urlscan.io logo urlscan.io
SecurityTrails logo

bancopan.beedoo.io Open in urlscan Pro
54.91.139.192  Public Scan

Go To Rescan Add Verdict Report
URL: https://bancopan.beedoo.io/login
Submission: On April 27 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 54.91.139.192, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bancopan.beedoo.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 19th 2023. Valid for: a year.
This is the only time bancopan.beedoo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 54.91.139.192 14618 (AMAZON-AES)
1 13.225.78.24 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.216.27.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
26 6
20    54.91.139.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-139-192.compute-1.amazonaws.com
bancopan.beedoo.io
1    13.225.78.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-24.fra2.r.cloudfront.net
cdn.beedoo.io
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.216.27.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
21 beedoo.io
bancopan.beedoo.io
cdn.beedoo.io
834 KB
2 amazonaws.com
s3.amazonaws.com
3 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
347 B
26 4
Domain Requested by
20 bancopan.beedoo.io bancopan.beedoo.io
2 s3.amazonaws.com bancopan.beedoo.io
2 www.google-analytics.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.beedoo.io bancopan.beedoo.io
26 5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.bancopan.com.br
Subject Issuer Validity Valid
beedoo.io
Amazon RSA 2048 M02		 2023-01-19 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-20		 8 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bancopan.beedoo.io/login
Frame ID: 121725AFC3F48363FEADE3BED96031ED
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PAN Beedoo

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

26
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

4083 kB
Transfer

6250 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bancopan.beedoo.io/ 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
08f73c2fe769c85a5bb4d7c6bdca943983cd83c7be3bdffd90b06ff1815fb246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
897
content-security-policy-report-only
default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: 0.0.0.0:8080 0.0.0.0:4020 cors-anywhere.froala.com docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com localhost:8080 www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io:* wss://events1.beedoo.io/ wss://events2.beedoo.io/ wss://*.execute-api.us-east-1.amazonaws.com/* beedoo-user-us.s3.amazonaws.com s3.amazonaws.com/beedoo-user-s3-tests/ beedoo.qualida.de www.google-analytics.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com s3.amazonaws.com/beedoo-user-us/ s3.amazonaws.com/beedoo-scorm-repo-dev *.amazonaws.com/beedoo-scorm-repo-dev/scormZip s3.amazonaws.com/beedoo-dev/ 0.0.0.0:* ws: firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel www.googleapis.com *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ bam-cell.nr-data.net jwpltx.com *.serasa.intranet:9090/ *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/css/ *.tawk.to; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.tawk.to; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ s3.amazonaws.com/beedoo-scorm-repo-dev/ *.beedoo.io *.keepers.com.br *.tawk.to view.officeapps.live.com *.qualida.de; img-src 'self' *.tinymce.com/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' 0.0.0.0:* *.localhost:* *.freshchat.com freshchat.com s3aws.beedoo.io 'unsafe-inline' https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/js/ https://cdn-hml.beedoo.io/beedoo-assets/hmlVersion/assets/ https://cdn.beedoo.io/beedoo-admin/cdn/js/ www.google-analytics.com/analytics.js ssl.p.jwpcdn.com beedoo-user-us.s3.amazonaws.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.lycdn.tiny.cloud/ ; report-uri ;
content-type
text/html; charset=UTF-8
date
Thu, 27 Apr 2023 19:10:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=(self), camera=*, fullscreen=*
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{'endpoints':[{'url':}],'group':'csp-endpoint','max_age':86400}, {'endpoints':[{'url':}],'group': 'default-endpoint','max_age':86400}
reporting-endpoints
csp-endpoint=, default=
server
Apache/2.4.55 (Ubuntu)
service-worker-allowed
/ /
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bluebird.min.js
bancopan.beedoo.io/assets/js/bluebird/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/js/bluebird/bluebird.min.js
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
118c50a19dc198ab86bb33a8e5c577ff22d2d98cb1b18d6485257dccfcf6f88a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 16:53:31 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"13e75-5f0454698592e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
23382
service-worker-allowed
/
bootstrap.css
bancopan.beedoo.io/assets/css/ 		145 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/bootstrap.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
2cf2856314538e87eda657ff70cd08de3b410c35565ca43bcaddcbeefd7e680e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"24230-5f04483cf2a5f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
21623
service-worker-allowed
/
font-awesome.css
bancopan.beedoo.io/assets/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/font-awesome.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
a2aac3f4f4bcf33628abe7a6c39f4c23ee75664d0d9e3f8e9c4b16f748201232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"92a9-5f04483cf2a5f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
7476
service-worker-allowed
/
bootstrap-theme.css
bancopan.beedoo.io/assets/css/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/bootstrap-theme.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
44dc789575526b87474bedce869d9385de5e267a5ab4a883f2d36888a0b04a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"65a4-5f04483cf2a5f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
2914
service-worker-allowed
/
notification_local.css
bancopan.beedoo.io/assets/notification-local/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/notification-local/css/notification_local.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
969aea49f4d190ad0247d7af5b6815054212af97d871bd88178ce8a8f3bc999a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 16:53:31 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"63e-5f0454699244e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
559
service-worker-allowed
/
main.css
bancopan.beedoo.io/assets/css/ 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
0a56129d10209f50a1ce4a5dd898df3b0edd1bf4dfcad061de4f7e98b64a79cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Wed, 05 Apr 2023 12:46:44 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"1943e-5f8962f3198ce-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
18412
service-worker-allowed
/
media.css
bancopan.beedoo.io/assets/css/ 		2 KB
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/media.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
b126c4413b644fc6541d52576cd6d6ed113aad06cbdd11cd06d87a5f7079570f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"61c-5f04483cf39ff-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
371
service-worker-allowed
/
login_index.css
bancopan.beedoo.io/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/login_index.css?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
63a7c8d99bcf66f9f95b5540d6ec621026111301319c27820869150be4664a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"13e0-5f04483cf2a5f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
1259
service-worker-allowed
/
login_index.js
cdn.beedoo.io/beedoo-admin/cdn/js/vA8-4-55/assets/vue/ 		2 MB
604 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.beedoo.io/beedoo-admin/cdn/js/vA8-4-55/assets/vue/login_index.js?v=Clank%20vA8.4.55
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42dd65b78e967e283ab5f1f42acee19a585c0701d24142d62f2a5d9887a20608

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 18:12:38 GMT
x-amz-version-id
null
content-encoding
br
last-modified
Thu, 27 Apr 2023 17:53:24 GMT
server
AmazonS3
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"80fc5166bd6c8c453be1240dd35ec639"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
3496
cache-control
max-age:86000, immutable
x-amz-cf-id
ZPbIMGuaz1vJK5I0EUDRAQxXQk3rhNkq2q_UARKbc01TtUsY10v_CQ==
spacing.css
bancopan.beedoo.io/assets/css/utilities/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/css/utilities/spacing.css
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
92d0ca00648e8dbfd4cca6287b1eaca8335485336be22b62ff9f86de2072b77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 16:53:31 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"e3a-5f0454694bf4f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=172800, proxy-revalidate
accept-ranges
bytes
content-length
562
service-worker-allowed
/
get
bancopan.beedoo.io/ws/custom/ 		4 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/ws/custom/get
Requested by
Host:
URL: webpack-internal:///36281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
6db1625ab2147daddb4af98e1ed0a3509e48f05b65be653c28929f2d4ce2acd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bancopan.beedoo.io/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: 0.0.0.0:8080 0.0.0.0:4020 cors-anywhere.froala.com docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com localhost:8080 www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io:* wss://events1.beedoo.io/ wss://events2.beedoo.io/ wss://*.execute-api.us-east-1.amazonaws.com/* beedoo-user-us.s3.amazonaws.com s3.amazonaws.com/beedoo-user-s3-tests/ beedoo.qualida.de www.google-analytics.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com s3.amazonaws.com/beedoo-user-us/ s3.amazonaws.com/beedoo-scorm-repo-dev *.amazonaws.com/beedoo-scorm-repo-dev/scormZip s3.amazonaws.com/beedoo-dev/ 0.0.0.0:* ws: firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel www.googleapis.com *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ bam-cell.nr-data.net jwpltx.com *.serasa.intranet:9090/ *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/css/ *.tawk.to; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.tawk.to; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ s3.amazonaws.com/beedoo-scorm-repo-dev/ *.beedoo.io *.keepers.com.br *.tawk.to view.officeapps.live.com *.qualida.de; img-src 'self' *.tinymce.com/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' 0.0.0.0:* *.localhost:* *.freshchat.com freshchat.com s3aws.beedoo.io 'unsafe-inline' https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/js/ https://cdn-hml.beedoo.io/beedoo-assets/hmlVersion/assets/ https://cdn.beedoo.io/beedoo-admin/cdn/js/ www.google-analytics.com/analytics.js ssl.p.jwpcdn.com beedoo-user-us.s3.amazonaws.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.lycdn.tiny.cloud/ ; report-uri ;
x-xss-protection
1; mode=block
reporting-endpoints
csp-endpoint=, default=
service-worker-allowed
/, /
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.55 (Ubuntu)
x-frame-options
SAMEORIGIN
report-to
{'endpoints':[{'url':}],'group':'csp-endpoint','max_age':86400}, {'endpoints':[{'url':}],'group': 'default-endpoint','max_age':86400}
content-type
application/json; charset=UTF-8
vary
User-Agent
cache-control
no-store, no-cache, must-revalidate
permissions-policy
geolocation=(self), camera=*, fullscreen=*
expires
Thu, 19 Nov 1981 08:52:00 GMT
getSocialMediaItems
bancopan.beedoo.io/ws/custom/ 		709 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/ws/custom/getSocialMediaItems
Requested by
Host:
URL: webpack-internal:///36281
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
d670391145d9a2617cce035e2635c9ac565bfd76f3dab2b4d1afffc50e729148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bancopan.beedoo.io/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: 0.0.0.0:8080 0.0.0.0:4020 cors-anywhere.froala.com docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com localhost:8080 www.youtube.com/ *.ytimg.com *.vimeo.com/ i.vimeocdn.com *.beedoo.io:* wss://events1.beedoo.io/ wss://events2.beedoo.io/ wss://*.execute-api.us-east-1.amazonaws.com/* beedoo-user-us.s3.amazonaws.com s3.amazonaws.com/beedoo-user-s3-tests/ beedoo.qualida.de www.google-analytics.com 'unsafe-inline' stats.g.doubleclick.net 'unsafe-inline' *.freshchat.com freshchat.com s3.amazonaws.com/beedoo-user-us/ s3.amazonaws.com/beedoo-scorm-repo-dev *.amazonaws.com/beedoo-scorm-repo-dev/scormZip s3.amazonaws.com/beedoo-dev/ 0.0.0.0:* ws: firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel www.googleapis.com *.googleapis.com www.google-analytics.com securetoken.googleapis.com/ bam-cell.nr-data.net jwpltx.com *.serasa.intranet:9090/ *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.ly *.keepers.com.br *.qualida.de; style-src-elem 'self' 'unsafe-inline' *.serasa.intranet:9090/ https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/css/ *.tawk.to; font-src 'self' ssl.p.jwpcdn.com use.typekit.net data: fonts.gstatic.com *.tawk.to; frame-src 'self' docs.google.com *.jwpcdn.com *.jwplatform.com *.jwpltx.com *.freshchat.com youtube.com/ *.vimeo.com/ www.youtube.com/ s3.amazonaws.com/beedoo-scorm-repo-dev/ *.beedoo.io *.keepers.com.br *.tawk.to view.officeapps.live.com *.qualida.de; img-src 'self' *.tinymce.com/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' 0.0.0.0:* *.localhost:* *.freshchat.com freshchat.com s3aws.beedoo.io 'unsafe-inline' https://s3.amazonaws.com/beedoo-user-us/beedoo-admin/cdn/js/ https://cdn-hml.beedoo.io/beedoo-assets/hmlVersion/assets/ https://cdn.beedoo.io/beedoo-admin/cdn/js/ www.google-analytics.com/analytics.js ssl.p.jwpcdn.com beedoo-user-us.s3.amazonaws.com jwpltx.com 'unsafe-eval' js-agent.newrelic.com bam-cell.nr-data.net blob:* *.keepers.com.br *.tawk.to *.pusher.com cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js view.officeapps.live.com view.genial.lycdn.tiny.cloud/ ; report-uri ;
x-xss-protection
1; mode=block
reporting-endpoints
csp-endpoint=, default=
service-worker-allowed
/, /
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.55 (Ubuntu)
x-frame-options
SAMEORIGIN
report-to
{'endpoints':[{'url':}],'group':'csp-endpoint','max_age':86400}, {'endpoints':[{'url':}],'group': 'default-endpoint','max_age':86400}
content-type
application/json; charset=UTF-8
vary
User-Agent
cache-control
no-store, no-cache, must-revalidate
permissions-policy
geolocation=(self), camera=*, fullscreen=*
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: webpack-internal:///36281
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 27 Apr 2023 18:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2109
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 27 Apr 2023 20:35:44 GMT
cf358deae02a69eb8e3f991629e75eac.png
s3.amazonaws.com/beedoo-user-us/bancopan/isaac.rocha/custom/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/beedoo-user-us/bancopan/isaac.rocha/custom/cf358deae02a69eb8e3f991629e75eac.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.27.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d8cb4209431c0273f1767f7087e5c58e7d5d3cfb8437545895a4b00096ae90a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 19:10:55 GMT
x-amz-version-id
null
Last-Modified
Fri, 18 Nov 2022 15:22:09 GMT
Server
AmazonS3
x-amz-request-id
HG2FX7V7EW35DQVG
ETag
"82e72bc3857dc178311888520180cf9e"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
19981
x-amz-id-2
KkMYKCGcvx+PIO83dRjeeUDGgD0ZKO/1Hml7ppV9hHSN/lF8bqg+csP1rdt3uDTU3gWR/RlcLKA=
truncated
/ 		50 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ecf1845d6043bc76dc36391de5357cac96c3078d92109e7aa63656737f2ae6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		49 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f6e6d896f4a67d78a91f7fabb651ebb422cc7ce25d3f2c1e3af9f3acc2b96b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
84de7a30536ee037f16651d32378cbf8.png
s3.amazonaws.com/beedoo-user-us/bancopan/isaac.rocha/login/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/beedoo-user-us/bancopan/isaac.rocha/login/84de7a30536ee037f16651d32378cbf8.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.27.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
31d7fe437432bf6c051be9cced66aa0ecfc1e42302a2ebdbfd36b3035b49cdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 27 Apr 2023 19:10:55 GMT
x-amz-version-id
null
Last-Modified
Fri, 18 Nov 2022 14:39:37 GMT
Server
AmazonS3
x-amz-request-id
HG25Z8M7FT8V18PH
ETag
"6367894c3fe37518d9a5f878595f482d"
Content-Type
image/png
x-amz-storage-class
INTELLIGENT_TIERING
Accept-Ranges
bytes
Content-Length
3284837
x-amz-id-2
ZwVUQpSc6u12WVhXf9d2ihQzZTFu70b+YMoAoB0kg9OW/ivImPXumfJYHna+rIBMeB0ubdnLJIg=
Ubuntu-Bold.woff2
bancopan.beedoo.io/assets/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/fonts/Ubuntu-Bold.woff2
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
d97e9a2eb40e6d806394ec585aef14afa25cfe9682ef0f6b71fb2c89b7135d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Origin
https://bancopan.beedoo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"7580-5f04483d0051f"
vary
User-Agent
content-type
font/woff2
access-control-allow-origin
https://bancopan.beedoo.io
accept-ranges
bytes
content-length
30080
service-worker-allowed
/
Ubuntu.woff2
bancopan.beedoo.io/assets/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/fonts/Ubuntu.woff2
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
3eb8406d8994a895d6ec42ad9c5545648511dbada27af43db99834ee4674b54a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Origin
https://bancopan.beedoo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"89a0-5f04483d033ff"
vary
User-Agent
content-type
font/woff2
access-control-allow-origin
https://bancopan.beedoo.io
accept-ranges
bytes
content-length
35232
service-worker-allowed
/
Ubuntu-Medium.woff2
bancopan.beedoo.io/assets/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/fonts/Ubuntu-Medium.woff2
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
a97d6d81c8a8fb82d3a965b89a6e027bf2906875eaae8c5279ca854722cb9d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Origin
https://bancopan.beedoo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"78b4-5f04483d0245f"
vary
User-Agent
content-type
font/woff2
access-control-allow-origin
https://bancopan.beedoo.io
accept-ranges
bytes
content-length
30900
service-worker-allowed
/
Ubuntu-BoldItalic.woff2
bancopan.beedoo.io/assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bancopan.beedoo.io/assets/fonts/Ubuntu-BoldItalic.woff2
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
0bb80ffe22f1b1596b8457638adb0c6984682aae555ed0e347697cdc4b323185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://bancopan.beedoo.io/assets/css/main.css?v=Clank%20vA8.4.55
Origin
https://bancopan.beedoo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"7a48-5f04483d014bf"
vary
User-Agent
content-type
font/woff2
access-control-allow-origin
https://bancopan.beedoo.io
accept-ranges
bytes
content-length
31304
service-worker-allowed
/
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1354259653&t=pageview&_s=1&dl=https%3A%2F%2Fbancopan.beedoo.io%2Flogin&ul=en-us&de=UTF-8&dt=PAN%20Beedoo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=585824614&gjid=1615154467&cid=2089385091.1682622654&tid=UA-90046022-1&_gid=1324578296.1682622654&_r=1&_slc=1&z=1779466025
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bancopan.beedoo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 Apr 2023 19:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bancopan.beedoo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-90046022-1&cid=2089385091.1682622654&jid=585824614&gjid=1615154467&_gid=1324578296.1682622654&_u=IEBAAEAAAAAAACAAI~&z=956173556
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bancopan.beedoo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 27 Apr 2023 19:10:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bancopan.beedoo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.png
bancopan.beedoo.io/assets/img/login/ 		958 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan.beedoo.io/assets/img/login/fb.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
05e376ace7cbfed093e148a49f37125145936287dba199678536bf8b060226da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"3be-5f04483d1d9de"
vary
User-Agent
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
958
service-worker-allowed
/
insta.png
bancopan.beedoo.io/assets/img/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan.beedoo.io/assets/img/login/insta.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
6848b752c7c04c1d41f7c9f40549fd335352088a7bc028e2a3c074640687b396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"4d2-5f04483d1d9de"
vary
User-Agent
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1234
service-worker-allowed
/
in.png
bancopan.beedoo.io/assets/img/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan.beedoo.io/assets/img/login/in.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
5fa18db138ff82419519c43145b9be37c9329c8b7d8ab15fe066a7ab0c987f4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 15:59:03 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"434-5f04483d1d9de"
vary
User-Agent
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1076
service-worker-allowed
/
si.png
bancopan.beedoo.io/assets/img/login/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancopan.beedoo.io/assets/img/login/si.png
Requested by
Host: bancopan.beedoo.io
URL: https://bancopan.beedoo.io/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.139.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-139-192.compute-1.amazonaws.com
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
78f763f5926f4c0c41315e5c9ca3f5aecc4dad46ca9eccecb013dbd75d3944c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancopan.beedoo.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 19:10:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 20 Dec 2022 16:53:31 GMT
server
Apache/2.4.55 (Ubuntu)
etag
"66a-5f0454697bcee"
vary
User-Agent
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1642
service-worker-allowed
/

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| P object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
bancopan.beedoo.io/ Name: AWSALBAPP-1
Value: _remove_
bancopan.beedoo.io/ Name: AWSALBAPP-2
Value: _remove_
bancopan.beedoo.io/ Name: AWSALBAPP-3
Value: _remove_
.beedoo.io/ Name: _ga
Value: GA1.2.2089385091.1682622654
.beedoo.io/ Name: _gid
Value: GA1.2.1324578296.1682622654
.beedoo.io/ Name: _gat
Value: 1
.bancopan.beedoo.io/ Name: ci_session
Value: jj60caaeq11279j7ml6c0olp23hng224
bancopan.beedoo.io/ Name: AWSALBAPP-0
Value: AAAAAAAAAABwwZZf8HNvcatQBJI++7NFiWF/loNrNs6vxlheBhPUrBvaQS3O8AHWZAckcwOrrR4/KKk0puokMW5NIy2fTM72K97EIka/L3yssCyvWeUovHzm5Av8lAPKVGe+WAEjb9QNvFw=

2 Console Messages

Source Level URL
Text
security error URL: https://bancopan.beedoo.io/login
Message:
[Report Only] Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAATCAYAAACgADyUAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAWdEVYdENyZWF0aW9uIFRpbWUAMDIvMDgvMTksMVdDAAAFDXByVld4nO2Z3W6jRhTHYS55CkRvWqk2YCfeNYq9qhKtepPVqhtpq955DcmixIAwK3vzJnmWSu39Ki/RJ9g3aMrHADOGgZmBiSuFAzaBgfnP75wzwHG+/fvXdymQgqenp8fHx4eHh+9//q2prr3QPp5eGpfBufPZ/fU+dD7cv7ta39+u57b2Zqmc7a39Jtg40Urdb+68rbVfaCvb/+RY8d/JYV1T01Oi24X2S9Kg/n75Xj33Q0c9HU9Ha8M01dlsbJ6czmbmz+rEMCe6Ea+zkXlinc6sySsVmrZU4...AgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgIAo8P3hwYWNrZXQgZW5kPSJ3Ij8+NzKjkAAAAMdJREFUOI2lksERgjAQRR+Md+0AO5AOtAQuexY7sARLoAM9s5fYgXYgHWAHdoAHw0wGE8D4Z3LIzn+zP7tJuq4jRmkUBSyGBVUtgArIbOkJHEXEuL7EjaqqJXAONDmIyCUU9TSSrnIvQzAjrKWq5iFwSm0IvI5AdxF5hcASaDxQAxRuIfF9ADvddR/PneYXaM25PQZ4WE9uu7WA6feZ1HW9Am7Axvsyf+xdymc/cyGs16TA/geo1zb6k/8F+vY2pca7x7kdo/QGAC85AkT8SdYAAAAASUVORK5CYII=' because it violates the following Content Security Policy directive: "img-src 'self' *.tinymce.com/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com/".
security error URL: https://bancopan.beedoo.io/login
Message:
[Report Only] Refused to load the image 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAATCAYAAACgADyUAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAWdEVYdENyZWF0aW9uIFRpbWUAMDIvMDgvMTksMVdDAAAEbnByVld4nO1avYoWMRRNAiLYCmJpI1jY2Fv5BIL4AFbLIsiilWAlVr7BtpaLhU+g1stXCzaiYiMKKog/CI53/m8yublJ5s6MsMl+Z2d/5puTc05yk5nd47/Pv6gDdVBV1W63Ozw8rCpVFSyOo6Ojs4CrgPuAl4CfgIrAV8BTwF3AZcCZlfp4DfAE8BbwBfAn0MffgI+AN4DHgIsL9+004HzH9cPTn8+AV4DXgG+e39f9vN3lcEqt3IDzA+AZ4FGtYW1+5OMlwIOt+HucRH7w/R7gez0e1+ZH8+AT4...AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAKPD94cGFja2V0IGVuZD0idyI/Pljbr2wAAACqSURBVDiN7ZOxDcIwEEWfEX3YgBHCBjBCmuszgjeI2CCscV4iIyQbwAZ4gtA40slYArmgwtJJ39//WbZ1duu6UjN2VRSwt5MQwgHwqZpkR2AERhF5voEJmoA227wBBqADTqWj9gaKwC1VTF4bQvAlsLNaRLyIeOBSyljwvAkRmYyegUee+fZV77nhVHW79GD8a5brgaNZm52qVnVAdQP8wQ/gUsEt7ucf+QUHCisquGPUnAAAAABJRU5ErkJggg==' because it violates the following Content Security Policy directive: "img-src 'self' *.tinymce.com/ s3.amazonaws.com/ beedoo-user-us.s3.amazonaws.com/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bancopan.beedoo.io
cdn.beedoo.io
s3.amazonaws.com
stats.g.doubleclick.net
www.google-analytics.com
13.225.78.24
2a00:1450:4001:811::200e
2a00:1450:400c:c00::9d
52.216.27.94
54.91.139.192
05e376ace7cbfed093e148a49f37125145936287dba199678536bf8b060226da
08f73c2fe769c85a5bb4d7c6bdca943983cd83c7be3bdffd90b06ff1815fb246
0a56129d10209f50a1ce4a5dd898df3b0edd1bf4dfcad061de4f7e98b64a79cc
0bb80ffe22f1b1596b8457638adb0c6984682aae555ed0e347697cdc4b323185
118c50a19dc198ab86bb33a8e5c577ff22d2d98cb1b18d6485257dccfcf6f88a
2cf2856314538e87eda657ff70cd08de3b410c35565ca43bcaddcbeefd7e680e
2ecf1845d6043bc76dc36391de5357cac96c3078d92109e7aa63656737f2ae6b
31d7fe437432bf6c051be9cced66aa0ecfc1e42302a2ebdbfd36b3035b49cdba
3eb8406d8994a895d6ec42ad9c5545648511dbada27af43db99834ee4674b54a
3f6e6d896f4a67d78a91f7fabb651ebb422cc7ce25d3f2c1e3af9f3acc2b96b1
42dd65b78e967e283ab5f1f42acee19a585c0701d24142d62f2a5d9887a20608
44dc789575526b87474bedce869d9385de5e267a5ab4a883f2d36888a0b04a66
5fa18db138ff82419519c43145b9be37c9329c8b7d8ab15fe066a7ab0c987f4a
63a7c8d99bcf66f9f95b5540d6ec621026111301319c27820869150be4664a37
6848b752c7c04c1d41f7c9f40549fd335352088a7bc028e2a3c074640687b396
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db1625ab2147daddb4af98e1ed0a3509e48f05b65be653c28929f2d4ce2acd0
78f763f5926f4c0c41315e5c9ca3f5aecc4dad46ca9eccecb013dbd75d3944c4
92d0ca00648e8dbfd4cca6287b1eaca8335485336be22b62ff9f86de2072b77d
969aea49f4d190ad0247d7af5b6815054212af97d871bd88178ce8a8f3bc999a
a2aac3f4f4bcf33628abe7a6c39f4c23ee75664d0d9e3f8e9c4b16f748201232
a97d6d81c8a8fb82d3a965b89a6e027bf2906875eaae8c5279ca854722cb9d2d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b126c4413b644fc6541d52576cd6d6ed113aad06cbdd11cd06d87a5f7079570f
d670391145d9a2617cce035e2635c9ac565bfd76f3dab2b4d1afffc50e729148
d8cb4209431c0273f1767f7087e5c58e7d5d3cfb8437545895a4b00096ae90a8
d97e9a2eb40e6d806394ec585aef14afa25cfe9682ef0f6b71fb2c89b7135d7a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44