www.baldan.adv.br Open in urlscan Pro
172.66.41.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://baldan.adv.br.bbaldanadvocacia.com/
Effective URL:
https://www.baldan.adv.br/
Submission: On May 15 via api (May 15th 2024, 9:05:06 am UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 136 HTTP transactions. The main IP is 172.66.41.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.baldan.adv.br.
TLS certificate: Issued by GTS CA 1P5 on April 9th 2024. Valid for: 3 months.

This is the only time www.baldan.adv.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.167.188.84 108.167.188.84	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 92	172.66.41.23 172.66.41.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:310... 2606:4700:3108::ac42:2917	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:225... 2600:9000:225b:6a00:9:1645:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:fdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	176.9.188.20 176.9.188.20	24940 (HETZNER-AS) (HETZNER-AS)
136	12

1 108.167.188.84 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br378-ip05.hostgator.com.br

baldan.adv.br.bbaldanadvocacia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

92 172.66.41.23 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.baldan.adv.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3108::ac42:2917 (United States)

ASN13335 (CLOUDFLARENET, US)

baldan.adv.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:225b:6a00:9:1645:9cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustindex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:fdd (United States)

ASN13335 (CLOUDFLARENET, US)

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.188.20 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.20.188.9.176.clients.your-server.de

widget.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	baldan.adv.br 1 redirects www.baldan.adv.br baldan.adv.br	2 MB
10	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 181 lh3.googleusercontent.com — Cisco Umbrella Rank: 44	273 KB
10	trustindex.io cdn.trustindex.io — Cisco Umbrella Rank: 32076	44 KB
7	gstatic.com fonts.gstatic.com	219 KB
3	getbutton.io static.getbutton.io — Cisco Umbrella Rank: 49659 widget.getbutton.io — Cisco Umbrella Rank: 173571	136 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
2	w.org s.w.org — Cisco Umbrella Rank: 3574	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	4 KB
1	bbaldanadvocacia.com 1 redirects baldan.adv.br.bbaldanadvocacia.com	168 B
136	10

	Domain	Requested by
92	www.baldan.adv.br	1 redirects www.baldan.adv.br static.cloudflareinsights.com
10	cdn.trustindex.io	www.baldan.adv.br
9	lh3.googleusercontent.com	www.baldan.adv.br
7	fonts.gstatic.com	fonts.googleapis.com
6	baldan.adv.br	www.baldan.adv.br
3	static.cloudflareinsights.com	www.baldan.adv.br
2	s.w.org
2	static.getbutton.io	www.baldan.adv.br
1	widget.getbutton.io	static.getbutton.io
1	www.googletagmanager.com	www.baldan.adv.br
1	lh5.googleusercontent.com	www.baldan.adv.br
1	fonts.googleapis.com	www.baldan.adv.br
1	baldan.adv.br.bbaldanadvocacia.com	1 redirects
136	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
api.whatsapp.com
admin.trustindex.io
wa.me

Subject Issuer	Validity	Valid
baldan.adv.br GTS CA 1P5	`2024-04-09` - `2024-07-08`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
cdn.trustindex.io GoGetSSL RSA DV CA	`2023-06-28` - `2024-07-28`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
getbutton.io GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.baldan.adv.br/
Frame ID: A30B99D4116DB4ABDBA787E08D29D237
Requests: 138 HTTP requests in this frame

Frame: https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 6EF8D3312AE1EE65FD379F60DF6B5088
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Início - Baldan Advocacia Criminal

Page URL History Show full URLs

https://baldan.adv.br.bbaldanadvocacia.com/ HTTP 301
https://www.baldan.adv.br/ Page URL
https://www.baldan.adv.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

136
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2425 kB
Transfer

5496 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/baldanadvocaciacriminal
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ricardobaldanadvogado/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ricardobaldan/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@ricardobaldanadvogado
Title: Youtube

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5541997750031
Title: entre em contato

Search URL Search Domain Scan URL

URL: https://admin.trustindex.io/api/googleWriteReview?place-id=ChIJ8343_xnk3JQRtMns4HyGA4k
Title: Escreva sua avaliação

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/B2WQh2TUqLU?feature=oembed?playlist=B2WQh2TUqLU&mute=0&autoplay=0&loop=no&controls=0&start=0&end=

Search URL Search Domain Scan URL

URL: https://wa.me/5541997750031

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://baldan.adv.br.bbaldanadvocacia.com/ HTTP 301
https://www.baldan.adv.br/ Page URL
https://www.baldan.adv.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://baldan.adv.br.bbaldanadvocacia.com/ HTTP 301
https://www.baldan.adv.br/

Request Chain 22

https://www.baldan.adv.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
www.baldan.adv.br/
Redirect Chain

https://baldan.adv.br.bbaldanadvocacia.com/
https://www.baldan.adv.br/

130 KB
24 KB

2148ms
2052ms

Document
text/html

172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4409273c09c11ccf707a01b5f1e1da89d76c0e5e6d1cb83115964360c3242d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8841f69b2c6335ae-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 09:04:57 GMT
link: <https://www.baldan.adv.br/wp-json/>; rel="https://api.w.org/", <https://www.baldan.adv.br/wp-json/wp/v2/pages/25>; rel="alternate"; type="application/json", <https://www.baldan.adv.br/>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-litespeed-tag: 32c_HTTP.200,32c_front,32c_URL.6666cd76f96956469e7be39d750cc7d9,32c_F,32c_Po.25,32c_PGS,32c_guest,32c_,32c_MIN.46008b3e1c0bf4c6e8c5102d9f1dca57.css,32c_MIN.82913ec949bc7fe4fa54218050f9e421.js

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 09:04:55 GMT
location: https://www.baldan.adv.br/
server: Apache
x-dns-prefetch-control: on
x-litespeed-tag: 32c_HTTP.200,32c_HTTP.301
x-redirect-by: WordPress

GET
H3 200 46008b3e1c0bf4c6e8c5102d9f1dca57.css
www.baldan.adv.br/wp-content/litespeed/ucss/ 153 KB
22 KB 221ms
220ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee416864a35e1720df1e04084e7243952927fb3eb8a274d896e42f643716358a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 09 Apr 2024 12:18:19 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=156468
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6a80ce235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f3d3aab5fa3e8d2930b98d8a8f86e116d983ecfef468cb5eed22c7b19e0ad7a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa5ba7b08c3149b6df4583ef911a439caa965bc8b76eea5081638cb7ccd6bad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 931ef58ecf677c8ffe2d3c6b3c974f958e87af69477d5a4111ad533fab24ca57

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a04627f436ac9e60a2e01ffb3aa26c1fb5f43d3db95d74ba59f436805f42724

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4632096dce15f979a5a28c3badd905ce8d73df86a3da02bd0f14e1196c63e27

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
www.baldan.adv.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 54ms
54ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"663b4689-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8841f6a85da035ae-WAW
expires: Fri, 17 May 2024 09:04:57 GMT

GET
H3 200 rocket-loader.min.js Show response
www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 57ms
57ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"663b4689-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8841f6a86da535ae-WAW
expires: Fri, 17 May 2024 09:04:57 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 184ms
96ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8841f6a8e9073603-FRA

