Submitted URL: http://t.info.samsungusa.com/r/?id=hcom2fd4,77c0c34,339a477f&p1=demorade1.blob.core.windows.net%2Fvisionuniuq3%2FAp3dXtP.html...
Effective URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Submission: On March 24 via manual from US

Summary

This website contacted 8 IPs in 5 countries across 9 domains to perform 29 HTTP transactions. The main IP is 54.39.67.148, located in Montreal, Canada and belongs to OVH, FR. The main domain is deputadohelioleite.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 21st 2020. Valid for: 3 months.
This is the only time deputadohelioleite.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 52.239.155.132 8075 (MICROSOFT...)
1 22 54.39.67.148 16276 (OVH)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 8
Domain Requested by
21 deputadohelioleite.com.br demorade1.blob.core.windows.net
deputadohelioleite.com.br
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 maxcdn.bootstrapcdn.com deputadohelioleite.com.br
1 stats.g.doubleclick.net deputadohelioleite.com.br
1 www.googletagmanager.com deputadohelioleite.com.br
1 cdnjs.cloudflare.com deputadohelioleite.com.br
1 www.deputadohelioleite.com.br 1 redirects
1 demorade1.blob.core.windows.net
1 t.info.samsungusa.com 1 redirects
0 fonts.googleapis.com Failed deputadohelioleite.com.br
29 10

This site contains links to these domains. Also see Links.

Domain
goo.gl
www.facebook.com
www.instagram.com
www.youtube.com
www.flickr.com
Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft IT TLS CA 4
2020-01-22 -
2022-01-22
2 years crt.sh
deputadohelioleite.com.br
cPanel, Inc. Certification Authority
2020-03-21 -
2020-06-19
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Frame ID: 17984074F356478DFCFE2E795BDE95A4
Requests: 29 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://t.info.samsungusa.com/r/?id=hcom2fd4,77c0c34,339a477f&p1=demorade1.blob.core.windows.net%2Fvisionu... HTTP 302
    https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:0... Page URL
  2. https://www.deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com HTTP 301
    https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com Page URL

Page Statistics

29
Requests

97 %
HTTPS

75 %
IPv6

9
Domains

10
Subdomains

8
IPs

5
Countries

692 kB
Transfer

1181 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.info.samsungusa.com/r/?id=hcom2fd4,77c0c34,339a477f&p1=demorade1.blob.core.windows.net%2Fvisionuniuq3%2FAp3dXtP.html%3Fsp%3Dr%26st%3D2020-03-04T07%3A27%3A04Z%26se%3D2020-03-28T15%3A27%3A04Z%26spr%3Dhttps%26sv%3D2019-02-02%26sr%3Db%26sig%3Dr9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%253D HTTP 302
    https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D Page URL
  2. https://www.deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com HTTP 301
    https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.info.samsungusa.com/r/?id=hcom2fd4,77c0c34,339a477f&p1=demorade1.blob.core.windows.net%2Fvisionuniuq3%2FAp3dXtP.html%3Fsp%3Dr%26st%3D2020-03-04T07%3A27%3A04Z%26se%3D2020-03-28T15%3A27%3A04Z%26spr%3Dhttps%26sv%3D2019-02-02%26sr%3Db%26sig%3Dr9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%253D HTTP 302
  • https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=236592567&t=pageview&_s=1&dl=https%3A%2F%2Fdeputadohelioleite.com.br%2Fwp-admin%2Fjs%2F%2523U00cb%2F%3Fu_1%3Dguy.ponti%40trulieve.com&dr=https%3A%2F%2Fdemorade1.blob.core.windows.net%2Fvisionuniuq3%2FAp3dXtP.html%3Fsp%3Dr%26st%3D2020-03-04T07%3A27%3A04Z%26se%3D2020-03-28T15%3A27%3A04Z%26spr%3Dhttps%26sv%3D2019-02-02%26sr%3Db%26sig%3Dr9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%253D&ul=en-us&de=UTF-8&dt=H%C3%A9lio%20Leite%20-%20Deputado%20Federal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=653273847&gjid=119648352&cid=240340365.1585066657&tid=UA-116817270-1&_gid=1528926639.1585066657&_r=1&gtm=2ou3b2&z=1997554806 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116817270-1&cid=240340365.1585066657&jid=653273847&_gid=1528926639.1585066657&gjid=119648352&_v=j81&z=1997554806

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Ap3dXtP.html
demorade1.blob.core.windows.net/visionuniuq3/
Redirect Chain
  • http://t.info.samsungusa.com/r/?id=hcom2fd4,77c0c34,339a477f&p1=demorade1.blob.core.windows.net%2Fvisionuniuq3%2FAp3dXtP.html%3Fsp%3Dr%26st%3D2020-03-04T07%3A27%3A04Z%26se%3D2020-03-28T15%3A27%3A04...
  • https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
556 B
1 KB
Document
General
Full URL
https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.155.132 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b21d1265f60d28e83089f628f96dd25c139fbabf3e5225f35b196bcbb52aa4cd

Request headers

Host
demorade1.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
556
Content-Type
text/html
Content-MD5
MK77KyCYS6K9Y/pBEWuePQ==
Last-Modified
Wed, 04 Mar 2020 11:02:52 GMT
Accept-Ranges
bytes
ETag
"0x8D7C02B95F4CFBE"
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
2e2abc6d-b01e-001a-30f7-0171eb000000
x-ms-version
2019-02-02
x-ms-creation-time
Wed, 04 Mar 2020 07:26:51 GMT
x-ms-lease-status
unlocked
x-ms-lease-state
available
x-ms-blob-type
BlockBlob
x-ms-server-encrypted
true
Date
Tue, 24 Mar 2020 16:17:32 GMT

Redirect headers

Content-Type
text/plain; charset=utf-8
Content-Length
37
Connection
keep-alive
Date
Tue, 24 Mar 2020 16:17:32 GMT
Server
Apache
P3P
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Location
https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
Set-Cookie
AMCV_48855C6655783A647F000101%40AdobeOrg=MCMID%7C18910178835850854394539628424389459967; Domain=samsungusa.com; Path=/; Expires=Thu, 24-Mar-2022 16:17:32 GMT nlid=com2fd4|77c0c34; Domain=samsungusa.com; Path=/
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Content-Encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 03c38fb105b43128049da1df5835ab5e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
TXL52-C1
X-Amz-Cf-Id
RmQtA4KgQ9Oo7Eqa-XS_QgSVyqfk61dTudg3jMT4frfggarV9ZhMWQ==
Primary Request /
deputadohelioleite.com.br/wp-admin/js/%23U00cb/
Redirect Chain
  • https://www.deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
  • https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
13 KB
4 KB
Document
General
Full URL
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Requested by
Host: demorade1.blob.core.windows.net
URL: https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
453b97231b2dd6199c4249cd8b486f49871b01c90032be84f3ac89fca8ddf533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
deputadohelioleite.com.br
:scheme
https
:path
/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://demorade1.blob.core.windows.net/visionuniuq3/Ap3dXtP.html?sp=r&st=2020-03-04T07:27:04Z&se=2020-03-28T15:27:04Z&spr=https&sv=2019-02-02&sr=b&sig=r9esv0xi2Upc2WqJeztNT61Z9ESpmn39l48Y52HMRtY%3D#guy.ponti@trulieve.com

Response headers

status
404
server
nginx
date
Tue, 24 Mar 2020 16:17:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://deputadohelioleite.com.br/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Tue, 24 Mar 2020 16:17:34 GMT
content-type
text/html; charset=UTF-8
location
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-redirect-by
WordPress
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
BYPASS
x-server-powered-by
Engintron
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 24 Mar 2020 16:17:35 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
estilo.css
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/
67 KB
9 KB
Stylesheet
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
1b2300f3809c3d56b72e69f4a12af8c32a057b8482b321299eb2a3689dd4be77

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Thu, 08 Mar 2018 16:20:28 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
ekko-lightbox.css
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/
7 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
4003154
cf-ray
5791b3ff4c8a9730-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:32 GMT
server
cloudflare
etag
W/"5afd4924-1be7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 14 Mar 2021 16:17:34 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
style.min.css
deputadohelioleite.com.br/wp-includes/css/dist/block-library/
29 KB
5 KB
Stylesheet
General
Full URL
https://deputadohelioleite.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:18 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
styles.css
deputadohelioleite.com.br/wp-content/plugins/contact-form-7/includes/css/
2 KB
839 B
Stylesheet
General
Full URL
https://deputadohelioleite.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:01 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
gmedia.global.front.css
deputadohelioleite.com.br/wp-content/plugins/grand-media/assets/
140 B
327 B
Stylesheet
General
Full URL
https://deputadohelioleite.com.br/wp-content/plugins/grand-media/assets/gmedia.global.front.css?ver=1.15.0
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
4a3f46aedb3a66595adb1caf19f49d7c3553468313433821205eff9cf584260b

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
last-modified
Mon, 16 Sep 2019 20:12:04 GMT
server
nginx
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
140
expires
Thu, 23 Apr 2020 16:17:34 GMT
jquery.js
deputadohelioleite.com.br/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:18 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
jquery-migrate.min.js
deputadohelioleite.com.br/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 16:22:58 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
main.js
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/
153 KB
53 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/main.js?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
e12b1a1a61a6230d3173f8a9881dcdaa2f71bad6bfb00c7206a74a60a2231739

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 16:39:00 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
gmedia.global.front.js
deputadohelioleite.com.br/wp-content/plugins/grand-media/assets/
452 B
461 B
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/plugins/grand-media/assets/gmedia.global.front.js?ver=1.13.0
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
873c3c9009e861bd0d0735c7dc08f5119229d902b3a8dab66a69edc24dbef95c

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:04 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
js
www.googletagmanager.com/gtag/
75 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-116817270-1
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
818bf7713b4e151cd53e21eaf42682c4752823f7c76110f2895252742842547d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28650
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 24 Mar 2020 16:17:34 GMT
bootstrap.min.js
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/libs/
36 KB
10 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/libs/bootstrap.min.js
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
cb961d64e9e89cbe0d57ced2664f61e3a114ea5537e864a7e4478e774cd28e45

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 16:41:20 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
jquery.fitvids.js
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/libs/
3 KB
1 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/libs/jquery.fitvids.js
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
71cdd9497e3967eb5387e8f5d48b6bdd76a191085a22eb33a8d6abc2fd38ec64

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 16:41:20 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
ekko.js
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/
16 KB
5 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/js/ekko.js
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
33b24fbac5be3f90e61bcdf76b7b467bb1a079e8d8c5944bb0f1e53555b9fc9c

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Feb 2018 16:38:52 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
scripts.js
deputadohelioleite.com.br/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:01 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
wp-embed.min.js
deputadohelioleite.com.br/wp-includes/js/
1 KB
950 B
Script
General
Full URL
https://deputadohelioleite.com.br/wp-includes/js/wp-embed.min.js?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Dec 2018 04:04:26 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
css
fonts.googleapis.com/
0
0

wp-emoji-release.min.js
deputadohelioleite.com.br/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://deputadohelioleite.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.2.5
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:34 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 20:12:17 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 23 Apr 2020 16:17:34 GMT
bkg2_body1.jpg
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/img/
327 KB
328 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/img/bkg2_body1.jpg
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
7c135d8d29263164ee9c277405be8d9ccef2abfd38a248eb4da5299bf9c6da94

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:38:36 GMT
server
nginx
content-type
image/jpeg
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
335356
expires
Sat, 23 May 2020 16:17:37 GMT
bkg1_rodape1.png
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/img/
68 KB
68 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/img/bkg1_rodape1.png
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
19072610857b789607838f9150315ee54d147105b217a2a392c973a3f836b85f

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:38:14 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
69548
expires
Sat, 23 May 2020 16:17:37 GMT
ico1.png
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/
18 KB
18 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/ico1.png
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
81740ac895d34d175222a83f80c4997027211301c6adb2e38a8793ddfc6c2217

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:36:36 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
17959
expires
Sat, 23 May 2020 16:17:37 GMT
ico2.png
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/
18 KB
19 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/ico2.png
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
bfe55f5eac3de64b3e682f977384c7abfb4a3e4fac34d0d0cec7eae75aebceab

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:36:36 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
18815
expires
Sat, 23 May 2020 16:17:37 GMT
ico3.png
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/
18 KB
18 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/ico3.png
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
a78157039ef642eb3cc7feb7f74e208ded65bf16dbeee8187e257ec1c8afb391

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:36:38 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
17960
expires
Sat, 23 May 2020 16:17:37 GMT
ico4.png
deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/
18 KB
18 KB
Image
General
Full URL
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/ico/ico4.png
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.67.148 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
srv01.cpanelhost.top
Software
nginx /
Resource Hash
1c8b0ce9b28be811db69f8d8e83f242141fe392625ae6a4456f81f7fd34f4ee0

Request headers

Referer
https://deputadohelioleite.com.br/wp-content/themes/helioleite/assets/css/estilo.css?ver=5.2.5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Mon, 19 Feb 2018 16:36:38 GMT
server
nginx
content-type
image/png
status
200
cache-control
max-age=5184000
accept-ranges
bytes
content-length
18578
expires
Sat, 23 May 2020 16:17:37 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/
18 KB
18 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css?ver=5.2.5
Origin
https://deputadohelioleite.com.br
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 16:17:37 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116817270-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5942
date
Tue, 24 Mar 2020 14:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 24 Mar 2020 16:38:35 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=236592567&t=pageview&_s=1&dl=https%3A%2F%2Fdeputadohelioleite.com.br%2Fwp-admin%2Fjs%2F%2523U00cb%2F%3Fu_1%3Dguy.ponti%40trulieve.com&dr=http...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116817270-1&cid=240340365.1585066657&jid=653273847&_gid=1528926639.1585066657&gjid=119648352&_v=j81&z=1997554806
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116817270-1&cid=240340365.1585066657&jid=653273847&_gid=1528926639.1585066657&gjid=119648352&_v=j81&z=1997554806
Requested by
Host: deputadohelioleite.com.br
URL: https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://deputadohelioleite.com.br/wp-admin/js/%23U00cb/?u_1=guy.ponti@trulieve.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 24 Mar 2020 16:17:37 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Mar 2020 16:17:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116817270-1&cid=240340365.1585066657&jid=653273847&_gid=1528926639.1585066657&gjid=119648352&_v=j81&z=1997554806
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,600

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery function| hash function| hashExecute function| ativarAjaxBind function| ativarCheck1 function| ativarSelectbox1 function| ativarRadio1 function| aHashCheck function| ativarPadroesScroll function| ativarValidacoes1 function| ativarTitleLabel1 function| LabelInline1 function| LabelInline2 function| ativarSubmit1 function| carregar1 function| video function| AbrirVideo_ignore function| AbrirEvento object| swfobject object| $uiSelectbox1_obj1 object| GmediaGallery string| ajaxurl function| gtag object| dataLayer object| google_tag_manager object| jQuery110208850957666186461 object| wpcf7 number| webdoor1_timer1 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.deputadohelioleite.com.br/ Name: _gat_gtag_UA_116817270_1
Value: 1
.deputadohelioleite.com.br/ Name: _gid
Value: GA1.3.1528926639.1585066657
.deputadohelioleite.com.br/ Name: _ga
Value: GA1.3.240340365.1585066657

1 Console Messages

Source Level URL
Text
console-api log URL: https://deputadohelioleite.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
demorade1.blob.core.windows.net
deputadohelioleite.com.br
fonts.googleapis.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
t.info.samsungusa.com
www.deputadohelioleite.com.br
www.google-analytics.com
www.googletagmanager.com
fonts.googleapis.com
2001:4de0:ac19::1:b:1b
2600:9000:20e8:4400:16:64d4:6c0:93a1
2606:4700::6811:4004
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:400c:c06::9c
52.239.155.132
54.39.67.148
19072610857b789607838f9150315ee54d147105b217a2a392c973a3f836b85f
1b2300f3809c3d56b72e69f4a12af8c32a057b8482b321299eb2a3689dd4be77
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
1c8b0ce9b28be811db69f8d8e83f242141fe392625ae6a4456f81f7fd34f4ee0
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
33b24fbac5be3f90e61bcdf76b7b467bb1a079e8d8c5944bb0f1e53555b9fc9c
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
453b97231b2dd6199c4249cd8b486f49871b01c90032be84f3ac89fca8ddf533
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a3f46aedb3a66595adb1caf19f49d7c3553468313433821205eff9cf584260b
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
71cdd9497e3967eb5387e8f5d48b6bdd76a191085a22eb33a8d6abc2fd38ec64
7c135d8d29263164ee9c277405be8d9ccef2abfd38a248eb4da5299bf9c6da94
81740ac895d34d175222a83f80c4997027211301c6adb2e38a8793ddfc6c2217
818bf7713b4e151cd53e21eaf42682c4752823f7c76110f2895252742842547d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873c3c9009e861bd0d0735c7dc08f5119229d902b3a8dab66a69edc24dbef95c
a78157039ef642eb3cc7feb7f74e208ded65bf16dbeee8187e257ec1c8afb391
b21d1265f60d28e83089f628f96dd25c139fbabf3e5225f35b196bcbb52aa4cd
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bfe55f5eac3de64b3e682f977384c7abfb4a3e4fac34d0d0cec7eae75aebceab
cb961d64e9e89cbe0d57ced2664f61e3a114ea5537e864a7e4478e774cd28e45
e12b1a1a61a6230d3173f8a9881dcdaa2f71bad6bfb00c7206a74a60a2231739
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c