bankofamerica.bdashops.com Open in urlscan Pro
104.18.12.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankofamerica.bdashops.com/
Submission: On June 27 via api (June 27th 2024, 1:12:44 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 105 HTTP transactions. The main IP is 104.18.12.160, located in and belongs to CLOUDFLARENET, US. The main domain is bankofamerica.bdashops.com.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.

This is the only time bankofamerica.bdashops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	104.18.12.160 104.18.12.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:cf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
105	13

17 104.18.12.160 (None, )

ASN13335 (CLOUDFLARENET, US)

bankofamerica.bdashops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:cf0 (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3409 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4125 fast.a.klaviyo.com — Cisco Umbrella Rank: 4505 static-forms.klaviyo.com — Cisco Umbrella Rank: 4222 a.klaviyo.com — Cisco Umbrella Rank: 4113	140 KB
17	bdashops.com bankofamerica.bdashops.com	136 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	130 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	167 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
105	8

	Domain	Requested by
17	bankofamerica.bdashops.com	bankofamerica.bdashops.com static.cloudflareinsights.com
8	cdn.cookielaw.org	bankofamerica.bdashops.com cdn.cookielaw.org
7	static-tracking.klaviyo.com	static.klaviyo.com
7	static.klaviyo.com	bankofamerica.bdashops.com static.klaviyo.com
4	a.klaviyo.com	static.klaviyo.com
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	ajax.googleapis.com client
2	www.googletagmanager.com	bankofamerica.bdashops.com www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static-forms.klaviyo.com	static.klaviyo.com
1	fast.a.klaviyo.com	static.klaviyo.com
1	ajax.googleapis.com	bankofamerica.bdashops.com
1	static.cloudflareinsights.com	bankofamerica.bdashops.com
105	13

This site contains links to these domains. Also see Links.

Domain
bda.bdashops.com
www.onetrust.com

Subject Issuer	Validity	Valid
bankofamerica.bdashops.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
static.klaviyo.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
fast.a.klaviyo.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
static-forms.klaviyo.com R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
a.klaviyo.com E1	`2024-05-24` - `2024-08-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bankofamerica.bdashops.com/
Frame ID: 7B6325028D00DC6FC4D73862B8319C5C
Requests: 104 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Page

Detected technologies

Magento (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<script type="text/x-magento-init">

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

105
Requests

52 %
HTTPS

67 %
IPv6

8
Domains

13
Subdomains

13
IPs

3
Countries

633 kB
Transfer

1852 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://bda.bdashops.com/privacy-policy-cookie-restriction-mode/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
bankofamerica.bdashops.com/ 118 KB
25 KB 977ms
915ms Document
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f26fd4a8190ddc978590c156aaf2f75973e6d99e9701569977f32a4981cd97c

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 89a5b08dfa446934-FRA
content-encoding: gzip
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 13:12:37 GMT
expires: Tue, 27 Jun 2023 13:12:37 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET weltpixel_custom_header_default.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomHeader/css/ 0
0

GET weltpixel_custom_footer_default.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomFooter/css/ 0
0

GET weltpixel_product_store_default.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_ProductPage/css/ 0
0

GET weltpixel_category_store_default.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CategoryPage/css/ 0
0

GET styles-m.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/ 0
0

GET form-builder.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/ 0
0

GET form-render.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/ 0
0

GET jquery.fancybox.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Groupcat/js/fancybox/ 0
0

GET magnific-popup.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Mageplaza_Core/css/ 0
0

GET twoFactor.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Webkul_TwoFactorAuth/css/ 0
0

GET owl.carousel.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_OwlCarouselSlider/css/ 0
0

GET magnific-popup.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_Quickview/css/ 0
0

GET bootstrap_grid.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET font-icons-core.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET social-icons.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET styled-icons.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET font-icons-extended.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET bootstrap_table.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET utilities.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET tabs.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET toggles-accordions.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET pricing.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET headings.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET blockquotes.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET dividers.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET clients.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET brands.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET responsive.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET pagetitle.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET columns_grids.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET alerts.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET testimonials.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET flex.slider.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/ 0
0

GET bootstrap_buttons.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET buttons.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/ 0
0

GET sections.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET parallax.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET animate-core.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET animate-extended.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET aos.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET btt_button.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/ 0
0

GET jquery.fullPage.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/ 0
0

GET custom.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/ 0
0

GET styles-l.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/ 0
0

GET navigation_desktop.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/ 0
0

GET
H3 404 require.js
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/requirejs/ 0
0 695ms
690ms Script
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/requirejs/require.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8826934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 disabled.js
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_QuickCheckout/js/ 0
0 673ms
668ms Script
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_QuickCheckout/js/disabled.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8846934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 mixins.js
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/mage/requirejs/ 0
0 665ms
660ms Script
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/mage/requirejs/mixins.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8856934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 200 requirejs-config.js Show response
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/ 75 KB
11 KB 701ms
697ms Script
application/javascript 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/requirejs-config.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

560a552de7faf10ba5cb6141d3d486cafdb25e646f2b7625ea9e38e66da9ee26

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 27 Jun 2024 10:35:36 GMT
server: cloudflare
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
etag: W/"667d4078-12c5a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-cache-status: MISS
cf-ray: 89a5b093c8866934-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 27 Jun 2025 13:12:38 GMT

GET
H3 404 opensans-300.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/light/ 0
0 693ms
689ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/light/opensans-300.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8876934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 opensans-400.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/regular/ 0
0 695ms
691ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/regular/opensans-400.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c88c6934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 opensans-600.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/semibold/ 0
0 703ms
699ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/semibold/opensans-600.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c88f6934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 opensans-700.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/bold/ 0
0 690ms
686ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/bold/opensans-700.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8906934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 Luma-Icons.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/ 0
0 671ms
667ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/Luma-Icons.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8916934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 Simple-Line-Icons.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/ 0
0 652ms
649ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/Simple-Line-Icons.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8936934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 lined-icons.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/ 0
0 695ms
692ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/lined-icons.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8946934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H3 404 font-icons.woff2
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/ 0
0 698ms
695ms Font
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/font-icons.woff2

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b093c8976934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:38 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 43ms
23ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ceCldLDyZN6bSQL6yyKLMg==
age: 69789
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 26 Jun 2024 02:35:07 GMT
server: cloudflare
etag: 0x8DC958897BC2143
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9433140d-401e-0088-31e3-c72b53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b093e8f83685-FRA

GET navigation_mobile.css
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/ 0
0

GET
H3 404 logo.svg
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/images/ 0
1 KB 589ms
585ms Image
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/images/logo.svg

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b0983d336934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:39 GMT

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 4 KB
2 KB 324ms
282ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

876fd3df0b5822564eac22f15649affb319ba733558fd4818de7104131c892ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
age: 0
x-cache: MISS, MISS
content-length: 1057
x-served-by: cache-lga21937-LGA, cache-fra-eddf8230071-FRA
server: nginx
x-timer: S1719493958.479790,VS0,VE276
etag: "a9a5ca4307405def92bce9b42b7340ff"
allow: GET, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
content-type: application/javascript
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 0, 0

GET
H3 200 20330_brandshop_new_header_1_v3.jpg
bankofamerica.bdashops.com/media/weltpixel/owlcarouselslider/images/2/0/ 95 KB
97 KB 839ms
839ms Image
image/jpeg 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankofamerica.bdashops.com/media/weltpixel/owlcarouselslider/images/2/0/20330_brandshop_new_header_1_v3.jpg

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4bc643b0d192cdbb7e96fa2f52a9d3a8d96b776d0a4429f9c339a5d3c248632

