urlscan.io logo urlscan.io
SecurityTrails logo

santander-hml.toroescrow.com.br Open in urlscan Pro
2600:9000:24f2:1400:11:6b81:b600:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://santander-hml.toroescrow.com.br/
Effective URL: https://santander-hml.toroescrow.com.br/
Submission: On May 08 via api from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2600:9000:24f2:1400:11:6b81:b600:93a1, located in United States and belongs to AMAZON-02, US. The main domain is santander-hml.toroescrow.com.br.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 17th 2023. Valid for: a year.
This is the only time santander-hml.toroescrow.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2600:9000:24f2:1400:11:6b81:b600:93a1 (United States)

ASN16509 (AMAZON-02, US)
santander-hml.toroescrow.com.br
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
1    2600:9000:2009:1000:c:4a9d:3140:93a1 (United States)

ASN16509 (AMAZON-02, US)
escrow-api-hmlog.toroescrow.com.br
2    2607:f8b0:4004:c07::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
1    2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 toroescrow.com.br
santander-hml.toroescrow.com.br
escrow-api-hmlog.toroescrow.com.br
3 MB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
firebase.googleapis.com — Cisco Umbrella Rank: 3849
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 566
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 492
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
191 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
883 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
265 B
1 gstatic.com
www.gstatic.com
202 KB
0 invistacompi.com.br Failed
api-b2b-hml.invistacompi.com.br Failed
25 7
Domain Requested by
10 santander-hml.toroescrow.com.br santander-hml.toroescrow.com.br
2 firebaseremoteconfig.googleapis.com santander-hml.toroescrow.com.br
2 firebaseinstallations.googleapis.com santander-hml.toroescrow.com.br
2 www.googletagmanager.com santander-hml.toroescrow.com.br
2 www.google.com santander-hml.toroescrow.com.br
www.gstatic.com
2 firebase.googleapis.com santander-hml.toroescrow.com.br
1 www.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 escrow-api-hmlog.toroescrow.com.br santander-hml.toroescrow.com.br
1 fonts.googleapis.com santander-hml.toroescrow.com.br
0 api-b2b-hml.invistacompi.com.br Failed santander-hml.toroescrow.com.br
25 11

This site contains links to these domains. Also see Links.

Domain
santander-solicitecontato-hml.toroescrow.com.br
Subject Issuer Validity Valid
*.toroescrow.com.br
Amazon RSA 2048 M03		 2023-12-17 -
2025-01-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://santander-hml.toroescrow.com.br/
Frame ID: EFA324D57A7EEADCE9858F3EE842D3F4
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKyqAjAAAAANCy4DrUgtHFf62Yfd5GLsPmOPKN&co=aHR0cHM6Ly9zYW50YW5kZXItaG1sLnRvcm9lc2Nyb3cuY29tLmJyOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=bmyepov0pkiz
Frame ID: C12B61F78310BA0B50AE145772A28BC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Santander | Plataforma Escrow

Page URL History Show full URLs

  1. http://santander-hml.toroescrow.com.br/ HTTP 307
    https://santander-hml.toroescrow.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

96 %
HTTPS

100 %
IPv6

7
Domains

11
Subdomains

10
IPs

1
Countries

3146 kB
Transfer

8959 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://santander-hml.toroescrow.com.br/ HTTP 307
    https://santander-hml.toroescrow.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
santander-hml.toroescrow.com.br/
Redirect Chain
  • http://santander-hml.toroescrow.com.br/
  • https://santander-hml.toroescrow.com.br/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
7fa206aa3adf3647b4e6e8d30ba8194a540a4d6308932e5844f60cf04a74fb29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age
62211
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 07 May 2024 18:58:08 GMT
etag
W/"0609c705ea2adb3c83366dafe238fa50"
last-modified
Tue, 07 May 2024 18:43:15 GMT
referrer-policy
same-origin
server
santander
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 35306eb26a83034d2e583f34ce922c08.cloudfront.net (CloudFront)
x-amz-cf-id
e5QRHJauHyAsrP4gR2zXX1osp8RH_F75IbdgpXLtWoYtvQo8_JWEaQ==
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
tgotryL_7mjCUfiWbPSfSHtPQINeOd4A
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Location
https://santander-hml.toroescrow.com.br/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800,900,&display=swap
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d5d877091ac07913ed68021b7ffdbf0043cf835e2d7ed57a25a0217901ada25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 12:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 12:14:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 12:14:58 GMT
main.7de06d05.js
santander-hml.toroescrow.com.br/static/js/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
692c49a78dd83375e3b2a36e96c5c1ee2baaf7f08d1139eb7c6d965de99176ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:03:04 GMT
x-amz-version-id
zrDKeV1IE2CHuF4lpjLoQNSkHe.YOOpB
content-encoding
br
x-content-type-options
nosniff
via
1.1 35306eb26a83034d2e583f34ce922c08.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD55-P1
age
61915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
W/"72600caaf94724ae8417e7f5661ee3d7"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript
x-amz-cf-id
GwI4CG7U2wxPsBMYn_VKEoo09t1fFPC4J_lTEZpv6R2DSIcnkZicMA==
main.d3b3f6c1.css
santander-hml.toroescrow.com.br/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/static/css/main.d3b3f6c1.css
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
32098cbff873fc4243189485177b76c376302d13ee70c9e2548f4ac4842540f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:03:04 GMT
x-amz-version-id
WxnsHtvhpUNv6tEiWmqEebhqXi0Pttqg
content-encoding
br
x-content-type-options
nosniff
via
1.1 35306eb26a83034d2e583f34ce922c08.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD55-P1
age
61915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
W/"89b03e8727747cd30137ace3b077f308"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
x-amz-cf-id
nXUWevrKyBnYT2iV55TncF9hkwwhFDtxqWX7lAySuMm4ldhDB28NQQ==
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:269134417119:web:bea61e2137008daf47ed6a/ 		265 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:269134417119:web:bea61e2137008daf47ed6a/webConfig
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02b69163cc5205af5018b2127971232591262da4820b7cd802dcd096439d9e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept
application/json
Referer
https://santander-hml.toroescrow.com.br/
x-goog-api-key
AIzaSyCLR3mYdhKNdfzSffaJr5jX4BAGBPfSP0Y
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:269134417119:web:bea61e2137008daf47ed6a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:269134417119:web:bea61e2137008daf47ed6a/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://santander-hml.toroescrow.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 08 May 2024 12:14:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
health
escrow-api-hmlog.toroescrow.com.br/api/escrow/ 		986 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://escrow-api-hmlog.toroescrow.com.br/api/escrow/health
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2009:1000:c:4a9d:3140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander-sls-escrow-api-root-configuration /
Resource Hash
3e1e4ac3d96f5d1585ef28f82b8d614cec2b52d886d006f97d60e30f0ec3ab72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
via
1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD66-C2
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
986
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
santander-sls-escrow-api-root-configuration
x-frame-options
DENY
vary
Origin
content-type
text/html
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
*
x-amz-cf-id
Tfma_TOZdvTrZns9Bo3ZWaSlvtpdhUb-dn1yx0iWtEpTJLryolfvHQ==
api.js
www.google.com/recaptcha/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcKyqAjAAAAANCy4DrUgtHFf62Yfd5GLsPmOPKN
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8e7f9d4a56605cdbf06e76d550495637a5fc2aee52d2612f7889019eefc9591
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 08 May 2024 12:15:00 GMT
scroll-down-icon.svg
santander-hml.toroescrow.com.br/ 		211 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-hml.toroescrow.com.br/scroll-down-icon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
7c74bbc8a35060aeccb00971d026749445642cca5cfed8d635647bdffcee3ef6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 20:01:29 GMT
x-amz-version-id
mAQ54QJo59yCvbL6pK8BlmCH_j0I5quI
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P1
age
58411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
211
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"0f0166e56d56a50cb22dbbfade75029e"
vary
Origin
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
1ujdrf1pVQGGahDTZB5tjIHQJjIoZJkDPH6PI10ojKI_mILsseMgSg==
home-about-image.png
santander-hml.toroescrow.com.br/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-hml.toroescrow.com.br/home-about-image.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
823a12f79c37d408d8cec7d5a8d388ceb6045baea47ffa7e48021f396211b9af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 20:01:29 GMT
x-amz-version-id
9iOxUPjZIxdE41MsuSVCSoP5BqHh4nSc
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P1
age
58411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
73366
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"550e03ce94abc7c0c741c1806a848024"
vary
Origin
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
3Xixn272lv7Up5UhgDqmAqKfZ1sB2UJF1s09Yvm8wOajEsTHdxLYGg==
js
www.googletagmanager.com/gtag/ 		277 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5LQXBGDZQ8
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fbf29719fd1bdf51d6cce4c03ebdd655e2026448ad992a9229869baa3551b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 12:15:00 GMT
f8d1c37df4a7e0c9cdcf.svg
santander-hml.toroescrow.com.br/public/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-hml.toroescrow.com.br/public/f8d1c37df4a7e0c9cdcf.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
7f4c1671c0cfcb1f8b212b08706c4c086aaebb94dfd818e4ca9ed96a8fa4bbfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Tue, 07 May 2024 20:28:37 GMT
x-content-type-options
nosniff
x-amz-version-id
QY6nhf8K_bDvXlDNfTHnzQOqUfliLOnz
content-encoding
br
x-amz-cf-pop
IAD55-P1
age
56783
x-amz-server-side-encryption
AES256
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
W/"07be548afd2177bf154c1f3140aeac58"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
image/svg+xml
x-amz-cf-id
YEBJSwokx1a1fCOVlBKhMQskUNX0yOCHdzQn2jWAhn5psWCpt9EvgQ==
693418ba73e53d53e5cd.png
santander-hml.toroescrow.com.br/public/ 		745 KB
745 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-hml.toroescrow.com.br/public/693418ba73e53d53e5cd.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
f22f320f10f5368ecde2ba652e168aa99988ce1044a7e71a9d7e348a124972d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 20:01:29 GMT
x-amz-version-id
o_XOuwekoyCJb3MYQE4bv5nGclYY9.WM
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P1
age
58411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
762771
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"4dd9d7f422e825ca7f2daa8d997f12ba"
vary
Origin
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
EN7742QYEJWCB_tdw-36KJxzXrUcRFikCmDtLUJoQmNdxmi4FrQ6ew==
SantanderText-Regular.ttf
santander-hml.toroescrow.com.br/fonts/ 		149 KB
150 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/fonts/SantanderText-Regular.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
a5edebc972cbfac1a5301f046b65e519245f58ff3937707e751d58796cbeac8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Origin
https://santander-hml.toroescrow.com.br
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 18:58:11 GMT
x-amz-version-id
ymFTxbvcIFID8kT8EAtIu6a1jOp_VCi8
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD55-P1
age
62209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
152924
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"1d645ba2998c6eb7d86d09be19fcceca"
vary
Origin
x-frame-options
DENY
content-type
binary/octet-stream
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
xARG4FTY6IXpgmq3Gh66x0T5-rxl2Z4unyWbeSLFBsQEOI7Vig1RlQ==
SantanderHeadline-Regular.ttf
santander-hml.toroescrow.com.br/fonts/ 		149 KB
150 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/fonts/SantanderHeadline-Regular.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
d51bed8fd137a7d6eb3b49b4d415f5aeb9025638855946341805fa39e881e417
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Origin
https://santander-hml.toroescrow.com.br
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:39:32 GMT
x-amz-version-id
kVjwxib6t41WzxD0aroYciP08xt6.W7D
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
IAD55-P1
age
59728
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
152904
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"3033b0ffa7ec8ce757dae0ace48de80f"
vary
Origin
x-frame-options
DENY
content-type
binary/octet-stream
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
SaCQOsTYgL62ZROvDTmspdFtArVuZTwrii5gsZrF-yLC5chDFcosnQ==
favicon.ico
santander-hml.toroescrow.com.br/ 		129 KB
130 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://santander-hml.toroescrow.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f2:1400:11:6b81:b600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
santander /
Resource Hash
66f8b1e6389f9b2679175dbfe758d35b29e2fc0d779e64ec89327a7b7600b98c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 18:58:13 GMT
x-amz-version-id
oxwVK96P7GivSsIIth.59.enMHPrKkLs
via
1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
IAD55-P1
age
62207
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
132229
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 07 May 2024 18:43:15 GMT
server
santander
etag
"3e02f17e59cdf89a5cb661d7f1898d4c"
vary
Origin
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
x-amz-cf-id
-mESMKIO8pHEoAD7MYuQ-UJkO09i-sgeVCZJOPQ9eJzWehN-8XZFZg==
installations
firebaseinstallations.googleapis.com/v1/projects/escrow-homolog/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/escrow-homolog/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://santander-hml.toroescrow.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 08 May 2024 12:15:00 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/escrow-homolog/ 		625 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/escrow-homolog/installations
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
143803316cdcf7d2be3d462131b420d4f6b715587c9c5097100ac08896d4d44d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjEwLjIgZmlyZS1jb3JlLWVzbTIwMTcvMC4xMC4yIGZpcmUtanMvIGZpcmUtaWlkLzAuNi42IGZpcmUtaWlkLWVzbTIwMTcvMC42LjYgZmlyZS1hbmFseXRpY3MvMC4xMC4yIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4yIGZpcmUtanMtYWxsLWFwcC8xMC4xMS4xIGZpcmUtcmMvMC40LjYgZmlyZS1yYy1lc20yMDE3LzAuNC42IiwiZGF0ZXMiOlsiMjAyNC0wNS0wOCJdfV19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://santander-hml.toroescrow.com.br/
x-goog-api-key
AIzaSyCLR3mYdhKNdfzSffaJr5jX4BAGBPfSP0Y
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
x-xss-protection
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		506 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcKyqAjAAAAANCy4DrUgtHFf62Yfd5GLsPmOPKN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Origin
https://santander-hml.toroescrow.com.br
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 10:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205803
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 May 2025 10:02:59 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5LQXBGDZQ8
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a679cedc230f1d256ce13e235e5d25ac3522cd2283a67d5354b592db7f502bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98603
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 12:15:00 GMT
health
api-b2b-hml.invistacompi.com.br/escrow-api/api/escrow/ 		0
0
collect
www.google-analytics.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5LQXBGDZQ8&gtm=45je4510v891672702za200&_p=1715170499611&gcd=13l3l3l3l1&npa=0&dma=0&cid=187703510.1715170500&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715170500&sct=1&seg=0&dl=https%3A%2F%2Fsantander-hml.toroescrow.com.br%2F&dt=Santander%20%7C%20Plataforma%20Escrow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2425
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5LQXBGDZQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://santander-hml.toroescrow.com.br/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 12:15:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://santander-hml.toroescrow.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/escrow-homolog/namespaces/ 		29 B
71 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/escrow-homolog/namespaces/firebase:fetch?key=AIzaSyCLR3mYdhKNdfzSffaJr5jX4BAGBPfSP0Y
Requested by
Host: santander-hml.toroescrow.com.br
URL: https://santander-hml.toroescrow.com.br/static/js/main.7de06d05.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e49f3d2ab293efa4157bdaa1762bc696b78736d38620076a97d53b5153cf85e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Encoding
gzip
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://santander-hml.toroescrow.com.br/
If-None-Match
*
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 12:15:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
x-xss-protection
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/escrow-homolog/namespaces/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/escrow-homolog/namespaces/firebase:fetch?key=AIzaSyCLR3mYdhKNdfzSffaJr5jX4BAGBPfSP0Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://santander-hml.toroescrow.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://santander-hml.toroescrow.com.br
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 08 May 2024 12:15:00 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame C12B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKyqAjAAAAANCy4DrUgtHFf62Yfd5GLsPmOPKN&co=aHR0cHM6Ly9zYW50YW5kZXItaG1sLnRvcm9lc2Nyb3cuY29tLmJyOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=bmyepov0pkiz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QMrOVjDhmbdeW19O2I7xzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://santander-hml.toroescrow.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QMrOVjDhmbdeW19O2I7xzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 May 2024 12:15:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-b2b-hml.invistacompi.com.br
URL
https://api-b2b-hml.invistacompi.com.br/escrow-api/api/escrow/health

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| _ object| dataLayer function| gtag object| __REACT_INTL_CONTEXT__ object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| __reactRouterVersion function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| gaGlobal object| recaptcha object| closure_lm_955834

3 Cookies

Domain/Path Name / Value
.toroescrow.com.br/ Name: mp_f2aa8a8264aa2b9119128b1738deebe1_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f5820db365d2-0bf52996eeb524-26001d51-1d4c00-18f5820db365d2%22%2C%22%24device_id%22%3A%20%2218f5820db365d2-0bf52996eeb524-26001d51-1d4c00-18f5820db365d2%22%7D
.toroescrow.com.br/ Name: _ga_5LQXBGDZQ8
Value: GS1.1.1715170500.1.0.1715170500.0.0.0
.toroescrow.com.br/ Name: _ga
Value: GA1.1.187703510.1715170500

2 Console Messages

Source Level URL
Text
network error URL: https://escrow-api-hmlog.toroescrow.com.br/api/escrow/health
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api-b2b-hml.invistacompi.com.br/escrow-api/api/escrow/health
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-b2b-hml.invistacompi.com.br
escrow-api-hmlog.toroescrow.com.br
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
santander-hml.toroescrow.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
api-b2b-hml.invistacompi.com.br
2600:9000:2009:1000:c:4a9d:3140:93a1
2600:9000:24f2:1400:11:6b81:b600:93a1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::65
2607:f8b0:4004:c07::93
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1d::5f
02b69163cc5205af5018b2127971232591262da4820b7cd802dcd096439d9e6a
143803316cdcf7d2be3d462131b420d4f6b715587c9c5097100ac08896d4d44d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
2fbf29719fd1bdf51d6cce4c03ebdd655e2026448ad992a9229869baa3551b0d
32098cbff873fc4243189485177b76c376302d13ee70c9e2548f4ac4842540f9
3e1e4ac3d96f5d1585ef28f82b8d614cec2b52d886d006f97d60e30f0ec3ab72
4d5d877091ac07913ed68021b7ffdbf0043cf835e2d7ed57a25a0217901ada25
66f8b1e6389f9b2679175dbfe758d35b29e2fc0d779e64ec89327a7b7600b98c
692c49a78dd83375e3b2a36e96c5c1ee2baaf7f08d1139eb7c6d965de99176ac
7c74bbc8a35060aeccb00971d026749445642cca5cfed8d635647bdffcee3ef6
7f4c1671c0cfcb1f8b212b08706c4c086aaebb94dfd818e4ca9ed96a8fa4bbfb
7fa206aa3adf3647b4e6e8d30ba8194a540a4d6308932e5844f60cf04a74fb29
823a12f79c37d408d8cec7d5a8d388ceb6045baea47ffa7e48021f396211b9af
a5edebc972cbfac1a5301f046b65e519245f58ff3937707e751d58796cbeac8a
a679cedc230f1d256ce13e235e5d25ac3522cd2283a67d5354b592db7f502bdd
c8e7f9d4a56605cdbf06e76d550495637a5fc2aee52d2612f7889019eefc9591
d51bed8fd137a7d6eb3b49b4d415f5aeb9025638855946341805fa39e881e417
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49f3d2ab293efa4157bdaa1762bc696b78736d38620076a97d53b5153cf85e5
f22f320f10f5368ecde2ba652e168aa99988ce1044a7e71a9d7e348a124972d7