept-ranges: bytes

GET
H2 200 EX_gzmaXsAA1sAc
pbs.twimg.com/media/ Frame 9D5D 9 KB
9 KB 14ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_gzmaXsAA1sAc?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

adef2af3bc521b5d2171f199574fdfc7421d81323511fb82c60d89ae0ae6fcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 84913
x-cache: HIT
status: 200
content-length: 9261
x-response-time: 172
surrogate-key: media media/bucket/5 media/1260973597776130048
last-modified: Thu, 14 May 2020 16:39:48 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fb8431f0a24f18017a7b7a869ac983ae
accept-ranges: bytes

GET
H2 200 EX_g0DsXgAIfGOI
pbs.twimg.com/media/ Frame 9D5D 10 KB
10 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_g0DsXgAIfGOI?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

5d5bf22bef8cf97bbeba3a744967690de92394ed356ba77b908f854fd4671422

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 84912
x-cache: HIT
status: 200
content-length: 9932
x-response-time: 152
surrogate-key: media media/bucket/0 media/1260973605636243458
last-modified: Thu, 14 May 2020 16:39:49 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c9bb48473bb00c3378e427217b8450a
accept-ranges: bytes

GET
H2 200 EX_Gi6xXYAAKpSA
pbs.twimg.com/media/ Frame 9D5D 10 KB
11 KB 10ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_Gi6xXYAAKpSA?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

2a8cadd71f7dc844a929c41d81858be70df79038a44bd25e7e6a3956c7fdf85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 89551
x-cache: HIT
status: 200
content-length: 10631
x-response-time: 192
surrogate-key: media media/bucket/7 media/1260944723881189376
last-modified: Thu, 14 May 2020 14:45:04 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 79461f57eb42577f5b47507bbdf7cc02
accept-ranges: bytes

GET
H2 200 EX_GjZdWkAAJ7vZ
pbs.twimg.com/media/ Frame 9D5D 4 KB
5 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GjZdWkAAJ7vZ?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

3dfc92728cb060fb00769ef2d288e623c76b9ee1e7b6d9540b2e37c6aeac5889

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 89551
x-cache: HIT
status: 200
content-length: 4455
x-response-time: 128
surrogate-key: media media/bucket/7 media/1260944732118749184
last-modified: Thu, 14 May 2020 14:45:06 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9cd0dc89573ffffcc019cbcc804bf93b
accept-ranges: bytes

GET
H2 200 EX_GjjuXYAAL7mP
pbs.twimg.com/media/ Frame 9D5D 14 KB
14 KB 9ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GjjuXYAAL7mP?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

eb2717f24569d4ff3b4ab9000a0e36ef758c2764baac864e6bb4167eeae08728

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 89551
x-cache: HIT
status: 200
content-length: 14559
x-response-time: 162
surrogate-key: media media/bucket/4 media/1260944734874460160
last-modified: Thu, 14 May 2020 14:45:06 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 281b44ad2172c66aabaf10e78bb59ec1
accept-ranges: bytes

GET
H2 200 EX_GkGnXgAAhmyd
pbs.twimg.com/media/ Frame 9D5D 13 KB
13 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX_GkGnXgAAhmyd?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

30f3b038c341bc4064e2a6591307c99fc2b60105a4c6a45ec511f54137c34d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 89537
x-cache: HIT
status: 200
content-length: 13498
x-response-time: 165
surrogate-key: media media/bucket/6 media/1260944744240349184
last-modified: Thu, 14 May 2020 14:45:08 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6b218949971d47afd554dc8f480f2c94
accept-ranges: bytes

GET
H2 200 EX-Tqe6XQAEZ1F9
pbs.twimg.com/media/ Frame 9D5D 8 KB
8 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-Tqe6XQAEZ1F9?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418B) /

Resource Hash

4e838cf2ce665e2208aa8515065b3c524003a16034b5b759f36a4b982e4c2501

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 104953
x-cache: HIT
status: 200
content-length: 8166
x-response-time: 133
surrogate-key: media media/bucket/4 media/1260888778748674049
last-modified: Thu, 14 May 2020 11:02:45 GMT
server: ECS (fcn/418B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7fc958c2f887b667f1bc9063a3fc94d4
accept-ranges: bytes

GET
H2 200 EX-TsFOXsAIvhsh
pbs.twimg.com/media/ Frame 9D5D 49 KB
50 KB 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-TsFOXsAIvhsh?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

39c4be699458b5a63bec979d0bc7fe44c0b152a4c57dac6631b07ee6d4dfdb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 104953
x-cache: HIT
status: 200
content-length: 50480
x-response-time: 170
surrogate-key: media media/bucket/6 media/1260888806213005314
last-modified: Thu, 14 May 2020 11:02:52 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 268da6735b15a111851588b99608654d
accept-ranges: bytes

GET
H2 200 EX-Tsy7WoAMMdan
pbs.twimg.com/media/ Frame 9D5D 27 KB
27 KB 12ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-Tsy7WoAMMdan?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

7c372b7c48b31724a9536ee4ba3fda2ba092916acb6c6be3c6b445d91597bd87

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 104953
x-cache: HIT
status: 200
content-length: 27826
x-response-time: 144
surrogate-key: media media/bucket/7 media/1260888818481274883
last-modified: Thu, 14 May 2020 11:02:55 GMT
server: ECS (fcn/41A4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0eb7a83d9724ab3e5bf956fe4b940c85
accept-ranges: bytes

GET
H2 200 EX-TtjeXsAAHRPJ
pbs.twimg.com/media/ Frame 9D5D 3 KB
3 KB 13ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX-TtjeXsAAHRPJ?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

978bbde57b292c60c62b0d2c26d51be6460dd1b1cc7afbeab4b8810cc9fb8f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 104792
x-cache: HIT
status: 200
content-length: 2603
x-response-time: 137
surrogate-key: media media/bucket/1 media/1260888831513047040
last-modified: Thu, 14 May 2020 11:02:58 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e975b797a6b10b554cc2631f6117754
accept-ranges: bytes

GET
H2 200 EX7gR7yWAAM0eCj
pbs.twimg.com/media/ Frame 9D5D 10 KB
11 KB 12ms
9ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gR7yWAAM0eCj?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

0a3fb128fef97ba127eda81efa18c16dca145031f3729cb2e58557faf08bc05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 151414
x-cache: HIT
status: 200
content-length: 10643
x-response-time: 157
surrogate-key: media media/bucket/0 media/1260691544421564419
last-modified: Wed, 13 May 2020 21:59:01 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2aaf621457e88463ff4be012c957194d
accept-ranges: bytes

GET
H2 200 EX7gdecXYAE7biR
pbs.twimg.com/media/ Frame 9D5D 4 KB
4 KB 13ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gdecXYAE7biR?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

393be40f33765f8293a512c338e92e31d467d6ce2e5d5a64fa1cfae498e72cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 151414
x-cache: HIT
status: 200
content-length: 4088
x-response-time: 144
surrogate-key: media media/bucket/7 media/1260691742703181825
last-modified: Wed, 13 May 2020 21:59:48 GMT
server: ECS (fcn/4190)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0fe3924b3e8881aa76a10e8c0711e257
accept-ranges: bytes

GET
H2 200 EX7gjifXYAkKkg7
pbs.twimg.com/media/ Frame 9D5D 5 KB
5 KB 14ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7gjifXYAkKkg7?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

c6a75664bb6f5dad258104bb7c11dba4eeebad12aa673fe9f93c199a7e04133c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 151414
x-cache: HIT
status: 200
content-length: 4974
x-response-time: 144
surrogate-key: media media/bucket/3 media/1260691846868721673
last-modified: Wed, 13 May 2020 22:00:13 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9a08a0a7224ac1a6019e696eaf4e3e33
accept-ranges: bytes

GET
H2 200 EX7g5XNWkAEyp6s
pbs.twimg.com/media/ Frame 9D5D 19 KB
19 KB 12ms
11ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7g5XNWkAEyp6s?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

5c31698e0cf01f68fe45381e6359de5c5beff2371359e413267729a88b1cca01

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 151414
x-cache: HIT
status: 200
content-length: 19119
x-response-time: 147
surrogate-key: media media/bucket/2 media/1260692221797502977
last-modified: Wed, 13 May 2020 22:01:42 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89260f49c0d45110a129e9494faaa0ae
accept-ranges: bytes

GET
H2 200 EX7blEuXsAAzONE
pbs.twimg.com/media/ Frame 9D5D 4 KB
5 KB 19ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7blEuXsAAzONE?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

2dc6b608f38ecbf65f6942da886e4a746f003ea35da562ef85fcbcd4369dc62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 152748
x-cache: HIT
status: 200
content-length: 4450
x-response-time: 131
surrogate-key: media media/bucket/4 media/1260686375680192512
last-modified: Wed, 13 May 2020 21:38:29 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5dbfd8602afd2821e6299d6c7f51b0fa
accept-ranges: bytes

GET
H2 200 EX7cfvHWoAAY4e_
pbs.twimg.com/media/ Frame 9D5D 3 KB
4 KB 44ms
40ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7cfvHWoAAY4e_?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

4124e9739c0a68290bb7c4437b303b57eed7b32ea383ba28936dbb3d98aea1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 152748
x-cache: HIT
status: 200
content-length: 3511
x-response-time: 135
surrogate-key: media media/bucket/7 media/1260687383491682304
last-modified: Wed, 13 May 2020 21:42:29 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1a27c6604afdb65e4001d6cbf686311f
accept-ranges: bytes

GET
H2 200 EX7dyWhWkAcPLir
pbs.twimg.com/media/ Frame 9D5D 3 KB
3 KB 43ms
39ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX7dyWhWkAcPLir?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

64b0515dac3562cf5137c0775b2a3631cc10ef36a62f96b8590c800f794ce4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 152747
x-cache: HIT
status: 200
content-length: 3121
x-response-time: 145
surrogate-key: media media/bucket/5 media/1260688802818985991
last-modified: Wed, 13 May 2020 21:48:07 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d34b853d3a320cf37cc48dc4c5f7f675
accept-ranges: bytes

GET
H2 200 EX5jGvBXsAAozzx
pbs.twimg.com/media/ Frame 9D5D 14 KB
14 KB 48ms
45ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5jGvBXsAAozzx?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

31e50406a9f34d791065021db1990af9fc39ad5f4654e28a2b388cfcb17fee05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 182979
x-cache: HIT
status: 200
content-length: 14452
x-response-time: 147
surrogate-key: media media/bucket/4 media/1260553913062895616
last-modified: Wed, 13 May 2020 12:52:07 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5207cb47a3e8c7b635f598d24f3b76fb
accept-ranges: bytes

GET
H2 200 EX5lrFLXsAEvv1-
pbs.twimg.com/media/ Frame 9D5D 8 KB
9 KB 47ms
44ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5lrFLXsAEvv1-?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

080d2c31f5785db73fbb77cd8b33a3e0be5a9534588eb202b5998587a61a5a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 184181
x-cache: HIT
status: 200
content-length: 8693
x-response-time: 130
surrogate-key: media media/bucket/0 media/1260556736508964865
last-modified: Wed, 13 May 2020 13:03:20 GMT
server: ECS (fcn/4199)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8c4e3063e7f7e0d5b9670d1881bd1d46
accept-ranges: bytes

GET
H2 200 EX5mIVuXQAAJ5JK
pbs.twimg.com/media/ Frame 9D5D 16 KB
16 KB 47ms
44ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX5mIVuXQAAJ5JK?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

15718a43bc0e65eb765d930a5adb586af8cbf57f26f29f79ce85fd90a31ead3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 184181
x-cache: HIT
status: 200
content-length: 16305
x-response-time: 143
surrogate-key: media media/bucket/1 media/1260557239166910464
last-modified: Wed, 13 May 2020 13:05:20 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f6a529887ecc659e634d235e0de4c91d
accept-ranges: bytes

GET
H2 200 EX1tiDdX0AIbpVK
pbs.twimg.com/media/ Frame 9D5D 7 KB
8 KB 12ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1tiDdX0AIbpVK?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

5111a42826ba8b50d8f02fb189cf6c24b1a91710eb639d695437498997a30f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 243290
x-cache: HIT
status: 200
content-length: 7621
x-response-time: 136
surrogate-key: media media/bucket/7 media/1260283902545088514
last-modified: Tue, 12 May 2020 18:59:11 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d32a4e140d24570b3fb63bcfd67d2f65
accept-ranges: bytes

GET
H2 200 EX1tiaUXgAEf59-
pbs.twimg.com/media/ Frame 9D5D 9 KB
9 KB 11ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1tiaUXgAEf59-?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

0c962688ca1fdc38ae8fa9955d146abeb0e504be807bd08009280ca3f14b1fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 243290
x-cache: HIT
status: 200
content-length: 9477
x-response-time: 159
surrogate-key: media media/bucket/0 media/1260283908681334785
last-modified: Tue, 12 May 2020 18:59:13 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c5c486455aec2ba0ce9c3639a6883b9
accept-ranges: bytes

GET
H2 200 EX1ti2_WsAINOlg
pbs.twimg.com/media/ Frame 9D5D 11 KB
11 KB 10ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX1ti2_WsAINOlg?format=jpg&name=360x360

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

3708af56382d5c8ab19f6816ff04b48b15abea4896cfc28decf48d26d4e3c3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 243289
x-cache: HIT
status: 200
content-length: 10851
x-response-time: 184
surrogate-key: media media/bucket/4 media/1260283916377829378
last-modified: Tue, 12 May 2020 18:59:15 GMT
server: ECS (fcn/41A1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aa5901db1132b0429e5e8e3e77909e42
accept-ranges: bytes

GET
H2 200 EX0YABGXYAMgAhT
pbs.twimg.com/media/ Frame 9D5D 7 KB
8 KB 10ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YABGXYAMgAhT?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

4508ed282e22c46c28e17901b281d40056792ded8d2282eb16617bf6f66dbf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 270955
x-cache: HIT
status: 200
content-length: 7570
x-response-time: 162
surrogate-key: media media/bucket/5 media/1260189859307806723
last-modified: Tue, 12 May 2020 12:45:30 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3e29b0596c7d458d0aa861d8ef24f8d
accept-ranges: bytes

GET
H2 200 EX0YHAZWkAATMkQ
pbs.twimg.com/media/ Frame 9D5D 19 KB
19 KB 13ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YHAZWkAATMkQ?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B4) /

Resource Hash

6c67afdaf9f3aa20008089c39b35ffce9ae635db7bbe0d53be99792e170adc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 270955
x-cache: HIT
status: 200
content-length: 19361
x-response-time: 147
surrogate-key: media media/bucket/1 media/1260189979378094080
last-modified: Tue, 12 May 2020 12:45:58 GMT
server: ECS (fcn/40B4)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 63223d068b63bcf8696c6740543203eb
accept-ranges: bytes

GET
H2 200 EX0YN06XQAApk6g
pbs.twimg.com/media/ Frame 9D5D 16 KB
16 KB 11ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0YN06XQAApk6g?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

fb9c61f90626f09bdeed4fb101e70f3303096693a89670958cd13edd3db22b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 270955
x-cache: HIT
status: 200
content-length: 16685
x-response-time: 132
surrogate-key: media media/bucket/6 media/1260190096554409984
last-modified: Tue, 12 May 2020 12:46:26 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11f8e74232534656c307244b2e967855
accept-ranges: bytes

GET
H2 200 EX0aKkjXkAEvf_Q
pbs.twimg.com/media/ Frame 9D5D 21 KB
21 KB 19ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EX0aKkjXkAEvf_Q?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4189) /

Resource Hash

26f43788d6f24ed01133b2a18ee170b4e1ba2af7c81d633840fb8a05bdca6e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 270955
x-cache: HIT
status: 200
content-length: 21155
x-response-time: 150
surrogate-key: media media/bucket/8 media/1260192239646642177
last-modified: Tue, 12 May 2020 12:54:57 GMT
server: ECS (fcn/4189)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fc0a27d6259b0d37bb5a2fe1812dd151
accept-ranges: bytes

GET
H2 200 EXr7QMbWAAIPWbM
pbs.twimg.com/media/ Frame 9D5D 14 KB
14 KB 18ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXr7QMbWAAIPWbM?format=png&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

beec1a102eeef34452d715d74e9e76d9bf3ac64171d98f301345c0780578f96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 411451
x-cache: HIT
status: 200
content-length: 14625
x-response-time: 142
surrogate-key: media media/bucket/3 media/1259595301435867138
last-modified: Sun, 10 May 2020 21:22:56 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ab80d633e3075f1ccdf32e1cf399d979
accept-ranges: bytes

GET
H2 200 EXr7T9lWkAUB_ax
pbs.twimg.com/media/ Frame 9D5D 5 KB
5 KB 19ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXr7T9lWkAUB_ax?format=jpg&name=240x240

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

013763bcd11aee4296dec2332b0cd4194330e17b1b3785ed23b56ed59a8a2652

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 411451
x-cache: HIT
status: 200
content-length: 5411
x-response-time: 143
surrogate-key: media media/bucket/2 media/1259595366170791941
last-modified: Sun, 10 May 2020 21:23:12 GMT
server: ECS (fcn/40FD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f1019f9a02ba7d7df3ce6f344330b8d
accept-ranges: bytes

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 9D5D 44 KB
7 KB 7ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562206
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: aae4135ed66c6a503050b8ae0bdcd456
accept-ranges: bytes
expires: Fri, 22 May 2020 16:20:08 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 9ms
6ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562206
x-ton-expected-size: 45170
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: aae4135ed66c6a503050b8ae0bdcd456
accept-ranges: bytes
expires: Fri, 22 May 2020 16:20:08 GMT

GET
DATA 200
OK truncated
/ Frame 9D5D 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9D5D 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9D5D 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9D5D 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9D5D 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 lounge.db072b7d11b56c5c060394cab39e75c5.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 23ms
23ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.db072b7d11b56c5c060394cab39e75c5.css

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167403
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 21979
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 13 May 2020 17:13:15 GMT
server: cloudflare
etag: "5ebc2aab-55db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02babbdbe500003250a318b200000001
accept-ranges: bytes
cf-ray: 593e2f3fdef33250-FRA
expires: Thu, 13 May 2021 17:50:03 GMT

GET
H2 200 common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js
c.disquscdn.com/next/embed/ 0
89 KB 19ms
16ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f9554506a08a1cc2b021f0dfc3f59ebb.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2482795
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 90432
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 16 Apr 2020 22:27:00 GMT
server: cloudflare
etag: "5e98dbb4-16140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02babbdbf000003250a318f200000001
accept-ranges: bytes
cf-ray: 593e2f3fef2b3250-FRA
expires: Fri, 16 Apr 2021 22:40:09 GMT

GET
H2 200 lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js
c.disquscdn.com/next/embed/ 0
109 KB 45ms
41ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.d3858dbda732166bc46a5391f5b0b789.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84499
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 111169
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 14 May 2020 16:45:12 GMT
server: cloudflare
etag: "5ebd7598-1b241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02babbdc0100003250a3191200000001
accept-ranges: bytes
cf-ray: 593e2f400f7c3250-FRA
expires: Fri, 14 May 2021 16:51:48 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
7 KB 106ms
31ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 16:20:08 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 33
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 6232
X-XSS-Protection: 1; mode=block

POST
H2 200 /
www.facebook.com/tr/ 0
82 B 9ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZuKWFB3Knvt13kAz

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 15 May 2020 16:20:08 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://seguranca-informatica.pt
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D0BC 0
0 352ms
348ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=3429474278&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=2&bdt=1157&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2785&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jsgeuSC2Ba&p=https%3A//seguranca-informatica.pt&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=3429474278&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=2&bdt=1157&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0&nras=2&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=80&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=2785&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=jsgeuSC2Ba&p=https%3A//seguranca-informatica.pt&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnikDX63oGF_tRRtHvOSBFDklwccdmedgBzNGTvp3cjPMvYbYa2lNdhwIi5; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:08 GMT
server: cafe
content-length: 23701
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F3CE 0
0 412ms
409ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1890291405&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4668&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=a7AmF6MFQD&p=https%3A//seguranca-informatica.pt&dtd=78

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1890291405&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280&nras=3&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=4668&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=a7AmF6MFQD&p=https%3A//seguranca-informatica.pt&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnikDX63oGF_tRRtHvOSBFDklwccdmedgBzNGTvp3cjPMvYbYa2lNdhwIi5; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:08 GMT
server: cafe
content-length: 21352
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 01D9 0
0 359ms
357ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1753594591&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=6982&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=0ESy3vUPuB&p=https%3A//seguranca-informatica.pt&dtd=82

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5067310443593238&output=html&h=280&adk=3194852184&adf=1753594591&w=740&fwrn=4&fwrnh=100&lmt=1589559607&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7674192041&psa=1&guci=1.2.0.0.2.2.0.0&ad_type=text_image&format=740x280&url=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&flash=0&fwr=0&pra=3&rh=185&rw=740&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1589559607887&bpp=1&bdt=1158&idt=-M&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=740x185%2C0x0%2C740x280%2C740x280&nras=4&correlator=5934179784681&frm=20&pv=1&ga_vid=676357214.1589559607&ga_sid=1589559607&ga_hid=1097600956&ga_fc=0&iag=0&icsg=11733850603327&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=6982&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C410075106&oid=3&psts=AGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ%2CAGkb-H-I1CHhjLZ62ByyruvWK3slGU8baMraBPhav5xVj-USXcIaaNHHMhqCElrIaFMGtQ&pvsid=2833514608683535&pem=412&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8336&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=0ESy3vUPuB&p=https%3A//seguranca-informatica.pt&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnikDX63oGF_tRRtHvOSBFDklwccdmedgBzNGTvp3cjPMvYbYa2lNdhwIi5; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 15 May 2020 16:20:08 GMT
server: cafe
content-length: 24376
x-xss-protection: 0
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 69DD 0
0 282ms
189ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=seguranca-informatica&t_i=7587%20https%3A%2F%2Fseguranca-informatica.pt%2F%3Fp%3D7587&t_u=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F&t_e=Trojan%20Lampion%20is%20back%20after%203%20months&t_d=Trojan%20Lampion%20is%20back%20after%203%20months&t_t=Trojan%20Lampion%20is%20back%20after%203%20months&s_o=default

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

Connection: keep-alive
Content-Length: 2596
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 11 May 2020 22:26:00 GMT
ETag: W/"lounge:view:8019845447.264d3850287e57945a1f19a187ac09df.2"
Content-Encoding: gzip
Date: Fri, 15 May 2020 16:20:08 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3f36146f67554b989421cd2be6d58d97fc92f7c6e130d6152a0659a770f8fc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2-1.png
seguranca-informatica.pt/wp-content/uploads/2020/04/ 78 KB
79 KB 283ms
283ms Image
image/png 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2020/04/2-1.png

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6a32d06399f9af78c8820cd98a450cd155214b87704bf28ca1c2196cb09207a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 80383
cf-request-id: 02babbdc9e00001f39e9916200000001
referrer-policy
last-modified: Mon, 06 Apr 2020 09:13:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f40fcc41f39-FRA

GET
H2 200 dns-resolver.jpg
seguranca-informatica.pt/wp-content/uploads/2018/04/ 145 KB
146 KB 290ms
289ms Image
image/jpeg 2606:4700:3037::681b:bc6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seguranca-informatica.pt/wp-content/uploads/2018/04/dns-resolver.jpg

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681b:bc6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fefc057c0b9151beb858748b560413577988155200b6c1d85a1ac1bec44af1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 148734
cf-request-id: 02babbdc9e00001f39e9917200000001
referrer-policy
last-modified: Sun, 29 Apr 2018 10:35:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593e2f40fcc61f39-FRA

GET
H2 200 otrHzz7B
pbs.twimg.com/card_img/1260915470120738818/ Frame 9D5D 4 KB
5 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260915470120738818/otrHzz7B?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 98935
x-cache: HIT
status: 200
content-length: 4429
x-response-time: 140
surrogate-key: card_img card_img/bucket/5 card_img/1260915470120738818
last-modified: Thu, 14 May 2020 12:48:49 GMT
server: ECS (fcn/419D)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ae39201cbd3bcd4a9f2c4d9d9c8b113a
accept-ranges: bytes

GET
H2 200 bOXSAGDp
pbs.twimg.com/card_img/1260880527042777090/ Frame 9D5D 2 KB
2 KB 8ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260880527042777090/bOXSAGDp?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 107264
x-cache: HIT
status: 200
content-length: 1638
x-response-time: 142
surrogate-key: card_img card_img/bucket/3 card_img/1260880527042777090
last-modified: Thu, 14 May 2020 10:29:58 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d467480b3cee22e40d7be671cd223fc
accept-ranges: bytes

GET
H2 200 iRaKib4f
pbs.twimg.com/card_img/1260727687439618048/ Frame 9D5D 55 KB
55 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260727687439618048/iRaKib4f?format=jpg&name=600x314

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 124600
x-cache: HIT
status: 200
content-length: 56026
x-response-time: 149
surrogate-key: card_img card_img/bucket/5 card_img/1260727687439618048
last-modified: Thu, 14 May 2020 00:22:38 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6c4647d244ff72f7fd01c22cfe1e1709
accept-ranges: bytes

GET
H2 200 Bj3eS0F8
pbs.twimg.com/card_img/1260313571361042433/ Frame 9D5D 6 KB
6 KB 7ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1260313571361042433/Bj3eS0F8?format=png&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 240396
x-cache: HIT
status: 200
content-length: 6408
x-response-time: 152
surrogate-key: card_img card_img/bucket/9 card_img/1260313571361042433
last-modified: Tue, 12 May 2020 20:57:05 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 060b725ecae9640d7f5632c45fa259a3
accept-ranges: bytes

GET
H2 200 7uHJC-KV
pbs.twimg.com/card_img/1259974755957997570/ Frame 9D5D 4 KB
4 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1259974755957997570/7uHJC-KV?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 323229
x-cache: HIT
status: 200
content-length: 4303
x-response-time: 143
surrogate-key: card_img card_img/bucket/6 card_img/1259974755957997570
last-modified: Mon, 11 May 2020 22:30:45 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 09fefbe59989eaba26df6deb730afe00
accept-ranges: bytes

GET
H2 200 Ut37ZGRp
pbs.twimg.com/card_img/1257322194239025158/ Frame 9D5D 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1257322194239025158/Ut37ZGRp?format=jpg&name=144x144_2

Requested by

Host: seguranca-informatica.pt
URL: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:08 GMT
x-content-type-options: nosniff
age: 226430
x-cache: HIT
status: 200
content-length: 4867
x-response-time: 143
surrogate-key: card_img card_img/bucket/5 card_img/1257322194239025158
last-modified: Mon, 04 May 2020 14:50:25 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 794e6d1d4d98dc958a6bd2265bf03a85
accept-ranges: bytes

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 45ms
44ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200511&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01eb4812b38b6905df6f9e7f23ee35415fb40ac29647e083d253d52c74cf214c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 May 2020 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5590
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/v2.12/plugins/ Frame E733 0
0 86ms
86ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e5d0949a2770c%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff1e0fba49200c04%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=edf0f15c033aa2529b37e0789fcc1c9b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e5d0949a2770c%26domain%3Dseguranca-informatica.pt%26origin%3Dhttps%253A%252F%252Fseguranca-informatica.pt%252Ff1e0fba49200c04%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsegurancainformatica&locale=en_US&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 3gYlBFaa1EwNtQHGUYQQGXm1Okhlpsi25YBOI7xL3TkmenWrC7N8mJsEwspMX49DKsVKLkrkrypLHLwBKNxlDw==
date: Fri, 15 May 2020 16:20:09 GMT Fri, 15 May 2020 16:20:09 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 15 May 2020 16:20:09 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame F6B3
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://seguranca-informatica.pt
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 78905
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 15 May 2020 16:20:09 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 12 May 2020 17:25:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4196)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 15 May 2020 16:20:09 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 15 May 2020 16:20:09 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: abebb0ff865562a13598e560b50a52ff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 138
x-transaction: 00fd4021005585d2
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7B49 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 15 May 2020 15:37:26 GMT
expires: Sat, 15 May 2021 15:37:26 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2563
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: seguranca-informatica.disqus.com
URL: https://seguranca-informatica.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 16:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25518746
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 6605
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 15 May 2019 00:01:52 GMT
server: cloudflare
etag: "5cdb56f0-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 02babbdfc500003250a31cf200000001
accept-ranges: bytes
cf-ray: 593e2f4608b53250-FRA
expires: Tue, 19 May 2020 02:07:22 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 286 B
920 B 253ms
104ms XHR
text/javascript 151.101.112.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fseguranca-informatica.pt%2Ftrojan-lampion-is-back-after-3-months%2F%23.Xr7BN9OxX0M&subId=5368311&v=1&jsonp=vglnk_jsonp_15895596093100
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5f04b14e387e65de4db9a43892cde528ac2e081f7db0ad56ae3ed4cb86d7187b

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 May 2020 16:20:09 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://seguranca-informatica.pt
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 286
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200511&jk=2833514608683535&bg=!IiGlITlY5F4mUX_08EICAAAAwlIAAAARmQGAcxW9bDSggPxZd2zttHMIwCU1w5x7_Eqf-1QSQZ5uNjmPrroapbNtNU4GzeKBPNcl43BBdDu5hvp9p8xrp7_EKSngcdjHKiJ5wZpsT39FV684cQ9kZMwxVGiUDaUONPht6ojpCel2nZS3UJ3PnIB1RbnOwLemxyIJmEmmCZlmICKrcgFIrpog9WVyl6g0NG0Mcl-Wb2LZLQxd-sJozJxAPQY-M5WJth_kNzRk6vHXpUAV_gPkvtr3QhkXtvj2XVfLTybEpZr7aznIdEw8AXPer9B1ivJ47BHCKzP3LG3GPUiioGBma6VPawW65Oe7dzLN5xsuAEJlZqb2PyaKImCS7g15GpJjGVpwTS3qQ4Myese8NtIRl6EvGGIzqaBXniJEvekJqQqVfHawU4cr9rMjEf_RkSGmW75pvkvf0J018oSE69CBVbXsQbjXGd50gqJuyqew1SY7mRvY3jMwrHao-EqRa-yVJMDS5Ce_yWDAKSSAvXiIu4cUcWtar0KTIbzJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seguranca-informatica.pt/trojan-lampion-is-back-after-3-months/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 16:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 09:32:40	Name: test_cookie Value: CheckForPermission

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://seguranca-informatica.pt/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.4.1(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
api-public.addthis.com
c.disquscdn.com
cdn.onesignal.com
cdn.syndication.twimg.com
connect.facebook.net
disqus.com
feed.seguranca-informatica.pt
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
licensebuttons.net
links.services.disqus.com
m.addthis.com
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
q.addthis.com
s7.addthis.com
seguranca-informatica.disqus.com
seguranca-informatica.pt
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
v1.addthisedge.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.paypal.com
www.paypalobjects.com
www.reddit.com
www.youtube.com
z.moatads.com
s7.addthis.com
104.244.42.72
151.101.0.134
151.101.112.134
151.101.112.64
151.101.114.133
151.101.12.84
199.232.53.140
2.18.232.75
23.210.248.44
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:5d6
2606:4700:3037::681b:bc6c
2606:4700::6812:a813
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:814::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:820::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::200e
2a00:1450:4001:821::200a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
72.247.226.64
0065a533b9122944853cc307a85f84133bb277dc6057cefeebab142c071d9230
013763bcd11aee4296dec2332b0cd4194330e17b1b3785ed23b56ed59a8a2652
01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931
01eb4812b38b6905df6f9e7f23ee35415fb40ac29647e083d253d52c74cf214c
02a8eed49f3f9c8463957eb112a8f7fc681736cabea524c019c7e405ad0c0f24
02d07d10acd4601389f7e765aa1bf98ec42f568c37f1e7ff40b7ed1dbc8d15af
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
057920366cab5943adbe71a5c960c743daf84bf49e13c684d2166efaffc91dae
066d6b6d0ac47e197c9816ecc646022123de9bd034a81b4b3efb7b790ff89963
079d21515f2c8e93ebb26f1f9f89fa7dd1cc4dd7aeb37a78eb0a5b9e9fc5a64b
080d2c31f5785db73fbb77cd8b33a3e0be5a9534588eb202b5998587a61a5a9f
0952427c6f4fa6f960b8954afbf10c45ab099876ec25e748b73ade0757e88207
0a3fb128fef97ba127eda81efa18c16dca145031f3729cb2e58557faf08bc05d
0c962688ca1fdc38ae8fa9955d146abeb0e504be807bd08009280ca3f14b1fa2
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
15718a43bc0e65eb765d930a5adb586af8cbf57f26f29f79ce85fd90a31ead3d
174d3edd8918d63b407da0dd216c05ed0f8c7a1844b835825b96d8501c9744b4
18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145
18f1e1f4fe5585108349cf029e48ad91a12dae4627be962667fb0b4933c69bba
191e2a2deb0b16b4e6c833685b15ab930c8eaeec228391f6b26bc1fcda208c7b
1f449b6d1dba1bf792d53ca14c3938763dd4b0f7208cddab9eadce5c41d108a3
1fc9e562f67ac01fc3db71ce882b51a1096010a777f2d9f3a87db6a642ad19a2
241e9ee6931a3d9968359c917590e46cf938d82b9998612c199377e9669af9eb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268653524785d611cab68ecbf094a5720b51a8e15828eb2bbedea14bb17c5354
26f43788d6f24ed01133b2a18ee170b4e1ba2af7c81d633840fb8a05bdca6e9b
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
2a12b82bb4b7e9b29fd41e3f22c394ee3d3737f8f9af9f7ae041d0bb895d8bd1
2a8cadd71f7dc844a929c41d81858be70df79038a44bd25e7e6a3956c7fdf85e
2cf6e3735711cb747ba8bdf53c78cf954bf3579d10d691dfefefd243f1a5dd6e
2d8a628333a76cfe484a2b9c01bca786fccf08d0010d4bffca2b38b29dd4ed0b
2dc6b608f38ecbf65f6942da886e4a746f003ea35da562ef85fcbcd4369dc62b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30f3b038c341bc4064e2a6591307c99fc2b60105a4c6a45ec511f54137c34d55
31e50406a9f34d791065021db1990af9fc39ad5f4654e28a2b388cfcb17fee05
32c6c8175c556f53109ae8579fcd763478eb74c8b756e98f1f651ccf58732aff
33b531f80fbec5d7a5e115d897d206441d9dee317ea5bdeb5072649d0f40e178
343bde3e98b9503c4aa226f553e1e53a20437cc8a4e3aa84eff40b5e8bd99afc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34bce8bd1669a3e3161e4ded982cd9988c9dcd2154559198d519751d2718f481
36db3512ea89976cd734e544a1edd6a0609a824da59b596146f955cb6274040c
3708af56382d5c8ab19f6816ff04b48b15abea4896cfc28decf48d26d4e3c3d2
3759d104e1d7d41f0261cfb7de4a420b0ac04925beb371126b6a6959703e46cc
393be40f33765f8293a512c338e92e31d467d6ce2e5d5a64fa1cfae498e72cc9
39c4be699458b5a63bec979d0bc7fe44c0b152a4c57dac6631b07ee6d4dfdb95
3dbab26b6050d95f1f5165ebb4114ba93bc15f011f34eca927242cb3d1f0d95f
3dfc92728cb060fb00769ef2d288e623c76b9ee1e7b6d9540b2e37c6aeac5889
4124e9739c0a68290bb7c4437b303b57eed7b32ea383ba28936dbb3d98aea1c7
4135944d69b30495fe01a8d8474077055a055c913489125cb52a675841ab2e25
41842b8a7787f30dd7c129b53b921da9705e8420e0926550013d0252822547ec
433b7df4f919578f5d1f18f7a0f5b97b0eca0f2ea5e7385d5d1c4c4520f8e314
44f42160647efdb85b129d040beee22d6e3a55998c83febb2f4a03ccb0e4b714
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4508ed282e22c46c28e17901b281d40056792ded8d2282eb16617bf6f66dbf9c
4629215841e2459796d3c92ef2d6de1e1bcb7b4bb89d582603b6ef249c28115e
46b713ecb8535f31055d6349de02f1051cb87a9433a17ad7e80d8efb065a03e7
478e89099e0fddf654e7590276191089e55570461d34a1b50a2abefd95019b40
48b3b17bf53635986804b63fb97b63fd84d72e6f2d169519f36ba2a3ca6a70a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4e838cf2ce665e2208aa8515065b3c524003a16034b5b759f36a4b982e4c2501
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
509cd2b3c4096ad38fe25fcf8ed9b4383d89d3146994047db1bce679a74a74d8
5111a42826ba8b50d8f02fb189cf6c24b1a91710eb639d695437498997a30f69
53056a4566d25ac95d51f9927a5e328358a9726a7800a2c36f05910f710cce85
535d4dba80513640606bf89cea7c3a77e973ee75a3597191acf38107cc592d11
544ed0eb98a5b7a489c206546fe3155e32508ceda7da3d3d25f6100c0097cd17
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
575593b187efc8e164cf80d79952d18b79ecad5fb42a81b1711dedf7a2af46b9
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5c31698e0cf01f68fe45381e6359de5c5beff2371359e413267729a88b1cca01
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d5bf22bef8cf97bbeba3a744967690de92394ed356ba77b908f854fd4671422
5f04b14e387e65de4db9a43892cde528ac2e081f7db0ad56ae3ed4cb86d7187b
622bd29e595894b02f5c5ab95628f99d6e6d46483bac342b4fff38bbc64a8a35
629df1def5e236ed0725d530df2de471a917221677057d58baa8686f4456308c
64b0515dac3562cf5137c0775b2a3631cc10ef36a62f96b8590c800f794ce4cd
659e7da9c5f2ea8933af2e78a4d9646b419851e9979dbb38d12e9d43c7711cb3
66a1646024f0fd58b7fbc8f674b9c097d9e9a96ab0dbb11b92bb377a2eccfa4e
6b06395cfed65d6d023a266d7720d5eda962bbbfbaa7269e278820b66729b2cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c67afdaf9f3aa20008089c39b35ffce9ae635db7bbe0d53be99792e170adc0a
6c848f8748dcbd3ae9248bd4ef3309e931660b0ebd18b20b7c3989ac54144e5b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f97fb27fc5a2b0b2ef192937aeea30f869e026c98518e154a796755e3d0d864
73ed7d7dd15a1989add842a0676d03e2729f864e58c062816275cbd384bf08f5
771f2d631fbd9243573f7663d06be4c3b9eea49b81de12a3f1991b348d11a616
78bbc9f54e7286eccdcd41ef32fe47eed7adee8135e8fa007900c04b0be5e196
78f1e4753f574162c7ab58a2ab05779e44cb50b8c53ef59852e4d801597abfaf
79193a8d7b1725f67c6653d4d176eae10668fdf2025c738ddfa135d7b5bad114
7a03a74a92cb2f04b7f3e0338f51a3c4dfc1491a8f046b722f8a951502a7740e
7a10648b57b061f2ecbcf75ab66d43c7faa1e0b3b1aa42fcf6fed1a65b2415c2
7a1dcd0fc3074c9f571e9d8d3b2784e8b71325071ee6e9a7b272b2c28445c9b5
7a20b3be7d4327e93b19c5f9294f18c262e209b1831db3daee58a82baf8f96ff
7a5de508f163596415bb264f8f130f70d18ca0deddfcbc0fd7312de00214f9d3
7b5fc275c98a58b1073a713920cefa54fab60ad9d85a67cf6907aaf8fbb3c474
7c372b7c48b31724a9536ee4ba3fda2ba092916acb6c6be3c6b445d91597bd87
7c4d72e2d472e7e06026bb5d0015364bf5592cce84d6e747af34f90227b15821
7c7399d32456ccf860fbaee43cbfb0b746f6efcffc5537851eab271e73b5b7a6
7cd9e72894580d70b0cc6a28b3836d34eb7f907eb97a152c310bfebafb65a2f7
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7daf3f5acd448e33c96a746407198ccbe6eff0402f20bbf1164a1129205c13bd
80d813a47b71cff017c93dcfe2ede62f31e87d3e2cbe1f4e57c87a2241c67eea
8220596e6a32feeaa3c95078f2a72efb6a01025245097384816d26c2a3f38c3a
85d11a34cf5ae0738a3f2a2e0f463484c9b7371b46c9e5bc991f57d44f58400f
8742843c9c346c419f6a487e08a8f6d6c5f3200d4f7a7c0e15dab4a4a7c0c65d
88731bd32d2242a6918772bd11e6e16f46c2e3c05c7bbd4ed47d162cff9683f3
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8db469b90b8d9e2a0675931132266a305d0f080fc5ef4e7bd0f841f161b78b5f
91d4207e7c66e4f58b75db09d4bf19e44186e48913d9f9fb8a15823019ea143b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94ece170ac337a76b357bb486ae6ddb00ef2418e8b00d81cac6942b8ebfb6510
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
978bbde57b292c60c62b0d2c26d51be6460dd1b1cc7afbeab4b8810cc9fb8f05
9a44ab6217570448889e9e625c86288f47692343285d48fd2642e9f9e46c3158
9be7537f55bde87db7acf7c9aa482e56e3c8891f09710e19113637cdbb8143ea
9c677df6c0eccea7dfe6231398ee68e1e1fcd0061912fb23275f631d8c1c8bae
9f29c510c4b21638d69fb6e6513fcb03ded2d50e2347644ddb214fd760a9372c
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
a3622c7c6c64b493c982f365e01b5eaa59f48da664e98025c383d4f8c57c4396
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
a3f36146f67554b989421cd2be6d58d97fc92f7c6e130d6152a0659a770f8fc2
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a71906f87b3603ad144c94d721618e87bd868fefbabf53743730c6aa0f1b1343
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adef2af3bc521b5d2171f199574fdfc7421d81323511fb82c60d89ae0ae6fcd0
b1dca885792b34dbde1c02ff0b4681cfd52826f5cb04ce4d9a1ee07ce80aa8fc
b26db15f3f5d200caca5ec6d9605c1727f087016ef39644f9c233d9d094afdd3
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b6bad8fb5327a87ba126a50844529fa2d207b42b7df8e31e104c5d48c5092d87
b7520aaa7768147f79f050cc16d0203c51a841b15ab006e1a474a47269951bd3
b8cb27788844e455b92854743ee7ecab79e95c50735dc7e23b064b92e359bbf6
b9382c1ac33e60533971224071a03c61bd2a759689a41085dbc757872e40ec5b
ba0250e71d8796cbd2f3310cdac52c8c1723c611df9a0f5b747934945d49140c
ba23d13ab9eb27eb4933ae12135dc7f2775699d06d8628f73b9ff9b9f01aeef4
bab527bcf0232ad28a870abdd7e18dd7b42b0994beb65c36530ae9baba74494b
bba6156a938774b6d006922b40ded2d8262d1a4cabdb7f6a066978d887f6ed7d
bc9739d0d7392121fdc9d51cee01553a500980a5ce417343483982c68e3e2625
be73c16f766dc7c7a8c08a6ba72cdd7645f553ec28ca32640022b6d7355f590a
beec1a102eeef34452d715d74e9e76d9bf3ac64171d98f301345c0780578f96e
c36d0094cb3d176360c91599d13da78f0c77df004bc076aadd883f189fa1767e
c6a32d06399f9af78c8820cd98a450cd155214b87704bf28ca1c2196cb09207a
c6a75664bb6f5dad258104bb7c11dba4eeebad12aa673fe9f93c199a7e04133c
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
c90172b5431c9075ab79303e0ce34e304768f6602952a97c14fa0010885b03a1
caace78c6f887ecbf780bdf5b71e57a02776d7ef5a0e54e797e3e007130262e2
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
ccdee7c3f90a2656e5ff45d3cb4ca2775080951798189fbc78de4c4915a7d357
ce4cb34807330a0b7afe401877ad09ecc7f930f9706cac7994716bcc1b3fd886
cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e
cfcd2d0c165047a6f4ce42f4d5bf6b1d159580756444663632d901c087de50d7
d0154bc5c5f57538a82d600332062423bc61361a127b27cb1be7077c07e34fdf
d09e163a3868a47d1c51be0b013497ce6975c036fcc5d7b65bba70419c74b7ad
d124e7af3146ee54b7dc8e7fc3b9798efa711e495de0498b17b58ff732fa30dc
d5b7288f327425755badd771bd9807addb77d9a752890906f95eddfed131b627
d67e12d3b25210c485d4d39ebd124cd187eacd43b21f5547b2bead3943c0d649
d752b2e79c9d49bb8911c45af0a25e1352f18e9679cbc7cac69e6da4ddbb093e
d7f837ecf8426cc760739e8a17218b3b501156f43a7bd03afb7207949b12ab0b
da878137fa50efbe120c897b388ef6c1d2c589010a7fffd7924fd50e0b941203
daae27b31cc02284fca11559e6bad641f8f4a27f711469be53cd7f558b73072c
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
db0de0d4de1311eb99b9327550146b23da220725b6739baa3158eb12f12d358a
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
df8fc8bcdd04abe87a962c9b8d0dbdaeca4403a79f478d1659097f834491e627
e02a28e995334093dff6f19238e59aba7b5ba434ea2c84ef78f6a70ce260b49d
e0b867e89571d23202e9a1cf026372048737c930c3e0c6002231ef5729297e4f
e2fc3f5bd7343073782ade085f8274c2064dd0a531604b7758312a0e04b24b93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc2f7251c41ff1f4b2e07a3ccd074d21288160fbd9893f0f0e4fc62d2c63c5
e60d58e3602f1b85a212115e4d7300e09234e89eeec8df6065c2568c43e3f056
e69c8d33258983d26a64c123163df7cccdccffc8178e8c4365ae5c58e48040d3
e6dc579ac077f2e0bd24a04b3d2b0c88a2d977cd22a5170d2851644e5f25ec68
e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794
e918c7a354d2f69cfd44ad24c87b814cf2d86a0d73854f3259cc69f9f3f6a19c
ea3906631ed3ac3f02664bb801434732b02ec1b79ca261909136c5b4ef663de9
eb2717f24569d4ff3b4ab9000a0e36ef758c2764baac864e6bb4167eeae08728
ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee855adef8d74ff58e90a1c1c1efcf2550e3ba6d0db5a80a417b0dc22a3efb94
ef1605fb5d18e00bb446a2009a75eb5c44486fdddbef8d64acfdfe2b8d9ecd83
f00ee1ea9007c443208c093c279ea2362f86f8a54fc3b1e7d39eb981802a65bf
f022f37e3d06f61b60f5e284f22687bcc7f675bdef9ebb370af12adb98ed2c5e
f0b20b80840e838daddc25ee9bc2683ad61601b0818207b1804a38e28bf03f2a
f1615095a9e662d58ed44a7fc6c80c04b642ee9122a037e620680008463b3e68
f2401623ae567bc1ee575b6702e3a178c8b4f6a58d29cdfa3caae48e03ff9b2e
f403b8185a2a6777d3ca85a914289b03522d148b1f12d4087b564a35417a1f47
fb9c61f90626f09bdeed4fb101e70f3303096693a89670958cd13edd3db22b16
fbb58951c7e42cc7ad17218289253d319c38b399d18611d86c43e6f49e17ba3e
fdf3003543c3572ba8dfc6a87a9289ebadde2db18f09a36657301eaccd157866
fefc057c0b9151beb858748b560413577988155200b6c1d85a1ac1bec44af1e4
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

seguranca-informatica.pt Open in urlscan Pro 2606:4700:3037::681b:bc6c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

228 Requests

100 %HTTPS

64 %IPv6

25 Domains

37 Subdomains

28 IPs

6 Countries

6945 kBTransfer

9252 kBSize

1 Cookies

27 Outgoing links

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

seguranca-informatica.pt Open in urlscan Pro
2606:4700:3037::681b:bc6c Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

100 %
HTTPS

64 %
IPv6

25
Domains

37
Subdomains

28
IPs

6
Countries

6945 kB
Transfer

9252 kB
Size

1
Cookies

228 HTTP transactions
8 data transactions