GET
H2 200 advogado-criminalista-1.webp
baldan.adv.br/wp-content/uploads/2024/04/ 11 KB
11 KB 666ms
498ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/advogado-criminalista-1.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86f111b8a460dceef9bd27747840d26fb195ebf1be0738ff0d1977d7905616b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa8d681d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11668

GET
H2 200 foto1-scaled-1.jpg
baldan.adv.br/wp-content/uploads/2024/04/ 141 KB
141 KB 359ms
190ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/foto1-scaled-1.jpg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0461d7ca434bd83a037c27dad9ab222fa729a8d26047c581243e9d1dfc5b545a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:08:21 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6aa8d751d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 144448

GET
H2 200 testimonial-bg.jpg
baldan.adv.br/wp-content/uploads/2024/04/ 44 KB
44 KB 364ms
196ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/testimonial-bg.jpg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f259a230c1e8a95cfdf29b9bdfc9472ca0de49b078f08b03a7e54866b68972c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:08:19 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6aa8d6f1d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45434

GET
H2 200 admin-ajax.webp
baldan.adv.br/wp-content/uploads/2024/04/ 20 KB
21 KB 356ms
189ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/admin-ajax.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8adb6c236dc1b6429f43c59a011f502ad46dbbe6b08e76dffc2edc8d8cc72e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa8d701d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20984

GET
H2 200 admin-ajax-_1_.webp
baldan.adv.br/wp-content/uploads/2024/04/ 22 KB
22 KB 395ms
228ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/admin-ajax-_1_.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f61c1ea30d58076c8e9a0ca3c80a9c0773b0a7a431d234e5ad0ed09fd0529a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa8d711d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22422

GET
H2 200 f.svg
cdn.trustindex.io/assets/platform/Google/star/ 2 KB
1 KB 208ms
55ms Image
image/svg+xml 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/platform/Google/star/f.svg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

fd0a18f717ca19bcbca32a12434f22221709c6297fab91466d2bdb2b21cc0287

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:35 GMT
content-security-policy: frame-ancestors 'self' *;
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57801
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
referrer-policy: origin
last-modified: Wed, 18 Oct 2023 08:47:47 GMT
server: Apache/2.4.52 (Ubuntu)
etag: W/"6be-607f9b193d237"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: yDL7Z9-CezOlq6OTLridF8ikOhxJ987qVaa3_Ck-DlGvcZH_LokmFg==

GET
H2 200 icon.svg
cdn.trustindex.io/assets/platform/Google/ 742 B
1 KB 209ms
56ms Image
image/svg+xml 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/platform/Google/icon.svg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

c67cd82de676ba29b89c52107c0aae12094c774c2e0bb179f32888a3dbc3da42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:44 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57793
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 742
referrer-policy: origin
last-modified: Wed, 18 Oct 2023 08:47:47 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "2e6-607f9b193d237"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: S4p6IV0_kJnZjlWfn8tD0V9sRtZtdCu5lau25juHMLDYULLCH3FU2A==

GET
H2 200 admin-ajax-_4_.webp
baldan.adv.br/wp-content/uploads/2024/04/ 33 KB
33 KB 393ms
229ms Image
image/webp 2606:4700:3108::ac42:2917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baldan.adv.br/wp-content/uploads/2024/04/admin-ajax-_4_.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2917 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

839ca06ff6cdceca74034fb77e8c522b09b425808363b33075ce8b01ff1a25b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa8d731d84-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33516

GET
H3 200 elementskit.woff
www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/ 448 KB
449 KB 254ms
253ms Font
font/woff 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa085135ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 459244

GET
H2 200 latin2.woff2
cdn.trustindex.io/assets/fonts/opensans/ 15 KB
15 KB 263ms
149ms Font
font/woff2 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/assets/fonts/opensans/latin2.woff2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 15056
referrer-policy: origin
last-modified: Wed, 11 Oct 2023 15:10:56 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "3ad0-607723ae89a12"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: 74ijwJxZADVtoHmy4X-nbqUAylPINyxLzliHn5VtcL6ZhjhYCuMTIg==

GET
H2 200 latin.woff2
cdn.trustindex.io/assets/fonts/opensans/ 14 KB
15 KB 267ms
153ms Font
font/woff2 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/assets/fonts/opensans/latin.woff2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/litespeed/ucss/46008b3e1c0bf4c6e8c5102d9f1dca57.css?ver=64cdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 14380
referrer-policy: origin
last-modified: Wed, 11 Oct 2023 15:10:56 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "382c-607723ae89a12"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: vkrZ_ppmp_Wv076UT0hZCtvqzsOIhSgqP52Xr02n1-Xtjelf1mOo8A==

GET
H2 200 loader.js Show response
cdn.trustindex.io/ 39 KB
11 KB 149ms
52ms Script
text/javascript 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/loader.js?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

ec58296433882ac7098fb29553de5bd1fea6192f15b982939936d871e8b18474

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:35 GMT
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' *;
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57802
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 10451
referrer-policy: origin
last-modified: Fri, 10 May 2024 08:16:20 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "9b07-61815268a1453-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: ZmrF2-28KRZCX840ywQa11xHFGSUEegmxgfx5s0EX4djWUNDaeFV9g==

GET
H3

200

main.js Show response
www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 6EF8
Redirect Chain

https://www.baldan.adv.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

8 KB
4 KB

59ms
58ms

Script
application/javascript

172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38e2d5538947ca8480948a94fd7a4e17e5a4776a99fb964b9d48789bc5c145b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8841f6aa68ef35ae-WAW
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 15 May 2024 09:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
cf-ray: 8841f6aa085935ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8841f69b2c6335ae Show response
www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6EF8 0
356 B 302ms
299ms XHR
text/plain 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/jsd/r/8841f69b2c6335ae

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8841f6ab2a3f35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 guest.vary.php Show response
www.baldan.adv.br/wp-content/plugins/litespeed-cache/ 16 B
338 B 205ms
205ms Fetch
text/html 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/litespeed-cache/guest.vary.php

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-litespeed-cache-control: no-cache
x-robots-tag: noindex
cf-ray: 8841f6adcf3635ae-WAW
alt-svc: h3=":443"; ma=86400

POST
H3 200 8841f69b2c6335ae Show response
www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6EF8 0
353 B 69ms
67ms XHR
text/plain 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/challenge-platform/h/g/jsd/r/8841f69b2c6335ae

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 8841f6ae785b35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 rum Show response
www.baldan.adv.br/cdn-cgi/ 0
143 B 55ms
55ms XHR
text/plain 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.baldan.adv.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8841f6ae786835ae-WAW

GET
H3 200 baldan-advogado-1.png
www.baldan.adv.br/wp-content/uploads/2024/04/ 17 KB
17 KB 198ms
198ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/baldan-advogado-1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 12:57:04 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6ae887635ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 17300

GET
H3 200 cropped-baldan-1-32x32.png
www.baldan.adv.br/wp-content/uploads/2024/04/ 678 B
976 B 186ms
186ms Other
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/cropped-baldan-1-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:42:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6ae887c35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 678

GET
H3 200 Primary Request / Show response
www.baldan.adv.br/ 159 KB
29 KB 701ms
700ms Document
text/html 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2526b01c32773f304f5ed98ee0c078ab686bb627617940b866e72dfb66a9bee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.baldan.adv.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8841f6af098e35ae-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 09:04:59 GMT
link: <https://www.baldan.adv.br/wp-json/>; rel="https://api.w.org/", <https://www.baldan.adv.br/wp-json/wp/v2/pages/25>; rel="alternate"; type="application/json", <https://www.baldan.adv.br/>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-litespeed-tag: 32c_HTTP.200

POST rum
www.baldan.adv.br/cdn-cgi/ 0
0

GET
H3 200 upk-site.css
www.baldan.adv.br/wp-content/plugins/ultimate-post-kit/assets/css/ 32 KB
5 KB 210ms
208ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/ultimate-post-kit/assets/css/upk-site.css?ver=3.11.6

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad72a5392d6419ff69e2388f8bf8b31f91f932e0a96024349911b9f1a9323e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 04 May 2024 16:21:12 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=38391
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ac935ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
www.baldan.adv.br/wp-content/themes/hello-elementor/ 6 KB
2 KB 208ms
206ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/themes/hello-elementor/style.min.css?ver=3.0.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 18:43:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38acd35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 theme.min.css
www.baldan.adv.br/wp-content/themes/hello-elementor/ 5 KB
1 KB 212ms
208ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/themes/hello-elementor/theme.min.css?ver=3.0.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c2e510f9fac929eeab0ea915d80904a4e72b22eb8612dd8c83c7dfb71862e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 18:43:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ad035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 header-footer.min.css
www.baldan.adv.br/wp-content/themes/hello-elementor/ 7 KB
2 KB 210ms
206ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/themes/hello-elementor/header-footer.min.css?ver=3.0.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97a09cb2af7d4406f6163874dad15c607d571749611d00890d47143495a0a617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 18:43:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ad435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-lite.min.css
www.baldan.adv.br/wp-content/plugins/elementor/assets/css/ 116 KB
14 KB 260ms
256ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.21.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f98a7dcf1750b5881bdd2b8443254181773bd6d5d4e29e39115ea97439021a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ad635ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 post-6.css
www.baldan.adv.br/wp-content/uploads/elementor/css/ 2 KB
812 B 251ms
247ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-6.css?ver=1715737811

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e17088ea0278e2529c931343f3c2cb487440bff74f1f980983417413914673c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 15 May 2024 01:50:11 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=2438
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ad835ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 swiper.min.css
www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 218ms
214ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38ad935ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-lite.min.css
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/ 11 KB
2 KB 206ms
197ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.21.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0deb4c433adfbe0242bf4057afd40200cc93764f633a7226406f620601704287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b38adb35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 she-header-style.css
www.baldan.adv.br/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/ 1 KB
676 B 232ms
223ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.6.11

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04718da4d82694834d153bf5701eacc65897c3f90ae26c8391aa30ef0615de76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 14 May 2024 19:19:18 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=2393
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39ae235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 global.css
www.baldan.adv.br/wp-content/uploads/elementor/css/ 78 KB
4 KB 248ms
239ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/elementor/css/global.css?ver=1715737812

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4f8307e2873f0cbe3bf1bfeb31c0520a50066e7cb212324e6869758a28ff0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 01:50:12 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39ae435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 post-25.css
www.baldan.adv.br/wp-content/uploads/elementor/css/ 87 KB
8 KB 255ms
246ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5048571a6bc8a80979faffe901cbfcf1f29e82a196d704fcda92a4b949e2ab81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 15 May 2024 01:50:12 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=92160
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39ae535ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 post-4510.css
www.baldan.adv.br/wp-content/uploads/elementor/css/ 15 KB
2 KB 251ms
242ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-4510.css?ver=1715737812

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1ceceb391feedd7ff84f2d0937347fb684d0532d55187a5aa521f1cdf819d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 15 May 2024 01:50:12 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=16146
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39ae835ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 post-4535.css
www.baldan.adv.br/wp-content/uploads/elementor/css/ 11 KB
2 KB 249ms
240ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-4535.css?ver=1715737812

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8172ac72e2a5606e457ed911f42d7e134d1a17e77b93f2e5fa8561dcdededaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 15 May 2024 01:50:12 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=11593
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39aeb35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 ekiticons.css
www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ 122 KB
13 KB 256ms
248ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ebaf0bfad5aaf0c66de0bb84a2c7d1e32f33add8d6cb75897ae56cb07bcda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:01 GMT
cf-bgj: minify
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39aef35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 widget-styles.css
www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 435 KB
50 KB 497ms
488ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0b80c9fbd8cbf2074fb006ff97ac855636d46af95f85888dab9d6786be1fcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=445845
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39af035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 responsive.css
www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/ 30 KB
3 KB 246ms
238ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8beb4c412fb3fcd4729e6ace2765c86081daece312fd59580e3bed2f78559fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=30299
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39af235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 145 KB
4 KB 144ms
53ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cormorant%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44a0be5322a593d73a12c30d32f018d897ba52bf5ca49f6d5d9247a28a940d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 09:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 09:04:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 09:04:59 GMT

GET
H3 200 widget-icon-list.min.css
www.baldan.adv.br/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 239ms
231ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b0b0cfa73017b83aae5c55f0e85bc8f0d4e8d371802e4df1feb38a87875736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39af435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 baldan-advogado-1.png
www.baldan.adv.br/wp-content/uploads/2024/04/ 17 KB
0 198ms
198ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/baldan-advogado-1.png

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639fc10ac32f2e8daf564edf4703536c897ed7950c6c66c9334350274274916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 12:57:04 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6ae887635ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 17300

GET
H3 200 widget-nav-menu.min.css
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/ 26 KB
4 KB 260ms
252ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59af94530ad01aa567b8e1b964e10c656a19d7702ad1b837a727e4626780784d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39af635ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 widget-icon-box.min.css
www.baldan.adv.br/wp-content/plugins/elementor/assets/css/ 10 KB
1023 B 241ms
233ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8daf3abddacc6852a9048b137d6232bec57ed167a80170ac6dcad79ce475053e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39af835ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 Ricardo-Baldan-Criminalista-2-scaled-1.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 124 KB
125 KB 350ms
349ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/Ricardo-Baldan-Criminalista-2-scaled-1.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

088667b7a0b5e9f5f833b772039667aa0a7d0d49cea5572238781ea3a3f423da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b39afa35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 127476

GET
H3 200 admin-ajax-_2_.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 12 KB
13 KB 242ms
240ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/admin-ajax-_2_.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc6074a95d65c449412365c7803283755be1d532ddc6342ebd777aa830dd036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b39afd35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 12738

GET
H2 200 AF1QipPKNsw199TU3zP82X6_nJ90j5FgIBYA_zbAw98z=w900-h900-k-no-p
lh5.googleusercontent.com/p/ 121 KB
121 KB 701ms
603ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/p/AF1QipPKNsw199TU3zP82X6_nJ90j5FgIBYA_zbAw98z=w900-h900-k-no-p

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95dc1681a921e8c45fb1f1e8e06dde25ab18bccc886cc3c2ba091974edbae3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v5fa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2024-03-27.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123726
x-xss-protection: 0
expires: Thu, 16 May 2024 09:05:00 GMT

GET
H2 200 ACg8ocJeml8wZ0yQ39GDBvKqn3eFgk-RgtmCxEPtUb2W1i3zgsjF8A=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/ 4 KB
4 KB 284ms
186ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocJeml8wZ0yQ39GDBvKqn3eFgk-RgtmCxEPtUb2W1i3zgsjF8A=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

be2ec0ff33330d27fa07c7a7ed4f128637dc43543cc3ffde2c2a24c700babfe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3842
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H2 200 ACg8ocKtpSmMHCBW7M7yfJB_fYi1HEIWg-FNOtaIjvIQ2SNx3uwUbQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/ 4 KB
4 KB 299ms
202ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocKtpSmMHCBW7M7yfJB_fYi1HEIWg-FNOtaIjvIQ2SNx3uwUbQ=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

55776864a3edf8cfc677a7ad7ce1104474f9854012f1d1137ac3eb36da3237ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4006
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H2 200 ALV-UjWV3gbyzu02a97riFmhj0fXLn3Gt42JAlxCVafnXRgMKc48qyY=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 31 KB
31 KB 600ms
503ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjWV3gbyzu02a97riFmhj0fXLn3Gt42JAlxCVafnXRgMKc48qyY=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

834fc13930a4121a5fffe54fbe2fc455cdd3607c0f9a349ba119c88d9e08c3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31646
x-xss-protection: 0
expires: Thu, 16 May 2024 09:05:00 GMT

GET
H2 200 ALV-UjX-vH-8fYLVaxBBzeiR5H12D_eMims7ySI0xMHDor8NE5MxTHbNJg=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 26 KB
26 KB 651ms
554ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjX-vH-8fYLVaxBBzeiR5H12D_eMims7ySI0xMHDor8NE5MxTHbNJg=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

68c35bc26b59c9c8687ee3d49c2e750375e7005058c9223928950aa8ad1eaa0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v433f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26163
x-xss-protection: 0
expires: Thu, 16 May 2024 09:05:00 GMT

GET
H2 200 ACg8ocJWrka5P22M3nZ03ohC5qXd6gpVHo5_UGdUu9SjHzWspQe-XQ=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/ 3 KB
4 KB 255ms
158ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocJWrka5P22M3nZ03ohC5qXd6gpVHo5_UGdUu9SjHzWspQe-XQ=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21d76d42e95343c6a485da44f3509e962a21447dfbabd79b1350730163a00509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H2 200 ALV-UjXZNMh9dOG_IEM6XIb16yWBOaRehR99TXjU81VEM2HrB80U3tRNDg=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 28 KB
28 KB 566ms
469ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjXZNMh9dOG_IEM6XIb16yWBOaRehR99TXjU81VEM2HrB80U3tRNDg=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f540d74ad5596a519724f324d013df66b90b6ea4ec23455bf6cbfe3c10e38712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v921f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29000
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H2 200 ALV-UjV53lyZEimQqTmbjZHFW3tmYl1OqLEOMLby6v28FEq0oatxY8MPbQ=s120-c-rp-mo-ba4-br100
lh3.googleusercontent.com/a-/ 24 KB
24 KB 477ms
477ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjV53lyZEimQqTmbjZHFW3tmYl1OqLEOMLby6v28FEq0oatxY8MPbQ=s120-c-rp-mo-ba4-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d96cff1376bc7b908a436168f6a236872442a7fc92d3219654cc1f1469a75033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v156d9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24723
x-xss-protection: 0
expires: Thu, 16 May 2024 09:05:00 GMT

GET
H2 200 ACg8ocKXfgkOvC5AkKhb14_HyHOX6u9v3OO1SciM29RqLrTcv8_7Ig=s120-c-rp-mo-br100
lh3.googleusercontent.com/a/ 4 KB
4 KB 178ms
178ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/ACg8ocKXfgkOvC5AkKhb14_HyHOX6u9v3OO1SciM29RqLrTcv8_7Ig=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ff3b9d8a80dc1efe0007664f5e02f349e865c9d91a3e454db509aea609cec358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3763
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H2 200 ALV-UjXFNJ5ywGYgxci5c4onWUcvGj50r4ZVqk6qftRafhN8gs3GI0vr=s120-c-rp-mo-br100
lh3.googleusercontent.com/a-/ 27 KB
27 KB 389ms
389ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjXFNJ5ywGYgxci5c4onWUcvGj50r4ZVqk6qftRafhN8gs3GI0vr=s120-c-rp-mo-br100

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eaf0518690f4fbea38e54a1130fb6f928dd27c1c4d31c619130a2f64fbc02462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
x-content-type-options: nosniff
server: fife
etag: "vc1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27860
x-xss-protection: 0
expires: Thu, 16 May 2024 09:04:59 GMT

GET
H3 200 widget-posts.min.css
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/ 14 KB
3 KB 248ms
247ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dfc4450e6acec335e3052bbc8912888020e7531c781e5879720e733cf366b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39afe35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 trustindex-google-widget.css
www.baldan.adv.br/wp-content/uploads/ 31 KB
5 KB 233ms
232ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/trustindex-google-widget.css?ver=1712604195

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9c47d5844a35d4226f6c58b849c59a9627d5eb618d27d545428fa9e09cf20c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Mon, 08 Apr 2024 19:23:15 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=31873
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39b0035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 mediaelementplayer-legacy.min.css
www.baldan.adv.br/wp-includes/js/mediaelement/ 11 KB
3 KB 204ms
203ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Sep 2020 00:23:06 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39b0235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-mediaelement.min.css
www.baldan.adv.br/wp-includes/js/mediaelement/ 4 KB
1 KB 232ms
231ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 08 Jun 2019 05:15:02 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39b0435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 animations.min.css
www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 221ms
220ms Stylesheet
text/css 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.21.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 8841f6b39b0635ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
www.baldan.adv.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
0 1ms
1ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8841f6a85da035ae-WAW
expires: Fri, 17 May 2024 09:04:57 GMT

GET
H3 200 rocket-loader.min.js Show response
www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
0 2ms
2ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8841f6a86da535ae-WAW
expires: Fri, 17 May 2024 09:04:57 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 184ms
96ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8841f6a8e9073603-FRA

GET
H3 200 baldan-advogado-1.png
www.baldan.adv.br/wp-content/uploads/2024/04/ 17 KB
0 0ms
0ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/baldan-advogado-1.png

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639fc10ac32f2e8daf564edf4703536c897ed7950c6c66c9334350274274916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 09 Apr 2024 12:57:04 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6ae887635ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 17300

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 0ms
0ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:57 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8841f6a8e9073603-FRA

GET
H3 200 advogado-criminalista-1.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 11 KB
12 KB 235ms
235ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/advogado-criminalista-1.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86f111b8a460dceef9bd27747840d26fb195ebf1be0738ff0d1977d7905616b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b6c86a35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 11668

GET
H3 200 foto1-scaled-1.jpg
www.baldan.adv.br/wp-content/uploads/2024/04/ 141 KB
141 KB 184ms
184ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/foto1-scaled-1.jpg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0461d7ca434bd83a037c27dad9ab222fa729a8d26047c581243e9d1dfc5b545a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:08:21 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6b6c86d35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 144448

GET
H3 200 testimonial-bg.jpg
www.baldan.adv.br/wp-content/uploads/2024/04/ 44 KB
45 KB 199ms
199ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/testimonial-bg.jpg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f259a230c1e8a95cfdf29b9bdfc9472ca0de49b078f08b03a7e54866b68972c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:08:19 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6b6c87035ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 45434

GET
H3 200 admin-ajax.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 20 KB
21 KB 697ms
697ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/admin-ajax.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8adb6c236dc1b6429f43c59a011f502ad46dbbe6b08e76dffc2edc8d8cc72e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b6c87235ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 20984

GET
H3 200 admin-ajax-_1_.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 22 KB
22 KB 223ms
223ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/admin-ajax-_1_.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f61c1ea30d58076c8e9a0ca3c80a9c0773b0a7a431d234e5ad0ed09fd0529a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b6c87335ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 22422

GET
H2 200 f.svg
cdn.trustindex.io/assets/platform/Google/star/ 2 KB
0 0ms
0ms Image
image/svg+xml 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/platform/Google/star/f.svg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/trustindex-google-widget.css?ver=1712604195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

fd0a18f717ca19bcbca32a12434f22221709c6297fab91466d2bdb2b21cc0287

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:35 GMT
content-security-policy: frame-ancestors 'self' *;
content-encoding: gzip
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57801
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
referrer-policy: origin
last-modified: Wed, 18 Oct 2023 08:47:47 GMT
server: Apache/2.4.52 (Ubuntu)
etag: W/"6be-607f9b193d237"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
vary: Accept-Encoding
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: yDL7Z9-CezOlq6OTLridF8ikOhxJ987qVaa3_Ck-DlGvcZH_LokmFg==

GET
H2 200 icon.svg
cdn.trustindex.io/assets/platform/Google/ 742 B
0 0ms
0ms Image
image/svg+xml 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.trustindex.io/assets/platform/Google/icon.svg

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/trustindex-google-widget.css?ver=1712604195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

c67cd82de676ba29b89c52107c0aae12094c774c2e0bb179f32888a3dbc3da42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:44 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57793
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 742
referrer-policy: origin
last-modified: Wed, 18 Oct 2023 08:47:47 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "2e6-607f9b193d237"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: S4p6IV0_kJnZjlWfn8tD0V9sRtZtdCu5lau25juHMLDYULLCH3FU2A==

GET
H3 200 admin-ajax-_4_.webp
www.baldan.adv.br/wp-content/uploads/2024/04/ 33 KB
33 KB 231ms
230ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/admin-ajax-_4_.webp

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

839ca06ff6cdceca74034fb77e8c522b09b425808363b33075ce8b01ff1a25b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/uploads/elementor/css/post-25.css?ver=1715737812
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 21:07:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b6c87635ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 33516

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 162ms
75ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cormorant%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:02:21 GMT
x-content-type-options: nosniff
age: 90159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:02:21 GMT

GET
H2 200 H4clBXOCl9bbnla_nHIq75u9.woff2
fonts.gstatic.com/s/cormorant/v21/ 32 KB
32 KB 230ms
143ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:37:35 GMT
x-content-type-options: nosniff
age: 498445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32316
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:59:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 14:37:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 204ms
117ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 142256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 May 2025 17:34:04 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:09:50 GMT
x-content-type-options: nosniff
age: 68110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:09:50 GMT

GET
H3 200 elementskit.woff
www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/ 448 KB
0 0ms
0ms Font
font/woff 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=3.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=3.1.3
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6aa085135ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 459244

GET
H2 200 latin2.woff2
cdn.trustindex.io/assets/fonts/opensans/ 15 KB
0 0ms
0ms Font
font/woff2 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/assets/fonts/opensans/latin2.woff2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/trustindex-google-widget.css?ver=1712604195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 15056
referrer-policy: origin
last-modified: Wed, 11 Oct 2023 15:10:56 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "3ad0-607723ae89a12"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: 74ijwJxZADVtoHmy4X-nbqUAylPINyxLzliHn5VtcL6ZhjhYCuMTIg==

GET
H2 200 latin.woff2
cdn.trustindex.io/assets/fonts/opensans/ 14 KB
0 1ms
1ms Font
font/woff2 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/assets/fonts/opensans/latin.woff2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/uploads/trustindex-google-widget.css?ver=1712604195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 14380
referrer-policy: origin
last-modified: Wed, 11 Oct 2023 15:10:56 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "382c-607723ae89a12"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: vkrZ_ppmp_Wv076UT0hZCtvqzsOIhSgqP52Xr02n1-Xtjelf1mOo8A==

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 244ms
161ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 09:09:55 GMT
x-content-type-options: nosniff
age: 86105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38372
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 09:09:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 176ms
93ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 382744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 22:45:56 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 236ms
153ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.baldan.adv.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:07:53 GMT
x-content-type-options: nosniff
age: 68227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:07:53 GMT

GET
H3 200 elementor.js Show response
www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 18 KB
6 KB 235ms
235ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4cf7b34847c301c6bec870d6011aa787fef7595ee747e36fa1e9d17678e422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:01 GMT
cf-bgj: minify
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718e635ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 animate-circle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 681 B
621 B 207ms
206ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718e835ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 upk-site.min.js Show response
www.baldan.adv.br/wp-content/plugins/ultimate-post-kit/assets/js/ 32 B
233 B 225ms
223ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/ultimate-post-kit/assets/js/upk-site.min.js?ver=3.11.6

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e1f8960b3ef0d809c54fe0eb21036c8a2879147e90fff33bfea0c482e067cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 04 May 2024 16:21:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b718eb35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 32

GET
H3 200 elements-handlers.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 37 KB
10 KB 215ms
212ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.21.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e19b311a7064841eaebdc30eeaf2f3716b37f2fc398824ff351c8e9ba6073a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718ed35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/js/ 39 KB
13 KB 254ms
250ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.21.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

350309eb424d4690771d9c148443d57b7278985fe77a2341aee04703133d4e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718ef35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 core.min.js Show response
www.baldan.adv.br/wp-includes/js/jquery/ui/ 21 KB
7 KB 228ms
223ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 01:06:32 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718fb35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 waypoints.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 250ms
245ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b718fe35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 252ms
247ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.21.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e15f4c6432c13eb2d87102e0530ca9526cbb3d9eadc0f19dc6521bf924f840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 i18n.min.js Show response
www.baldan.adv.br/wp-includes/js/dist/ 9 KB
4 KB 262ms
257ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Feb 2024 01:23:16 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 hooks.min.js Show response
www.baldan.adv.br/wp-includes/js/dist/ 4 KB
2 KB 258ms
254ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Jan 2024 21:29:56 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190635ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-polyfill.min.js Show response
www.baldan.adv.br/wp-includes/js/dist/vendor/ 38 KB
14 KB 265ms
261ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Jan 2024 21:29:56 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190735ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 regenerator-runtime.min.js Show response
www.baldan.adv.br/wp-includes/js/dist/vendor/ 6 KB
3 KB 253ms
248ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 20 Sep 2023 04:00:24 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190b35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-polyfill-inert.min.js Show response
www.baldan.adv.br/wp-includes/js/dist/vendor/ 8 KB
3 KB 254ms
250ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 18 Jan 2023 19:46:34 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190d35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-modules.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/js/ 62 KB
18 KB 268ms
263ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d6197227f267c5ad7b8a20ac06f808a73153b3b9b70cbc467a3812b378aa11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190e35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 webpack.runtime.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 247ms
242ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.5

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab86704a301b18ea8ebe07f25798988c32a123117a255f790fc1ef6d681617b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7190f35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 webpack-pro.runtime.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 6 KB
3 KB 259ms
254ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3953294ce60e7b22423d99f097e963be6ba72f093a8bbeb5b5adc15fc1cbfa6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191135ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 imagesloaded.min.js Show response
www.baldan.adv.br/wp-includes/js/ 5 KB
2 KB 242ms
237ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/imagesloaded.min.js?ver=5.0.0

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Aug 2023 02:48:26 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-mediaelement.min.js Show response
www.baldan.adv.br/wp-includes/js/mediaelement/ 1 KB
700 B 247ms
243ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Feb 2023 00:30:42 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191335ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 mediaelement-migrate.min.js Show response
www.baldan.adv.br/wp-includes/js/mediaelement/ 1 KB
719 B 248ms
244ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Apr 2022 04:37:18 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 mediaelement-and-player.min.js Show response
www.baldan.adv.br/wp-includes/js/mediaelement/ 154 KB
38 KB 683ms
679ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 29 Sep 2022 22:51:12 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191535ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 loader.js Show response
cdn.trustindex.io/ 39 KB
544 B 49ms
43ms Script
text/javascript 2600:9000:225b:6a00:9:1645:9cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.trustindex.io/loader.js?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:6a00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

ec58296433882ac7098fb29553de5bd1fea6192f15b982939936d871e8b18474

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 17:01:35 GMT
content-security-policy: frame-ancestors 'self' *;
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P1
cross-origin-embedder-policy: require-corp
age: 57805
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 10451
referrer-policy: origin
last-modified: Fri, 10 May 2024 08:16:20 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "9b07-61815268a1453-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type
x-amz-cf-id: LnA9occllPtpZwaeKcgVeOsL3-i8fy6XAuhT9eopyZEhHkz0_Q5zww==

GET
H3 200 jquery-numerator.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/jquery-numerator/ 2 KB
919 B 216ms
212ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191835ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.smartmenus.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 24 KB
7 KB 254ms
250ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.2.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b60ae2f2938c589960ef00d9b9a644f0847f7183f597cdc3fbf8cfe904c552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191b35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 widget-scripts.js Show response
www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/ 134 KB
36 KB 264ms
261ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec72483b8ae6f1a2001c2d50ffd1d1767488850e70d03d813d1556ba6b9dac74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=137549
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7191d35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-script.js Show response
www.baldan.adv.br/wp-content/plugins/elementskit-lite/libs/framework/assets/js/ 40 B
235 B 216ms
213ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=3.1.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 04 May 2024 16:21:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6b7191e35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 40

GET
H3 200 hello-frontend.min.js Show response
www.baldan.adv.br/wp-content/themes/hello-elementor/assets/js/ 3 KB
1 KB 254ms
251ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=3.0.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fad3123058cce0346ee9998342ef09cfa766dc1393ee3b5c2b450a18936c7d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 08 Apr 2024 18:43:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7192035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 she-header.js Show response
www.baldan.adv.br/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/ 14 KB
3 KB 214ms
211ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.6.11

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e6f8785254fe912f5d6bdfc1bbf19d70a39e69c8e48eca6a70f45aff41c9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 19:19:18 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7192135ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
www.baldan.adv.br/wp-includes/js/jquery/ 13 KB
5 KB 260ms
257ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Jun 2023 14:19:24 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7192235ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.baldan.adv.br/wp-includes/js/jquery/ 86 KB
31 KB 261ms
257ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Aug 2023 01:44:24 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6b7192435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK b9163fa6-367a-44eb-83aa-2c05baf214dd
https://www.baldan.adv.br/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.baldan.adv.br/b9163fa6-367a-44eb-83aa-2c05baf214dd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 cropped-baldan-1-32x32.png
www.baldan.adv.br/wp-content/uploads/2024/04/ 678 B
0 0ms
0ms Other
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/04/cropped-baldan-1-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4085ba6f36dd572e8bd4aceefa08d1c0f3580fc960db134f4490eff9220ac40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:04:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 21:42:47 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6ae887c35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 678

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
64 KB 157ms
68ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTBNP6VW

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

041bc5fd976af88589f6919a5e08e9cb2678d64ecac7e98cdf480ab5bba99586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 09:05:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.baldan.adv.br/wp-includes/js/ 18 KB
5 KB 225ms
225ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Feb 2024 23:06:08 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc2a8e35ae-WAW
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
www.baldan.adv.br/cdn-cgi/ 0
143 B 56ms
56ms XHR
text/plain 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 15 May 2024 09:05:00 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.baldan.adv.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8841f6bc5ad335ae-WAW

GET
H3 200 nav-menu.d43af66e5000fd109c04.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 232ms
232ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/nav-menu.d43af66e5000fd109c04.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bfbff45c9193330909b1b05c452de2e538cdc282a1fa596a182efce30e27f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc5ae435ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/js/ 1 KB
854 B 244ms
244ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5c467eeec880a0019a4da61595410a94cc75ad8e63552fc8705245221bfa126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc6ae935ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 counter.02cef29c589e742d4c8c.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor/assets/js/ 912 B
670 B 213ms
213ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/counter.02cef29c589e742d4c8c.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aba1feb22d6d7c66841ffdf8f59f422b5f05100cb533b81c3bd569095cd9046b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:15:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc6af535ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 form.10bf1a6475f0741920ff.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 19 KB
5 KB 223ms
222ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/form.10bf1a6475f0741920ff.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ba7726c0b01787ff7780fb692ca2767aa01d329b8f08b630f299776c252f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc8b1735ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 popup.085c1727e36940b18f29.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 751 B
631 B 216ms
215ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/popup.085c1727e36940b18f29.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b25b4aef3d3352c08388f7cbc0e431dcfbaa3530351f8d76a758c4421100d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc8b1c35ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 load-more.bc9573b5d1f73abd80b9.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 204ms
204ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/load-more.bc9573b5d1f73abd80b9.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3027dece82dd590157b3e141de6bbb3a88d648558c1588a65f5e536667fc4e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc8b2035ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 posts.caaf3e27e57db8207afc.bundle.min.js Show response
www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/ 3 KB
1 KB 215ms
215ms Script
application/javascript 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/posts.caaf3e27e57db8207afc.bundle.min.js

Requested by

Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12967ea096320ba24d5b730cd4582a912113f4f659cb5759ba6d51974b7f29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 May 2024 01:32:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8841f6bc8b2335ae-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 bundle.js Show response
static.getbutton.io/widget/ 419 KB
121 KB 287ms
191ms Script
application/javascript 2606:4700:20::681a:fdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js?id=OUqdb
Requested by: Host: www.baldan.adv.br
URL: https://www.baldan.adv.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b1dc76101401add4413d1476e5a5dac5a038a2dff56aba37287874a1503ea9f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 07:22:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6643111a-68d7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWZNsmXha5qDFqY0J%2BZ8X1%2BAVwqh6b%2BO3kTsVuVyBjnkRk1wAGF6IQeqdKijFrUslsFlKYVeesHzhnAvOi5mK4LPwW3vDReC2VYktIWh6QeurLvnWj5FNCHjaqWvIErjEKBSQd5dx%2BusmQHpvNhGf0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8841f6bd4f80690d-FRA
expires: Wed, 15 May 2024 12:05:01 GMT

GET
H2 200 1f64f.svg
s.w.org/images/core/emoji/15.0.3/svg/ 1 KB
1001 B 121ms
36ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f64f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

8507d163d2a5c3e4ae298f241d74883e6481b720e78543c08291102ec738b433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 1
date: Wed, 15 May 2024 09:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:18:13 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Absolvicao.jpeg
www.baldan.adv.br/wp-content/uploads/2024/05/ 20 KB
20 KB 196ms
196ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/05/Absolvicao.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da0f821c8f781aab33b1a7ad887db52558d4027ca3bc6e3cc184748952225559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 11:45:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6bded4f35ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 20250

GET
H3 200 regime-prisional.jpg
www.baldan.adv.br/wp-content/uploads/2024/05/ 10 KB
10 KB 198ms
198ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/05/regime-prisional.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38979c7d00f890cbf941bd2a18ee033c93bfdd86b81951ad273fa1e8ceef938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 11:44:00 GMT
server: cloudflare
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000, stale-while-revalidate=604800, stale-if-error=604800
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 8841f6bded5135ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 10436

GET
H3 200 Condenacao.webp
www.baldan.adv.br/wp-content/uploads/2024/05/ 36 KB
37 KB 203ms
203ms Image
image/webp 172.66.41.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.baldan.adv.br/wp-content/uploads/2024/05/Condenacao.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.41.23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba42649690403dcaf4c739e3be77308ba6bdce62d5d20310bc0aa2a38644e790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 14 May 2024 11:41:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8841f6bded5735ae-WAW
alt-svc: h3=":443"; ma=86400
content-length: 37290

GET
H/1.1 200
OK validate Show response
widget.getbutton.io/api/ 2 KB
1 KB 187ms
76ms Fetch
application/json 176.9.188.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getbutton.io/api/validate?hash_id=OUqdb
Requested by: Host: static.getbutton.io
URL: https://static.getbutton.io/widget/bundle.js?id=OUqdb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.188.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.188.9.176.clients.your-server.de
Software: nginx/1.23.1 /
Resource Hash: b138fdc23ded989dee77062a891b9674e1c6b3330b9ab87ca32007dac6fbd02f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 09:05:01 GMT
Content-Encoding: gzip
Server: nginx/1.23.1
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 flag.jpg
static.getbutton.io/img/ 14 KB
14 KB 448ms
447ms Image
image/jpeg 2606:4700:20::681a:fdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getbutton.io/img/flag.jpg?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bffa35015891aead56bc6593c32bc4412d92fa58a6283dd8337abdcf4920f90

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 09:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2323647
content-length: 14062
cf-bgj: h2pri
last-modified: Thu, 18 Apr 2024 11:04:20 GMT
server: cloudflare
etag: "6620fe34-36ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fk0tabef4jnGQPI%2FT3dMkoiQGVbGIsPKqPmjfrw%2BuN%2FZTvKrLJID01oMoBbD7eJ1o5%2FwjrjTy%2Fv42KV0PuKE32cHrAXZrrVwxF5E%2FgLbdtZsbPeX4coJTuo659pVcl3T2auZoRKj5BWU3phumOhb2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8841f6c4afab690d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f44b.svg
s.w.org/images/core/emoji/15.0.3/svg/ 2 KB
1 KB 37ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f44b.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.baldan.adv.br/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 1
date: Wed, 15 May 2024 09:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:15:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.baldan.adv.br
URL: https://www.baldan.adv.br/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.baldan.adv.br/	1970-01-21 05:21:39	Name: cf_clearance Value: eOtgM2hC_KbbUgudh5pntUtSFo48jt6OR7yXUc1rluY-1715763898-1.0.1.1-HXkb_uTy4fZC0GucBCiS1u1peUg6m3j43EZTnWC01fLEaueIPA.o0SYs3gKshJIJn6kmJsiZXsnDioXTyVs_Yg
			www.baldan.adv.br/	1970-01-20 20:38:56	Name: _lscache_vary Value: 4f0030b158dac1b1f4838f2b7003bac7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baldan.adv.br
baldan.adv.br.bbaldanadvocacia.com
cdn.trustindex.io
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh5.googleusercontent.com
s.w.org
static.cloudflareinsights.com
static.getbutton.io
widget.getbutton.io
www.baldan.adv.br
www.googletagmanager.com
www.baldan.adv.br
108.167.188.84
172.66.41.23
176.9.188.20
192.0.77.48
2600:9000:225b:6a00:9:1645:9cc0:93a1
2606:4700:20::681a:fdd
2606:4700:3108::ac42:2917
2606:4700::6810:5049
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::2001
2a00:1450:4001:82f::2008
041bc5fd976af88589f6919a5e08e9cb2678d64ecac7e98cdf480ab5bba99586
0461d7ca434bd83a037c27dad9ab222fa729a8d26047c581243e9d1dfc5b545a
04718da4d82694834d153bf5701eacc65897c3f90ae26c8391aa30ef0615de76
088667b7a0b5e9f5f833b772039667aa0a7d0d49cea5572238781ea3a3f423da
0deb4c433adfbe0242bf4057afd40200cc93764f633a7226406f620601704287
14d6197227f267c5ad7b8a20ac06f808a73153b3b9b70cbc467a3812b378aa11
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
19ba7726c0b01787ff7780fb692ca2767aa01d329b8f08b630f299776c252f77
1b25b4aef3d3352c08388f7cbc0e431dcfbaa3530351f8d76a758c4421100d92
1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1dfc4450e6acec335e3052bbc8912888020e7531c781e5879720e733cf366b28
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
21d76d42e95343c6a485da44f3509e962a21447dfbabd79b1350730163a00509
2526b01c32773f304f5ed98ee0c078ab686bb627617940b866e72dfb66a9bee3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ab86704a301b18ea8ebe07f25798988c32a123117a255f790fc1ef6d681617b
2ad72a5392d6419ff69e2388f8bf8b31f91f932e0a96024349911b9f1a9323e0
2bffa35015891aead56bc6593c32bc4412d92fa58a6283dd8337abdcf4920f90
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3027dece82dd590157b3e141de6bbb3a88d648558c1588a65f5e536667fc4e11
30c2e510f9fac929eeab0ea915d80904a4e72b22eb8612dd8c83c7dfb71862e0
350309eb424d4690771d9c148443d57b7278985fe77a2341aee04703133d4e55
38979c7d00f890cbf941bd2a18ee033c93bfdd86b81951ad273fa1e8ceef938d
38e2d5538947ca8480948a94fd7a4e17e5a4776a99fb964b9d48789bc5c145b9
3953294ce60e7b22423d99f097e963be6ba72f093a8bbeb5b5adc15fc1cbfa6f
3c3c0ebe37e4fd4187131a0a8d039064a9014215c4b83199d909e7e0b2d7f450
3c4cf7b34847c301c6bec870d6011aa787fef7595ee747e36fa1e9d17678e422
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e1f8960b3ef0d809c54fe0eb21036c8a2879147e90fff33bfea0c482e067cdd
4085ba6f36dd572e8bd4aceefa08d1c0f3580fc960db134f4490eff9220ac40b
49ebaf0bfad5aaf0c66de0bb84a2c7d1e32f33add8d6cb75897ae56cb07bcda9
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f98a7dcf1750b5881bdd2b8443254181773bd6d5d4e29e39115ea97439021a0
5048571a6bc8a80979faffe901cbfcf1f29e82a196d704fcda92a4b949e2ab81
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3
55776864a3edf8cfc677a7ad7ce1104474f9854012f1d1137ac3eb36da3237ed
55e15f4c6432c13eb2d87102e0530ca9526cbb3d9eadc0f19dc6521bf924f840
59af94530ad01aa567b8e1b964e10c656a19d7702ad1b837a727e4626780784d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5e4409273c09c11ccf707a01b5f1e1da89d76c0e5e6d1cb83115964360c3242d
639fc10ac32f2e8daf564edf4703536c897ed7950c6c66c9334350274274916c
68c35bc26b59c9c8687ee3d49c2e750375e7005058c9223928950aa8ad1eaa0d
6a04627f436ac9e60a2e01ffb3aa26c1fb5f43d3db95d74ba59f436805f42724
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
76fb65f605df2b2d124684c3c4ec3e0c75fdf013b2727af6cdb68b73b5c8a9bb
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7bfbff45c9193330909b1b05c452de2e538cdc282a1fa596a182efce30e27f67
834fc13930a4121a5fffe54fbe2fc455cdd3607c0f9a349ba119c88d9e08c3db
839ca06ff6cdceca74034fb77e8c522b09b425808363b33075ce8b01ff1a25b2
8507d163d2a5c3e4ae298f241d74883e6481b720e78543c08291102ec738b433
8adb6c236dc1b6429f43c59a011f502ad46dbbe6b08e76dffc2edc8d8cc72e4f
8beb4c412fb3fcd4729e6ace2765c86081daece312fd59580e3bed2f78559fa7
8daf3abddacc6852a9048b137d6232bec57ed167a80170ac6dcad79ce475053e
8e17088ea0278e2529c931343f3c2cb487440bff74f1f980983417413914673c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
931ef58ecf677c8ffe2d3c6b3c974f958e87af69477d5a4111ad533fab24ca57
95dc1681a921e8c45fb1f1e8e06dde25ab18bccc886cc3c2ba091974edbae3b4
97a09cb2af7d4406f6163874dad15c607d571749611d00890d47143495a0a617
9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28
9b1dc76101401add4413d1476e5a5dac5a038a2dff56aba37287874a1503ea9f
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f3d3aab5fa3e8d2930b98d8a8f86e116d983ecfef468cb5eed22c7b19e0ad7a
a0b80c9fbd8cbf2074fb006ff97ac855636d46af95f85888dab9d6786be1fcb3
a44a0be5322a593d73a12c30d32f018d897ba52bf5ca49f6d5d9247a28a940d8
a5c467eeec880a0019a4da61595410a94cc75ad8e63552fc8705245221bfa126
a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505
aba1feb22d6d7c66841ffdf8f59f422b5f05100cb533b81c3bd569095cd9046b
af4f8307e2873f0cbe3bf1bfeb31c0520a50066e7cb212324e6869758a28ff0e
b138fdc23ded989dee77062a891b9674e1c6b3330b9ab87ca32007dac6fbd02f
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b4632096dce15f979a5a28c3badd905ce8d73df86a3da02bd0f14e1196c63e27
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
b86f111b8a460dceef9bd27747840d26fb195ebf1be0738ff0d1977d7905616b
ba42649690403dcaf4c739e3be77308ba6bdce62d5d20310bc0aa2a38644e790
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb9c47d5844a35d4226f6c58b849c59a9627d5eb618d27d545428fa9e09cf20c
bc1ceceb391feedd7ff84f2d0937347fb684d0532d55187a5aa521f1cdf819d7
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
be2ec0ff33330d27fa07c7a7ed4f128637dc43543cc3ffde2c2a24c700babfe7
c12967ea096320ba24d5b730cd4582a912113f4f659cb5759ba6d51974b7f29f
c1a14078be47bd4e4cf5ba42f7ebc1000a6ae1bfc084f1c7e6132f49823ed038
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c67cd82de676ba29b89c52107c0aae12094c774c2e0bb179f32888a3dbc3da42
c9e6f8785254fe912f5d6bdfc1bbf19d70a39e69c8e48eca6a70f45aff41c9e5
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
caa5ba7b08c3149b6df4583ef911a439caa965bc8b76eea5081638cb7ccd6bad
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d5b0b0cfa73017b83aae5c55f0e85bc8f0d4e8d371802e4df1feb38a87875736
d8172ac72e2a5606e457ed911f42d7e134d1a17e77b93f2e5fa8561dcdededaf
d96cff1376bc7b908a436168f6a236872442a7fc92d3219654cc1f1469a75033
da0f821c8f781aab33b1a7ad887db52558d4027ca3bc6e3cc184748952225559
e19b311a7064841eaebdc30eeaf2f3716b37f2fc398824ff351c8e9ba6073a2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf0518690f4fbea38e54a1130fb6f928dd27c1c4d31c619130a2f64fbc02462
ec58296433882ac7098fb29553de5bd1fea6192f15b982939936d871e8b18474
ec72483b8ae6f1a2001c2d50ffd1d1767488850e70d03d813d1556ba6b9dac74
ee416864a35e1720df1e04084e7243952927fb3eb8a274d896e42f643716358a
f259a230c1e8a95cfdf29b9bdfc9472ca0de49b078f08b03a7e54866b68972c1
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f540d74ad5596a519724f324d013df66b90b6ea4ec23455bf6cbfe3c10e38712
f61c1ea30d58076c8e9a0ca3c80a9c0773b0a7a431d234e5ad0ed09fd0529a45
f9b60ae2f2938c589960ef00d9b9a644f0847f7183f597cdc3fbf8cfe904c552
fad3123058cce0346ee9998342ef09cfa766dc1393ee3b5c2b450a18936c7d1b
fd0a18f717ca19bcbca32a12434f22221709c6297fab91466d2bdb2b21cc0287
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ff3b9d8a80dc1efe0007664f5e02f349e865c9d91a3e454db509aea609cec358
ffc6074a95d65c449412365c7803283755be1d532ddc6342ebd777aa830dd036

www.baldan.adv.br Open in urlscan Pro 172.66.41.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

98 %HTTPS

67 %IPv6

10 Domains

13 Subdomains

12 IPs

2 Countries

2425 kBTransfer

5496 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.baldan.adv.br Open in urlscan Pro
172.66.41.23 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

98 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2425 kB
Transfer

5496 kB
Size

2
Cookies

136 HTTP transactions
5 data transactions