sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com Open in urlscan Pro
54.224.34.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
Effective URL:
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
Submission: On August 01 via manual (August 1st 2024, 5:32:11 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 54.224.34.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 2nd 2024. Valid for: a year.

This is the only time sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	54.224.34.30 54.224.34.30	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	52.217.194.249 52.217.194.249	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
11	5

7 54.224.34.30 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-34-30.compute-1.amazonaws.com

sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.194.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	herokuapp.com 1 redirects sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com	351 KB
2	amazonaws.com bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com	98 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
11	5

	Domain	Requested by
7	sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com	1 redirects sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
2	bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com	sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
0	www.googletagmanager.com Failed	sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
11	5

This site contains no links.

Subject Issuer	Validity	Valid
*.herokuapp.com Amazon RSA 2048 M03	`2024-03-02` - `2025-03-30`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
Frame ID: DAA5D2882BFEF27FC9F7363A6503A694
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco Estado

Page URL History Show full URLs

http://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/ HTTP 307
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/ HTTP 302
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in Page URL

Detected technologies

Heroku (PaaS) Expand

Overall confidence: 100%
Detected patterns

\.herokuapp\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

496 kB
Transfer

489 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/ HTTP 307
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/ HTTP 302
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sign_in Show response
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/
Redirect Chain

http://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in

3 KB
5 KB

146ms
146ms

Document
text/html

54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

7d64199d9190f5ca1536a05a393293153bd24ed1016274f0cd4bddd095fbd747

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' .googletagmanager.com .google-analytics.com .gstatic.com .googleapis.com .google.com .hotjar.com *.cookiebot.com 'nonce-KRukjzH/1WrtEhn32rSeBA=='
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Security-Policy: connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.gstatic.com *.googleapis.com *.google.com *.hotjar.com *.cookiebot.com 'nonce-KRukjzH/1WrtEhn32rSeBA=='
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Aug 2024 17:32:05 GMT
Etag: W/"7d64199d9190f5ca1536a05a39329315"
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Link: </assets/application-3009a1b0e5b84ba0b39e78cf07ffb3ba50f1426a526a14149bb2242ac7a2a92f.css>; rel=preload; as=style; nopush,</vite/assets/application-Sa_1ex_s.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,</vite/assets/application-B2NhuJcj.css>; rel=preload; as=style; nopush
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533525&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uJQ6AyfEBWDLaPzRXelq4JI8JSlXJT5N2kE9mXrpF2c%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533525&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uJQ6AyfEBWDLaPzRXelq4JI8JSlXJT5N2kE9mXrpF2c%3D
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 454b1fa9-710b-40ba-95dd-c9ae6eb0e51b
X-Runtime: 0.009518
X-Xss-Protection: 0

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Security-Policy: connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.gstatic.com *.googleapis.com *.google.com *.hotjar.com *.cookiebot.com 'nonce-IVIhI4XfJf9ZJ+KuaFAMUw=='
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Aug 2024 17:32:05 GMT
Feature-Policy: camera 'none'; gyroscope 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533525&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uJQ6AyfEBWDLaPzRXelq4JI8JSlXJT5N2kE9mXrpF2c%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533525&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=uJQ6AyfEBWDLaPzRXelq4JI8JSlXJT5N2kE9mXrpF2c%3D
Server: Cowboy
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Request-Id: 7b31904e-ecbf-4ab2-81a7-3010ebd1f35b
X-Runtime: 0.040663

GET
H/1.1 200
OK application-3009a1b0e5b84ba0b39e78cf07ffb3ba50f1426a526a14149bb2242ac7a2a92f.css
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/assets/ 772 B
1 KB 153ms
152ms Stylesheet
text/css 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/assets/application-3009a1b0e5b84ba0b39e78cf07ffb3ba50f1426a526a14149bb2242ac7a2a92f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

812111bfc906b26b48538e42362c521c24744ed4e4470c075a8993c0b30e5407

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:06 GMT
Content-Encoding: gzip
Via: 1.1 vegur
Strict-Transport-Security: max-age=63072000; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Thu, 02 May 2024 16:54:20 GMT
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D"}]}
Content-Type: text/css
Connection: keep-alive
Content-Length: 439
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D

GET
H/1.1 200
OK application-Sa_1ex_s.js Show response
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/ 194 KB
194 KB 127ms
126ms Script
application/javascript 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/application-Sa_1ex_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

59298007487d9aada283909d1d6ce7b5833a3a7dbe90a103a306426b565b9402

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer
Origin: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 30 Jul 2024 20:28:04 GMT
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D"}]}
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 198185
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D

GET
H/1.1 200
OK application-B2NhuJcj.css
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/ 11 KB
12 KB 318ms
186ms Stylesheet
text/css 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/application-B2NhuJcj.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a5b6c92dd6d4651239c736f49a2fae2622b7f93f0d1d733c76849871eef6f88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:06 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 30 Jul 2024 20:28:04 GMT
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D"}]}
Content-Type: text/css
Connection: keep-alive
Content-Length: 11166
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D

GET
H/1.1 200
OK vue.esm-bundler-DmrEM8Li.js Show response
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/ 134 KB
134 KB 446ms
164ms Script
application/javascript 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/vue.esm-bundler-DmrEM8Li.js

Requested by

Host: sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
URL: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

9e17a1918a7303d5648de6c53c100524c71389aa72ef38d76f96a6448b1e60ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
Origin: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 vegur
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server: Cowboy
Last-Modified: Tue, 30 Jul 2024 20:28:04 GMT
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D"}]}
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 136935
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533526&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=to0118Vec8ybX4ReQiGYoyaWQKaYPImhRci0OEPUE64%3D

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 208ms
77ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap

Requested by

Host: sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
URL: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Aug 2024 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 15:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Aug 2024 17:32:06 GMT

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H/1.1 200
OK 9c5c6cebf305a754d3963063db79af4d.png
bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com/ 71 KB
71 KB 572ms
243ms Image
image/png 52.217.194.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com/9c5c6cebf305a754d3963063db79af4d.png
Requested by: Host: sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
URL: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.194.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 69791031db3eb922a8878dc7e79af9d61a6701df7bc960f8cebdde9a232e1f55

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:08 GMT
x-amz-version-id: U9dSk1Ab_YAm.0fyt6i6DmeulXPD2F6N
Last-Modified: Tue, 04 Jun 2024 16:01:26 GMT
Server: AmazonS3
x-amz-request-id: F3WF6KDPYBY6RGAD
ETag: "071a11fb1691192f211ba8c46817c903"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Content-Disposition: inline; filename="Logo BE CorSeg %28H%29 %281%29.png"; filename*=UTF-8''Logo%20BE%20CorSeg%20%28H%29%20%281%29.png
Accept-Ranges: bytes
Content-Length: 72585
x-amz-id-2: Ycd17KGp3IPaRr5sgNy0ZzxPMTH+bm1e2RPvxaftFYAWQmb4CpvV2j/JjVjmZrfrjeOcj7RSdJA=

POST
H/1.1 204
No Content events Show response
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/api/internal/ 0
2 KB 207ms
205ms XHR
text/plain 54.224.34.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/api/internal/events

Requested by

Host: sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
URL: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/vite/assets/application-Sa_1ex_s.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.34.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-34-30.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' .googletagmanager.com .google-analytics.com .gstatic.com .googleapis.com .google.com .hotjar.com *.cookiebot.com 'nonce-DXRbr1GuQWaF70NCiUvW4A=='
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/users/sign_in
X-CSRF-Token: gPUW-x0TEjRZSjtggH4a0FLxX51ctcTVTD4PNChj5EdQLy8fVSa2bClgubAM3nW9937azZHex3nKSby_yCPOJw
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 01 Aug 2024 17:32:06 GMT
Content-Security-Policy: connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' *.googletagmanager.com *.google-analytics.com *.gstatic.com *.googleapis.com *.google.com *.hotjar.com *.cookiebot.com 'nonce-DXRbr1GuQWaF70NCiUvW4A=='
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1722533527&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3RaO89eKq24bKGoV6u5iiKuqf5S6JzIb6WZ2Saj%2Fv8Q%3D
X-Request-Id: 4a4194c9-dd85-4665-b67a-e11aaf67354c
X-Runtime: 0.056673
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Download-Options: noopen
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722533527&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=3RaO89eKq24bKGoV6u5iiKuqf5S6JzIb6WZ2Saj%2Fv8Q%3D"}]}
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Page, X-PageTotal
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
Permissions-Policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
Vary: Origin

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 220ms
55ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:17:13 GMT
x-content-type-options: nosniff
age: 173694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 17:17:13 GMT

GET
H/1.1 200
OK e987f49464b12b7e1f9a497caddefcb3.jpg
bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com/ 26 KB
27 KB 161ms
161ms Other
image/jpeg 52.217.194.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com/e987f49464b12b7e1f9a497caddefcb3.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.194.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 829add21fdd36d9eec2fe5f020afde13e745c81860f4b694132816a2e0c6e077

Request headers

Referer: https://sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 17:32:08 GMT
x-amz-version-id: CvaxtyW3_AN6KR8Qyj.kQfmaQRFhLXA_
Last-Modified: Wed, 22 Nov 2023 13:34:18 GMT
Server: AmazonS3
x-amz-request-id: F3W2CHF85TQWS6T8
ETag: "c3e2e4f0c5ac73d813988fefbb517696"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Content-Disposition: inline; filename="Logo Banco Estado.jpg"; filename*=UTF-8''Logo%20Banco%20Estado.jpg
Accept-Ranges: bytes
Content-Length: 26918
x-amz-id-2: ZLxB4ZUH4iqhUryrrbOo2XrHr8QmxwKA4P6xdQxsYU6X0IABrTKhJjTn+IjIrpEru++93//SXjg=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/	1970-01-21 08:04:53	Name: anonymous_id Value: 56454ee0-14e9-4535-a5f2-0df3f5ed9339
			sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com/	1969-12-31 23:59:59	Name: _mok_sponsor_apps_session Value: Rw0b8k6eTDFWgOQyE4L%2BNyqYcA0Mp93dgFACZPCT3UH7lwWkFc5wPruUB%2BGX7reiAc3RAeEIIf%2FUb3%2BDQPxNX%2B1iLih1K8h98oTVhFQ6NJiqH22wnC0b%2FjkQSCfOmyt6bEhHReEWA9n53wktZFcZwr5g89V2Zk%2FFfxJPLHFJ2SyKxGRJ5r2WTuRJw7alDCrw9RaekADgPX3Hghjf3N7UqDYrbb7bDZD4cIJlgDE2vxyqzgpGF2eP%2F3DSn1qHDuRx1Qgx5s%2FC%2B404nSitfU0QSjJPaVDNvSduDQEHefwIk%2B%2B67LjQdDgpJ9GO3VZhsEMaaubdbejtYxLM3SvnNDroziwrfwi29y9kxwBXkUQlqpktAS%2B1tm1uLbu%2Fhj4IDc205axeiMQRida5uuqL8xiPqpyhLybq69RnxF%2BI0iS%2FuBOSHLaEz341N2cN4CeaTuxs3sgDCsjyFuTDgAky5VbjFvFlV3bLWcGADmzidFQhKYSd--82cDodEgBnX881EA--5NOZqT5FQzUA06Sq%2B09syQ%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone. Values defined in Permissions-Policy header will be used.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https: https://www.google-analytics.com; script-src 'self' https: 'unsafe-eval' .googletagmanager.com .google-analytics.com .gstatic.com .googleapis.com .google.com .hotjar.com *.cookiebot.com 'nonce-KRukjzH/1WrtEhn32rSeBA=='
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bucketeer-2c744d0c-4aba-445c-b7e2-9f6a585f1d9c.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com
www.googletagmanager.com
www.googletagmanager.com
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
52.217.194.249
54.224.34.30
59298007487d9aada283909d1d6ce7b5833a3a7dbe90a103a306426b565b9402
69791031db3eb922a8878dc7e79af9d61a6701df7bc960f8cebdde9a232e1f55
7d64199d9190f5ca1536a05a393293153bd24ed1016274f0cd4bddd095fbd747
812111bfc906b26b48538e42362c521c24744ed4e4470c075a8993c0b30e5407
829add21fdd36d9eec2fe5f020afde13e745c81860f4b694132816a2e0c6e077
8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e
9e17a1918a7303d5648de6c53c100524c71389aa72ef38d76f96a6448b1e60ca
a5b6c92dd6d4651239c736f49a2fae2622b7f93f0d1d733c76849871eef6f88d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com Open in urlscan Pro 54.224.34.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

496 kBTransfer

489 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

sso-banco-estado-cl-production-52b3e1f34a31.herokuapp.com Open in urlscan Pro
54.224.34.30 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

496 kB
Transfer

489 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions