urlscan.io logo urlscan.io
SecurityTrails logo

bancopan-sso.beedoo.io Open in urlscan Pro
34.238.72.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bancopan.beedoo.io/login
Effective URL: https://bancopan-sso.beedoo.io/
Submission: On July 02 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 34.238.72.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bancopan-sso.beedoo.io.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 7th 2023. Valid for: a year.
This is the only time bancopan-sso.beedoo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.93.155.115 14618 (AMAZON-AES)
10 34.238.72.154 14618 (AMAZON-AES)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.225.78.3 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 6
1    3.93.155.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-155-115.compute-1.amazonaws.com
bancopan.beedoo.io
10    34.238.72.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-72-154.compute-1.amazonaws.com
bancopan-sso.beedoo.io
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700:10::6816:3b94 (United States)

ASN13335 (CLOUDFLARENET, US)
public-logos-prod.beedoo.io
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.225.78.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-3.fra2.r.cloudfront.net
cdn.beedoo.io
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 beedoo.io
bancopan.beedoo.io
bancopan-sso.beedoo.io
public-logos-prod.beedoo.io
cdn.beedoo.io
1 MB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406
8 KB
16 4
Domain Requested by
10 bancopan-sso.beedoo.io bancopan-sso.beedoo.io
2 cdn.beedoo.io bancopan-sso.beedoo.io
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bancopan-sso.beedoo.io
1 public-logos-prod.beedoo.io bancopan-sso.beedoo.io
1 stackpath.bootstrapcdn.com bancopan-sso.beedoo.io
1 bancopan.beedoo.io 1 redirects
16 7

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.bancopan.com.br
Subject Issuer Validity Valid
*.beedoo.io
Amazon RSA 2048 M01		 2023-09-07 -
2024-10-05		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
public-logos-prod.beedoo.io
E1		 2024-05-24 -
2024-08-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
beedoo.io
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bancopan-sso.beedoo.io/
Frame ID: D69A219B8440FC5EE15EA1C886544CE8
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PAN Beedoo

Page URL History Show full URLs

  1. https://bancopan.beedoo.io/login HTTP 307
    https://bancopan-sso.beedoo.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

100 %
HTTPS

43 %
IPv6

4
Domains

7
Subdomains

6
IPs

3
Countries

1180 kB
Transfer

1512 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bancopan.beedoo.io/login HTTP 307
    https://bancopan-sso.beedoo.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bancopan-sso.beedoo.io/
Redirect Chain
  • https://bancopan.beedoo.io/login
  • https://bancopan-sso.beedoo.io/
7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
23ecd5e9181e270f08c3d5de443d16fd8f2052172a6f16db2c0e276f51897142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: cors-anywhere.froala.com docs.google.com *.jwplayer.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://s3.amazonaws.com/beedoo-user-us/ https://s3.amazonaws.com/beedoo-scorm-repo-dev/ https://s3.amazonaws.com/beedoo-scorm-repo-test/ s3.amazonaws.com/beedoo-user-s3-tests/ www.google-analytics.com 'unsafe-inline' analytics.google.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ *.tawk.to tawk.link wss://*.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de stackpath.bootstrapcdn.com ; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to fonts.googleapis.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.googleapis.com stackpath.bootstrapcdn.com ; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to stackpath.bootstrapcdn.com ; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.beedoo.com.br s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://ambevcompliancelogoninterno22.lab.pushstart.app/ *.keepers.com.br *.tawk.to view.officeapps.live.com https://cors-anywhere.froala.com view.genial.ly *.qualida.de app.powerbi.com *.almavivadobrasil.com.br *.tinymce.com/ *.canva.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.freshchat.com freshchat.com *.beedoo.io 'unsafe-inline' s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com www.google-analytics.com/analytics.js *.jwpcdn.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly https://static.zenvia.com/embed/js/zenvia-chat.min.js https://cdn.jsdelivr.net/npm/mp4box@0.5.2/dist/mp4box.all.min.js https://content.jwplatform.com/ https://cdn.jwplayer.com/libraries/YBAPChxr.js unsafe-evalcdn.tiny.cloud/ ; report-uri ;frame-ancestors 'self' https://beedoo.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: cors-anywhere.froala.com docs.google.com *.jwplayer.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://s3.amazonaws.com/beedoo-user-us/ https://s3.amazonaws.com/beedoo-scorm-repo-dev/ https://s3.amazonaws.com/beedoo-scorm-repo-test/ s3.amazonaws.com/beedoo-user-s3-tests/ www.google-analytics.com 'unsafe-inline' analytics.google.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ *.tawk.to tawk.link wss://*.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de stackpath.bootstrapcdn.com ; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to fonts.googleapis.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.googleapis.com stackpath.bootstrapcdn.com ; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to stackpath.bootstrapcdn.com ; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.beedoo.com.br s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://ambevcompliancelogoninterno22.lab.pushstart.app/ *.keepers.com.br *.tawk.to view.officeapps.live.com https://cors-anywhere.froala.com view.genial.ly *.qualida.de app.powerbi.com *.almavivadobrasil.com.br *.tinymce.com/ *.canva.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.freshchat.com freshchat.com *.beedoo.io 'unsafe-inline' s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com www.google-analytics.com/analytics.js *.jwpcdn.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly https://static.zenvia.com/embed/js/zenvia-chat.min.js https://cdn.jsdelivr.net/npm/mp4box@0.5.2/dist/mp4box.all.min.js https://content.jwplatform.com/ https://cdn.jwplayer.com/libraries/YBAPChxr.js unsafe-evalcdn.tiny.cloud/ ; report-uri ;frame-ancestors 'self' https://beedoo.io ;
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jul 2024 21:05:27 GMT
Permissions-Policy
geolocation=(self), camera=*, fullscreen=*
Referrer-Policy
strict-origin-when-cross-origin
Report-to
{'endpoints':[{'url':}], 'group':'csp-endpoint','max_age':86400}, {'endpoints':[{'url':}], 'group': 'default-endpoint','max_age':86400}
Reporting-Endpoints
csp-endpoint=, default=
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-security-policy
upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: cors-anywhere.froala.com docs.google.com *.jwplayer.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://s3.amazonaws.com/beedoo-user-us/ https://s3.amazonaws.com/beedoo-scorm-repo-dev/ https://s3.amazonaws.com/beedoo-scorm-repo-test/ s3.amazonaws.com/beedoo-user-s3-tests/ www.google-analytics.com 'unsafe-inline' analytics.google.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ *.tawk.to tawk.link wss://*.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de cdn.jsdelivr.net/ uicdn.toast.com *.clarity.ms ; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to fonts.googleapis.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.googleapis.com ; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to ; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.beedoo.com.br s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://ambevcompliancelogoninterno22.lab.pushstart.app/ *.keepers.com.br *.tawk.to view.officeapps.live.com https://cors-anywhere.froala.com view.genial.ly *.qualida.de app.powerbi.com *.almavivadobrasil.com.br *.tinymce.com/ *.canva.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.freshchat.com freshchat.com *.beedoo.io 'unsafe-inline' s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com www.google-analytics.com/analytics.js *.jwpcdn.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly https://static.zenvia.com/embed/js/zenvia-chat.min.js https://cdn.jsdelivr.net/npm/mp4box@0.5.2/dist/mp4box.all.min.js https://content.jwplatform.com/ https://cdn.jwplayer.com/libraries/YBAPChxr.js unsafe-evalcdn.tiny.cloud/ *.clarity.ms ; report-uri ;frame-ancestors 'self' https://beedoo.io ;
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 21:05:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://bancopan-sso.beedoo.io
permissions-policy
geolocation=(self), camera=*, fullscreen=*
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{'endpoints':[{'url':}], 'group':'csp-endpoint','max_age':86400}, {'endpoints':[{'url':}], 'group': 'default-endpoint','max_age':86400}
reporting-endpoints
csp-endpoint=, default=
server
Beedoo
service-worker-allowed
/
strict-transport-security
max-age=31536000; includeSubDomains;
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
login.css
bancopan-sso.beedoo.io/css/ 		148 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan-sso.beedoo.io/css/login.css?id=aa6ac2d8e2aeae422fbb
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
ebf7816bf58a9a9ad613e59d8d39caee561f2e6df7a36300f8963b59bd385fd6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
ETag
"24e13-61c307ae37980-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24480
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Origin
https://bancopan-sso.beedoo.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 21:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
871
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
04/17/2024 23:15:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b9b1990aed7e1fdd1fdfee819ad018d7
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89d198117b24bf16-WAW
cdn-requestpullsuccess
True
53dda4d76d4d48e7566f06cece28651c.png
public-logos-prod.beedoo.io/1_801/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-logos-prod.beedoo.io/1_801/53dda4d76d4d48e7566f06cece28651c.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896e9acbff49aac58b481ab4095008ab0f25a088b8f637e566e9bc5a87c94010

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 21:05:28 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Mar 2024 18:53:01 GMT
server
cloudflare
etag
"92c71b460188cafcfea0453dc546bed6"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
89d19811e8f4bc59-ZRH
content-length
11411
ad.svg
bancopan-sso.beedoo.io/images/icons/ 		388 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/icons/ad.svg
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
9be3d62105934a73e71fdd21e3cd140037d338bc015b7f8e2ad31517fec26517

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"184-61c307ae37980"
Content-Length
388
Content-Type
image/svg+xml
google.svg
bancopan-sso.beedoo.io/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/icons/google.svg
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"51b-61c307ae37980"
Content-Length
1307
Content-Type
image/svg+xml
fb.png
bancopan-sso.beedoo.io/images/login/ 		958 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/login/fb.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
05e376ace7cbfed093e148a49f37125145936287dba199678536bf8b060226da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"3be-61c307ae37980"
Content-Length
958
Content-Type
image/png
insta.png
bancopan-sso.beedoo.io/images/login/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/login/insta.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
6848b752c7c04c1d41f7c9f40549fd335352088a7bc028e2a3c074640687b396

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"4d2-61c307ae37980"
Content-Length
1234
Content-Type
image/png
in.png
bancopan-sso.beedoo.io/images/login/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/login/in.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
5fa18db138ff82419519c43145b9be37c9329c8b7d8ab15fe066a7ab0c987f4a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"434-61c307ae37980"
Content-Length
1076
Content-Type
image/png
si.png
bancopan-sso.beedoo.io/images/login/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan-sso.beedoo.io/images/login/si.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
78f763f5926f4c0c41315e5c9ca3f5aecc4dad46ca9eccecb013dbd75d3944c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
Connection
keep-alive
Accept-Ranges
bytes
ETag
"66a-61c307ae37980"
Content-Length
1642
Content-Type
image/png
app.js
bancopan-sso.beedoo.io/js/ 		259 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancopan-sso.beedoo.io/js/app.js?id=b16c17c3b20a8f286c4c
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
0940167931a8c117cfb36744deb8efac3a14b4abd3735d2875031ed99f882331

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
ETag
"40a90-61c307ae37980-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
login.js
bancopan-sso.beedoo.io/js/ 		2 KB
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bancopan-sso.beedoo.io/js/login.js?id=3aefe2e9ebc382fbf2a4
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.238.72.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-72-154.compute-1.amazonaws.com
Software
/
Resource Hash
0d07a1fb5aa07d495a8a41f87c6e12d5f235f5b3271690c0057269ace15a3a08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 21:05:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Jul 2024 14:33:26 GMT
ETag
"70f-61c307ae37980-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
627
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/css/login.css?id=aa6ac2d8e2aeae422fbb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4272ac42cc98e1f9894baba7fcd34026329afa3c802bd9090c178345347d3b81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 21:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 20:03:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 21:05:27 GMT
f777c5dab9ae7dbe25f34c20a56ed411.png
cdn.beedoo.io/bancopan/isaac/login/ 		981 KB
982 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.beedoo.io/bancopan/isaac/login/f777c5dab9ae7dbe25f34c20a56ed411.png
Requested by
Host: bancopan-sso.beedoo.io
URL: https://bancopan-sso.beedoo.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-3.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1e868b6bd3b4db772f840759b20ce475916a5eaf0aca50091554ea83dda2966

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 21:05:29 GMT
x-amz-version-id
wSHS3R9KnpjlXZa5vXt2ESVBaBeZyWMI
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
1004191
last-modified
Thu, 28 Mar 2024 17:32:39 GMT
server
AmazonS3
etag
"4775415da9f971a02e52d96bd7b0ac0e"
vary
Origin
content-type
image/png
cache-control
max-age:86000, immutable
accept-ranges
bytes
x-amz-cf-id
gRIBB3NKg318nXrcAEY1aSoP5HFTkNMsO_V6pnOyyccywwm7dnGmUQ==
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bancopan-sso.beedoo.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 02:12:18 GMT
x-content-type-options
nosniff
age
154389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Jul 2025 02:12:18 GMT
3cc7fb6d292b66cf68b99d225d304180.png
cdn.beedoo.io/bancopan/isaac.rocha/custom/ 		20 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.beedoo.io/bancopan/isaac.rocha/custom/3cc7fb6d292b66cf68b99d225d304180.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-3.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cb4209431c0273f1767f7087e5c58e7d5d3cfb8437545895a4b00096ae90a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bancopan-sso.beedoo.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 21:05:31 GMT
x-amz-version-id
null
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
last-modified
Tue, 22 Nov 2022 14:35:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"82e72bc3857dc178311888520180cf9e"
vary
Origin
x-cache
Miss from cloudfront
content-type
application/octet-stream
cache-control
max-age:86000, immutable
accept-ranges
bytes
content-length
19981
x-amz-cf-id
xVLGVXOfBfjCGIIuPR3n4vpeqwRHg3YrZv6rRZnDaobDC7_tP6bOMg==

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunk function| _ function| Popper function| jQuery function| $ function| axios function| nextStep function| previousStep

6 Cookies

Domain/Path Name / Value
bancopan.beedoo.io/ Name: AWSALBAPP-0
Value: AAAAAAAAAACBLMv+ekG30XDXx84jGPawx6VoBTINplLbvqR4uyGWuvzE0wRrcXPRiM3HITn9yfbybBu+JvbKGpEQVUK0Bs+CK+itLBcSVCUIrWkCmzVpwc6c8u2Kv0kNoBE5W1CMwjkx9gA=
bancopan.beedoo.io/ Name: AWSALBAPP-1
Value: _remove_
bancopan.beedoo.io/ Name: AWSALBAPP-2
Value: _remove_
bancopan.beedoo.io/ Name: AWSALBAPP-3
Value: _remove_
bancopan-sso.beedoo.io/ Name: XSRF-TOKEN
Value: eyJpdiI6Ii92Ymo5ejFzYzN4ODgzMEFVbWxTbEE9PSIsInZhbHVlIjoic29YbWVzZUpneDgyanpEK2RNOUgrZythV0E2bXNoUDZTa0xFRFRQb2VxUDF1Yy82WUdZc0Y2cEJyODhkUlhDL2tySlhhNE5BaEROWVp5TmtnSFdZSUg4OGJUb0lEMnlxRVBHNzMzM0YwdzMrSkxuZ0t4WHRZbDdtcjY1azJlUG0iLCJtYWMiOiIxODlhOTI5ODgzNWFhNTJhZmM0YjYyODQ4NTEyODAzZTE0MDUwMTBmNzUzZTRkOGNlYjc0YzMxODhmYmY0YjE2IiwidGFnIjoiIn0%3D
bancopan-sso.beedoo.io/ Name: beedoo_session
Value: eyJpdiI6IkZrdExkNDgrQnA5Lzc5U2FZaUhGc0E9PSIsInZhbHVlIjoiN1VMdGkweHBiNGhFQXBMWGZmdmREL1dxODZGMHF5T0k1MlNCZWw5WXh3N1c0Yld0OUdWdVdPUGJBR25JZmRwQzlpU0xvZkNEUnZJczJGWGxiRUtlUlIvUm9MclpveVBacHlWNXdhdVlDYXdhMjI2L1RsQnd5aTJub2k1c2V5bk0iLCJtYWMiOiI4OTkwZTA4NDMzYWU0NGIxNjk1MGRiODMwOGFkNjcwZDc1ZGMyYjg3Y2E4MTMwODM5ZGVmYjg2M2IyYTRmZDk3IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: cors-anywhere.froala.com docs.google.com *.jwplayer.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://s3.amazonaws.com/beedoo-user-us/ https://s3.amazonaws.com/beedoo-scorm-repo-dev/ https://s3.amazonaws.com/beedoo-scorm-repo-test/ s3.amazonaws.com/beedoo-user-s3-tests/ www.google-analytics.com 'unsafe-inline' analytics.google.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ *.tawk.to tawk.link wss://*.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de stackpath.bootstrapcdn.com ; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to fonts.googleapis.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.googleapis.com stackpath.bootstrapcdn.com ; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com *.tawk.to stackpath.bootstrapcdn.com ; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.beedoo.com.br s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com https://ambevcompliancelogoninterno22.lab.pushstart.app/ *.keepers.com.br *.tawk.to view.officeapps.live.com https://cors-anywhere.froala.com view.genial.ly *.qualida.de app.powerbi.com *.almavivadobrasil.com.br *.tinymce.com/ *.canva.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.beedoo.io *.beedoo.io:4000 *.beedoo.io:4020 *.beedoo.io:4021 *.freshchat.com freshchat.com *.beedoo.io 'unsafe-inline' s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com www.google-analytics.com/analytics.js *.jwpcdn.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly https://static.zenvia.com/embed/js/zenvia-chat.min.js https://cdn.jsdelivr.net/npm/mp4box@0.5.2/dist/mp4box.all.min.js https://content.jwplatform.com/ https://cdn.jwplayer.com/libraries/YBAPChxr.js unsafe-evalcdn.tiny.cloud/ ; report-uri ;frame-ancestors 'self' https://beedoo.io ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff