santander.toroescrow.com.br Open in urlscan Pro
2600:9000:211a:9400:10:5f33:68c0:93a1  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response santander.toroescrow.com.br/	2 KB 2 KB	226ms 45ms	Document text/html	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash b3361047e626ad0f44432aa06f6f7e90c1f8acdb77997f10c6e0513c35cecff0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2092 content-encoding gzip content-type text/html date Fri, 09 Sep 2022 09:40:01 GMT etag W/"7c23aa6a772bf8cbd93ffd68680b40f6" last-modified Thu, 08 Sep 2022 23:57:26 GMT referrer-policy same-origin server escrow-front-camouflage strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-amz-cf-id BEq5X4YgVs8uPjII_F5AXAMqWbF6g7k9JJPoXOBNGK46pEthQWTrJw== x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	65ms 25ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800,900,&display=swap Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 60abce40c57a04c045e7475a4bbf52fdd5ef9eb649e25c18a2034a51270ec380 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 09 Sep 2022 10:14:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 09 Sep 2022 10:14:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 09 Sep 2022 10:14:52 GMT
GET H2	200	2.76bbf8b5.chunk.css santander.toroescrow.com.br/static/css/	780 KB 83 KB	579ms 577ms	Stylesheet text/css	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://santander.toroescrow.com.br/static/css/2.76bbf8b5.chunk.css Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash bb2c3608e649674ba7eeed67733844371d51e9ab7d6a7fe0ff342167a4fc3429 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag W/"22b105ee56abcb2b21d063d56791f1e2" vary Accept-Encoding, Origin content-type text/css via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-amz-cf-id xdclyo--maa7hPJvoZEi3oRtpQjNZvhcapT5YD8Qrsgn-vT0deXBqw==
GET H2	200	main.3417607e.chunk.css santander.toroescrow.com.br/static/css/	54 KB 11 KB	579ms 578ms	Stylesheet text/css	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://santander.toroescrow.com.br/static/css/main.3417607e.chunk.css Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 1965c58bb138952133226143586a9d6ed35c898402354a20904ba4c7f164aaa2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag W/"a467760ce5c519bb03acb018043e4ff8" vary Accept-Encoding, Origin content-type text/css via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-amz-cf-id FDrH-stHSuGIpPKRBWG44_7yVbsCR3asHeN0WpdFXa0hG0WBqrv6Ew==
GET H2	200	2.5f097401.chunk.js Show response santander.toroescrow.com.br/static/js/	3 MB 1 MB	447ms 446ms	Script application/javascript	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://santander.toroescrow.com.br/static/js/2.5f097401.chunk.js Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 7b99fe48cfa8ee640d71e980931b8352d6fc637f965e99e55fd4fd8e2f6dfd6d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag W/"8233ea44f41ba629420e8bde6ee48547" vary Accept-Encoding, Origin content-type application/javascript via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-amz-cf-id L5a1qXtJkXmJ1m_ZHE6B7c6OYYeHx_S6hqeJRQsnwUPcKJDiCXk6nw==
GET H2	200	main.9cf5e50c.chunk.js Show response santander.toroescrow.com.br/static/js/	2 MB 375 KB	579ms 578ms	Script application/javascript	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://santander.toroescrow.com.br/static/js/main.9cf5e50c.chunk.js Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 480b6a7ab897adc2152885e97263716df585a6f67c7c94d7e69feb0b041f117d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag W/"9d014c260fd7a023becdbfb34147f47a" vary Accept-Encoding, Origin content-type application/javascript via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-amz-cf-id vEI2km0jLBaIFqiQTiCihKagoGxytaqNb49mOrcQk0Y-PfrVmsyMZQ==
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v25/	35 KB 36 KB	57ms 18ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800,900,&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://santander.toroescrow.com.br accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Mon, 05 Sep 2022 21:06:30 GMT x-content-type-options nosniff age 306503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35904 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:34:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 05 Sep 2023 21:06:30 GMT
GET H2	200	santander.png santander.toroescrow.com.br/	3 KB 4 KB	464ms 463ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/santander.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash e6df312d16380222b43f474d359806ca14a43ecf317eeb15fa242dd5e5b18d07 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 3093 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "7a502de5ac190ea62ab3b28766eafeff" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id 2nkFeuZtZ1pgO7uN9V10a_EeGkjXeIDioM_r4vEN8wDgMvJtFjwV0w==
GET H2	200	ambima-white.png santander.toroescrow.com.br/	5 KB 6 KB	528ms 527ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/ambima-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 2085925197170c164bf45bf34f3c26b88b3b87d0e7767b99863861e56f664ee4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 5304 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "fa5ce6c7c7542e62db510b729c416c68" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id KrSzFTnVXohGIWcXW4zKE4L2Z9Y_ca4PArCEosKzA9DGmwzKJrAQSA==
GET H2	200	cetip-certifica-white.png santander.toroescrow.com.br/	8 KB 9 KB	459ms 458ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/cetip-certifica-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 005c70771ea1ce49c5226bb82dc7cae1257fd72513e908217d695b748804bab7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 8514 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "41cbecd23965936f8fe1156da0b5c49b" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id j6vAUX51j1D4B194QfIV5KQzQvtfXaHOVs_IdQ-WFiLWKKCcn1so6g==
GET H2	200	como-investir-white.png santander.toroescrow.com.br/	11 KB 11 KB	483ms 482ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/como-investir-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash e48fed17dd17df0d59ba605a372edd5a3110a0d5653cb903b7d8de1d7ea8cb53 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 10890 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "5ebc0e6c2fcde9e9498675d1eb2f3182" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id V5PpsyjbgLHicNSxqEdkRb3CRJTKLoNfpFGYrTnsNCjKYH6cVXBhVA==
GET H2	200	banco-central-white.png santander.toroescrow.com.br/	7 KB 8 KB	448ms 447ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/banco-central-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 58e0c10adc94ade85cba1ad10e3bdd5433af52858e87ccb59b3a270763713916 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 7543 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "d7a996625e53feeaee7a3e8c176c56e4" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id vHOzJL5teNTz9bM6iE6CL2sBy520ixej_w24zEDbbJJxwJ7K34bbCA==
GET H2	200	b3-white.png santander.toroescrow.com.br/	7 KB 7 KB	456ms 456ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/b3-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 6cdcc6514c02c29755acf41b19f6a36033ba5df6e5a89e2ce0c9d331494cf9b7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 6816 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "e17c886df7c17776fd7745e933cde2b6" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id QQuL-9B1X-AKywI-kUak_onsvcpEcJyd26AOatWe7OZS0sCm0R2Vnw==
GET H2	200	bsm-white.png santander.toroescrow.com.br/	11 KB 11 KB	458ms 457ms	Image image/png	2600:9000:211a:9400:10:5f33:68c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://santander.toroescrow.com.br/bsm-white.png Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:9400:10:5f33:68c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software escrow-front-camouflage / Resource Hash 1f0302232717aa2f13914c2d155358e4f62ad182a46d740857faa04537db27f5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://santander.toroescrow.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:55 GMT via 1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront strict-transport-security max-age=63072000; includeSubDomains; preload content-length 11176 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 08 Sep 2022 23:57:26 GMT server escrow-front-camouflage x-frame-options DENY etag "4901d98c2ba7a3e43eaae25574b7539e" vary Accept-Encoding, Origin content-type image/png accept-ranges bytes x-amz-cf-id XmAY7RKPGQX0YsTe53jikvS3L1NTGu4zlFbdQUcyOYjCwmCiw2Dd8g==
GET H2	200	hotjar-2946414.js Show response static.hotjar.com/c/	4 KB 2 KB	93ms 46ms	Script application/javascript	108.138.17.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2946414.js?sv=6 Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-88.fra56.r.cloudfront.net Software / Resource Hash 3dfff98e3c2054a2d6a61cb470f92592f1c36a3461a02fc831e279cb35a95ed1 Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:53 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA56-P7 etag W/240361877d7aab595c05e673cf840c05 strict-transport-security max-age=604800; includeSubDomains x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin vary Accept-Encoding x-amz-cf-id 7aSR8U9syRO6dW1VrFS-Kv0WWRBXT0FWZ2AHnhNRKJl3aJ5JzVEz0w== via 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
GET H2	200	js Show response www.googletagmanager.com/gtag/	209 KB 73 KB	79ms 36ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3XGLL6RYMG Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/static/js/2.5f097401.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a6cd0ef9138546227e13b51e279d26b71d740636990c6042635afd926c7c4f4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:53 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74501 x-xss-protection 0 expires Fri, 09 Sep 2022 10:14:53 GMT
GET H2	200	webConfig Show response firebase.googleapis.com/v1alpha/projects/-/apps/1:570821227743:web:f0eabdb9e40fa7445fe56a/	259 B 379 B	47ms 46ms	Fetch application/json	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:570821227743:web:f0eabdb9e40fa7445fe56a/webConfig Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/static/js/2.5f097401.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 971f3996dc0ea7f4a932a778343d01e395721876a6969c3b7617595fdfe98511 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept application/json Referer x-goog-api-key AIzaSyC5HR_j3Wh8fHnmSX2uADqjSYAdHP7mvHo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:53 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://santander.toroescrow.com.br access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private vary Origin, X-Origin, Referer content-length 189 x-xss-protection 0
OPTIONS H2	200	webConfig firebase.googleapis.com/v1alpha/projects/-/apps/1:570821227743:web:f0eabdb9e40fa7445fe56a/ Frame	0 0	82ms 30ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebase.googleapis.com/v1alpha/projects/-/apps/1:570821227743:web:f0eabdb9e40fa7445fe56a/webConfig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-api-key Access-Control-Request-Method GET Origin https://santander.toroescrow.com.br Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers access-control-allow-headers x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://santander.toroescrow.com.br access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 09 Sep 2022 10:14:53 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	installations Show response firebaseinstallations.googleapis.com/v1/projects/escrow-76218/	625 B 680 B	301ms 300ms	Fetch application/json	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/escrow-76218/installations Requested by Host: santander.toroescrow.com.br URL: https://santander.toroescrow.com.br/static/js/2.5f097401.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e96225e4b647f3a38aefae38ff865130a2581e7553c3c0ade0d7258a7a3f0d7b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept application/json Referer x-goog-api-key AIzaSyC5HR_j3Wh8fHnmSX2uADqjSYAdHP7mvHo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 x-firebase-client eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjggZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI4IGZpcmUtanMvIGZpcmUtaWlkLzAuNS4xMiBmaXJlLWlpZC1lc20yMDE3LzAuNS4xMiBmaXJlLWFuYWx5dGljcy8wLjguMCBmaXJlLWFuYWx5dGljcy1lc20yMDE3LzAuOC4wIGZpcmUtanMtYWxsLWFwcC85LjkuMCIsImRhdGVzIjpbIjIwMjItMDktMDkiXX1dfQ content-type application/json Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://santander.toroescrow.com.br access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private vary Origin, X-Origin, Referer content-length 490 x-xss-protection 0
OPTIONS H2	200	installations firebaseinstallations.googleapis.com/v1/projects/escrow-76218/ Frame	0 0	78ms 23ms	Preflight text/html	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebaseinstallations.googleapis.com/v1/projects/escrow-76218/installations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-firebase-client,x-goog-api-key Access-Control-Request-Method POST Origin https://santander.toroescrow.com.br Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers access-control-allow-headers content-type,x-firebase-client,x-goog-api-key access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://santander.toroescrow.com.br access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 09 Sep 2022 10:14:53 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	modules.448392d04fd1e15c100a.js Show response script.hotjar.com/	251 KB 65 KB	56ms 18ms	Script application/javascript	52.222.236.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.448392d04fd1e15c100a.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2946414.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-63.fra56.r.cloudfront.net Software / Resource Hash f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2 Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 10:58:07 GMT content-encoding br x-content-type-options nosniff age 170206 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=604800; includeSubDomains content-length 65486 access-control-allow-origin * last-modified Wed, 07 Sep 2022 10:57:54 GMT etag "dda0289b22368ab84a40f8dab68ddb9e" vary Accept-Encoding content-type application/javascript via 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P4 accept-ranges bytes x-robots-tag none x-amz-cf-id TzU3Tl0nuwMHLa586VUfLgSCM5HtLqJYiQh6gRleeGOyUscCGSdPlw==
POST H2	204	collect region1.google-analytics.com/g/	0 355 B	75ms 22ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-3XGLL6RYMG&gtm=2oe970&_p=1848581482&cid=1230341667.1662718494&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662718493&sct=1&seg=0&dl=https%3A%2F%2Fsantander.toroescrow.com.br%2F&dt=Santander%20%7C%20Plataforma%20Escrow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3XGLL6RYMG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Fri, 09 Sep 2022 10:14:54 GMT server Golfe2 content-type text/plain access-control-allow-origin https://santander.toroescrow.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response vars.hotjar.com/ Frame 27EF	2 KB 1 KB	66ms 16ms	Document text/html	18.66.147.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2946414.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-29.fra60.r.cloudfront.net Software / Resource Hash 867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1 Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 176267 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 07 Sep 2022 09:17:07 GMT etag "f6a9ca04b0687ea3c0d98e8430c8c77b" last-modified Wed, 07 Sep 2022 09:16:57 GMT strict-transport-security max-age=604800; includeSubDomains vary Accept-Encoding via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) x-amz-cf-id RKYXU01MB6FQHH6pXebffZIPKyKcvWWsdGTD_DgH0WxUrl6TbX2Zkg== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	heatmap-dynamic-view.090f7af857c058ab40b4.js Show response script.hotjar.com/	9 KB 3 KB	15ms 15ms	Script application/javascript	52.222.236.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/heatmap-dynamic-view.090f7af857c058ab40b4.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-63.fra56.r.cloudfront.net Software / Resource Hash 75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209 Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 09:17:08 GMT content-encoding br x-content-type-options nosniff age 176266 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=604800; includeSubDomains content-length 2827 access-control-allow-origin * last-modified Wed, 07 Sep 2022 09:16:56 GMT etag "16c693059e6964759ae9d5fdfd5623b0" vary Accept-Encoding content-type application/javascript via 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P4 accept-ranges bytes x-robots-tag none x-amz-cf-id 8IardpAwyzM0e-wqVJ3CcapXie_1eDPcfrJOMJq8aD3GTgW4decbyQ==
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2946414/	148 B 322 B	131ms 43ms	XHR application/json	63.34.154.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2946414/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.34.154.154 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-34-154-154.eu-west-1.compute.amazonaws.com Software / Resource Hash a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	204	2946414 Show response vc.hotjar.io/sessions/	0 258 B	107ms 41ms	XHR text/plain	108.138.7.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/2946414?s=0.25&r=0.189928119937802 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-14.fra56.r.cloudfront.net Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Fri, 09 Sep 2022 10:14:54 GMT via 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront) server Python/3.7 aiohttp/3.5.4 x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id jxskwmaHWkwrOvpb5bS9tHqFXDWcm2_mBhuJAIL6v2dfJnLnsifBaA==
POST H2	200	content Show response ws38.hotjar.com/api/v2/sites/2946414/recordings/	66 B 262 B	239ms 82ms	XHR application/json	54.72.247.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws38.hotjar.com/api/v2/sites/2946414/recordings/content Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.247.16 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-247-16.eu-west-1.compute.amazonaws.com Software / Resource Hash 1b4bd8270ef58e863c159b8673d7d5ce989564bf47b225219408529d06bc3d73 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Fri, 09 Sep 2022 10:14:54 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonpescrow-front object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| dataLayer function| gtag object| pdfjsWorker function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data object| gaGlobal

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.toroescrow.com.br/	1970-01-20 15:27:58	Name: _ga_3XGLL6RYMG Value: GS1.1.1662718493.1.0.1662718493.0.0.0
			.toroescrow.com.br/	1970-01-20 15:27:58	Name: _ga Value: GA1.1.1230341667.1662718494
			.toroescrow.com.br/	1970-01-20 14:37:34	Name: _hjSessionUser_2946414 Value: eyJpZCI6IjZiMGQzNmUzLWNiNmUtNWJhMy04YjM2LTQ2OGYzMmMxMTMxZiIsImNyZWF0ZWQiOjE2NjI3MTg0OTQwNDEsImV4aXN0aW5nIjpmYWxzZX0=
			.toroescrow.com.br/	1970-01-20 05:52:00	Name: _hjFirstSeen Value: 1
			santander.toroescrow.com.br/	1970-01-20 05:51:58	Name: _hjIncludedInSessionSample Value: 1
			.toroescrow.com.br/	1970-01-20 05:52:00	Name: _hjSession_2946414 Value: eyJpZCI6ImNkNDQ5ZGY4LTcxODQtNDQzNC1iZjZiLWQwNDQ3NmRkN2M5ZiIsImNyZWF0ZWQiOjE2NjI3MTg0OTQwNjgsImluU2FtcGxlIjp0cnVlfQ==
			santander.toroescrow.com.br/	1970-01-20 05:51:58	Name: _hjIncludedInPageviewSample Value: 1
			.toroescrow.com.br/	1970-01-20 05:52:00	Name: _hjAbsoluteSessionInProgress Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
region1.google-analytics.com
santander.toroescrow.com.br
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
ws38.hotjar.com
www.googletagmanager.com
108.138.17.88
108.138.7.14
18.66.147.29
2001:4860:4802:32::36
2600:9000:211a:9400:10:5f33:68c0:93a1
2a00:1450:4001:801::2003
2a00:1450:4001:806::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
52.222.236.63
54.72.247.16
63.34.154.154
005c70771ea1ce49c5226bb82dc7cae1257fd72513e908217d695b748804bab7
1965c58bb138952133226143586a9d6ed35c898402354a20904ba4c7f164aaa2
1b4bd8270ef58e863c159b8673d7d5ce989564bf47b225219408529d06bc3d73
1f0302232717aa2f13914c2d155358e4f62ad182a46d740857faa04537db27f5
2085925197170c164bf45bf34f3c26b88b3b87d0e7767b99863861e56f664ee4
3dfff98e3c2054a2d6a61cb470f92592f1c36a3461a02fc831e279cb35a95ed1
480b6a7ab897adc2152885e97263716df585a6f67c7c94d7e69feb0b041f117d
58e0c10adc94ade85cba1ad10e3bdd5433af52858e87ccb59b3a270763713916
60abce40c57a04c045e7475a4bbf52fdd5ef9eb649e25c18a2034a51270ec380
6cdcc6514c02c29755acf41b19f6a36033ba5df6e5a89e2ce0c9d331494cf9b7
75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209
7b99fe48cfa8ee640d71e980931b8352d6fc637f965e99e55fd4fd8e2f6dfd6d
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
971f3996dc0ea7f4a932a778343d01e395721876a6969c3b7617595fdfe98511
a6cd0ef9138546227e13b51e279d26b71d740636990c6042635afd926c7c4f4b
a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347
b3361047e626ad0f44432aa06f6f7e90c1f8acdb77997f10c6e0513c35cecff0
bb2c3608e649674ba7eeed67733844371d51e9ab7d6a7fe0ff342167a4fc3429
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48fed17dd17df0d59ba605a372edd5a3110a0d5653cb903b7d8de1d7ea8cb53
e6df312d16380222b43f474d359806ca14a43ecf317eeb15fa242dd5e5b18d07
e96225e4b647f3a38aefae38ff865130a2581e7553c3c0ade0d7258a7a3f0d7b
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2