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 97624
last-modified: Thu, 14 Mar 2024 15:39:43 GMT
server: cloudflare
etag: "65f31a3f-17d58"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89a5b094b94c6934-FRA
expires: Fri, 27 Jun 2025 13:12:38 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 111ms
65ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89a5b0988c191e64-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
73 KB 156ms
71ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBFHCDV

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dac51a678d9dbdcddd689b4b39f24c6ab4fd94a4e5e3b4b58fc62e4015294304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74593
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 13:12:38 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 22:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 22:13:05 GMT

GET
H2 200 0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4.json Show response
cdn.cookielaw.org/consent/0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4/ 4 KB
2 KB 148ms
102ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4/0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865ea84f404078b0fbda994f0820cbc24c2b15352b66f1559914b94d0c72b93d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: gNF5QGui4GXdg8tuT7LkCg==
content-length: 1801
x-ms-lease-status: unlocked
last-modified: Sun, 31 Jul 2022 22:59:34 GMT
server: cloudflare
etag: 0x8DA734855D1E857
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ac01ffda-001e-0048-0c93-c8a117000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b0988c1218e3-FRA
expires: Fri, 28 Jun 2024 13:12:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 145ms
55ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700,400,600&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 13:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 13:12:38 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.38.0/ 369 KB
88 KB 25ms
24ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jz950M8ZW7RakPP2zlLHZQ==
age: 64188
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 89624
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:17 GMT
server: cloudflare
etag: 0x8DA6AE29E465D1D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3fb1c7f5-001e-0086-25a8-21f53a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b0993fc03685-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4/4b9d9b0b-72ba-446b-a4f6-895488358d03/ 38 KB
10 KB 89ms
89ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0fb8f109-7dd4-41ae-a0ba-6578bcf4b5f4/4b9d9b0b-72ba-446b-a4f6-895488358d03/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9826bd71d237cacdac9e0ecf5fb63101fd0a53c36543270c0bf63f28c9b245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: KBiBWwB1UaO/It1va40yVw==
content-length: 10487
x-ms-lease-status: unlocked
last-modified: Sun, 31 Jul 2022 22:59:48 GMT
server: cloudflare
etag: 0x8DA73485E68F96D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 725d1f0c-901e-0009-0503-c48904000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b0997d7e18e3-FRA
expires: Fri, 28 Jun 2024 13:12:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J6841CXW17&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBFHCDV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1207d7071648437231503e32b918f5c38d54493b70ec0e00d4c1ddf41d2b85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 13:12:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 178ms
86ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700,400,600&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:04:02 GMT
x-content-type-options: nosniff
age: 14916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 09:04:02 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700,400,600&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:47:38 GMT
x-content-type-options: nosniff
age: 167100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:47:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 142ms
50ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700,400,600&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:43:04 GMT
x-content-type-options: nosniff
age: 167374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:43:04 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 13 KB
3 KB 95ms
94ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: l8TaFfqEBdbGRIscoE5PLQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:09 GMT
server: cloudflare
etag: 0x8DA6AE29925C8FF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f256912a-d01e-0068-2493-c8cddb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b09a2e6d18e3-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/ 62 KB
13 KB 91ms
91ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: JtD7zjxzBe/apQLaCwCdaw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13258
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:11 GMT
server: cloudflare
etag: 0x8DA6AE29A87E4A6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 749beaf1-e01e-006b-1593-c8cedc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89a5b09a2e7318e3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 22 KB
4 KB 124ms
123ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: TLLtdkuMahUQRVIfmZNHNw==
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9c028dad-a01e-0001-2693-c89277000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89a5b09a2e7818e3-FRA

GET
H2 200 fender_analytics.f692ee00c71150d7db91.js Show response
static-tracking.klaviyo.com/onsite/js/ 31 KB
13 KB 61ms
15ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: 41Y2RTP149KA3F25
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12748
x-amz-id-2: mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by: cache-lga21947-LGA, cache-fra-eddf8230036-FRA
last-modified: Thu, 11 Apr 2024 15:48:20 GMT
server: AmazonS3
etag: "cb6418619f08d5e582cf68f2d2432438"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f762585ddd3a013913c4e420e75aa2819d1084f2
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 10, 11037

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
2 KB 59ms
13ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2L_.X11dgB5ItJdIxOLpsdUl7RuAaHwi
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: F82JVRQFRQE0D0ND
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 1029
x-amz-id-2: XmO+iStmg5njyuMH7vXkQdM03SQBJDOIcVKuFvHQmczFeeUes7JtthO+XbG+RcAUTnJlfLyP1tUWCT8PTcmHv+9kgXg+SY0S
x-served-by: cache-lga21976-LGA, cache-fra-eddf8230036-FRA
last-modified: Wed, 27 Mar 2024 10:30:34 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 2825b63e6933b08d1be25eea4d99ad73625b8faa
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3169, 11443

GET
H2 200 runtime.7ce48e908084f43d99b0.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 27ms
11ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61ae0e4ba820262a80246f9ead819b1c5c983342deb1c55d706f11eb2f3a2ad1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6P2JzT8reh0biWOnDcosJ3mhneZZW1kb
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: CG8WKFYPEY4QB0VZ
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7697
x-amz-id-2: dY6kR6CxtZOa1wEujzoWTMvoVIfDywgpWWMupvYBmKZ8eYZw/bCxWJiMqE/1/o4oRUvx5prsJS8=
x-served-by: cache-lga21927-LGA, cache-fra-eddf8230063-FRA
last-modified: Wed, 26 Jun 2024 17:19:10 GMT
server: AmazonS3
etag: "2dfff42fc961b3d77507bca6b8edae2a"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 79601d822af05c9271558a256a81b569f18be1f9
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 44, 12400

GET
H2 200 sharedUtils.58c71a5d906c1c27c8e6.js Show response
static.klaviyo.com/onsite/js/ 48 KB
18 KB 29ms
14ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.58c71a5d906c1c27c8e6.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ITWaxvCLmiXAceusM0.5yRJFy.eMUuuz
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: FY7ATG7XXCNQ66H2
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 17916
x-amz-id-2: dnsW8FA9YHOznUgcBOOipeCChPutGh4+MstMRwg50IZcDj4sMsAEPm03Ts6wH4QAP830M5Y+miU=
x-served-by: cache-lga21941-LGA, cache-fra-eddf8230063-FRA
last-modified: Thu, 27 Jun 2024 09:36:48 GMT
server: AmazonS3
etag: "6cc01be3baf017cfa85878bcac0f9e8f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 912e2bb7dd18552828727b3c1954397389e047e7
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 104, 13156

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js Show response
static.klaviyo.com/onsite/js/ 12 KB
5 KB 22ms
7ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering.c14341885543cb645efc.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Ez16MoxhPquxXdlhYF9sWgpH9m1QDXhm
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: RC12JSQ3R2B07EYD
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
x-amz-id-2: p7UZsp5JEN6wbLK2qdMQiZclhFKdFs4cb20pOOn9PVKbj9SooS36vR7ofoo/uX+CX/Nk+9WS8KGYF+3M3QRlD7eNxjq71Z+e
x-served-by: cache-lga21980-LGA, cache-fra-eddf8230063-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "9ffe3c33ee0912112ebffc1673dcb79e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 11, 8764

GET
H2 200 vendors~signup_forms.02363fe5acd5fa75cb6b.js Show response
static.klaviyo.com/onsite/js/ 21 KB
7 KB 30ms
15ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mekwof6XjI4q2BHYhTSsMqFmFe4SDBfo
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: RC1EAVJFCYCYTEDW
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6996
x-amz-id-2: hXz2idQOMfvufPQKWZX9zk3PUt+OZnC/NjRGF7CqBFcdHgDlBey9v48kAMOPi/ieP96Pmm9RUjHnRiSsZxSO8IqTE5wpOq6A
x-served-by: cache-lga21949-LGA, cache-fra-eddf8230063-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "61ccc2011600d4f458768ffe94ddb555"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 26, 8740

GET
H2 200 default~signup_forms~onsite-triggering.cfe3998831b94919fcd8.js Show response
static.klaviyo.com/onsite/js/ 31 KB
10 KB 23ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.cfe3998831b94919fcd8.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04eaf342c366606b19b6a2d681f5f21e53c9a2858185e267ef9d26bd4490d8ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LM0DNPT0qtPKCYeRJKsHpCC4QK5UPrbM
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: HXN1PBKQCVXHEHQA
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9896
x-amz-id-2: ODicLiCipauMfBHE992fjnb58KpNn5fxGJDnOBoegekNGdWgydIZj1wFUpem7nAI0+6l/xH6qCw=
x-served-by: cache-lga21940-LGA, cache-fra-eddf8230063-FRA
last-modified: Wed, 05 Jun 2024 19:18:21 GMT
server: AmazonS3
etag: "db7285838341ff5d932196dc894a976f"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 6d2c9609ade8bfe64e4360726c2e262343b69184
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 13, 8306

GET
H2 200 signup_forms.9c18555be2cd33caf67f.js Show response
static.klaviyo.com/onsite/js/ 14 KB
5 KB 27ms
13ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.9c18555be2cd33caf67f.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SZejeR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1393617e3d2cbc147ee96d7e24584d1bbbaf8e725efc24f5d4baff2f49a66e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vDNxki8J_msaj4sjAwEUWV6GgeD_5DcC
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: RC16TR0CB0VH7V3H
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5123
x-amz-id-2: o58FaZuCED0ZS/Jn3TUAC1V/pRDQubh25RCDUZz5uey41yzq63DiKxe+xMsvU4lLFKY+QTu9QcQ=
x-served-by: cache-lga21968-LGA, cache-fra-eddf8230063-FRA
last-modified: Mon, 24 Jun 2024 13:00:51 GMT
server: AmazonS3
etag: "fba4022605341df51434375c80f636b9"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 1ba971f639266cabe55904cbeae0edad9add3ed4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 22, 8787

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 2 KB
964 B 401ms
366ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=SZejeR

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e42bb819aa7269db9b8ad1d9bee5e4445c9f1a9a28e817eaa9ba3a1c852246f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:39 GMT
strict-transport-security: max-age=900
age: 0
x-cache: MISS, MISS
content-length: 358
x-served-by: cache-bos4685-BOS, cache-fra-eddf8230023-FRA
server: nginx
allow: GET, HEAD, OPTIONS
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-language: en-us
cache-control: max-age=10
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 0, 0

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/SZejeR/ 13 KB
3 KB 44ms
10ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/SZejeR/full-forms
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11eb25dae008f6289fa7fbf2f1c30c5fd364139bb32f4a18cd251f88ec5f9b29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: C916qErXqHC4uDjNGoMmxctVwv07kpRP
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: QV4JSE5D9V3DBJ4D
age: 1923415
x-amz-server-side-encryption: AES256
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/SZejeR custom-fonts/SZejeR
content-length: 2360
x-amz-id-2: AC597Ub/V1JhqAn0dzM3HNbI74Apj+FkyHnvh8mISQUX3akiNUelw14X/Fp8AnmD9qFzHBFDWe8=
x-served-by: cache-fra-eddf8230046-FRA
client-geo-country: DE
last-modified: Mon, 03 Jun 2024 18:06:18 GMT
server: AmazonS3
x-timer: S1719493959.846074,VS0,VE1
etag: "f05857c0b33e031af40c8007b6f6b01e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 51ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J6841CXW17&gtm=45je46q0v882530135z8866134648za200zb866134648&_p=1719493958431&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1037467762.1719493959&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719493958&sct=1&seg=0&dl=https%3A%2F%2Fbankofamerica.bdashops.com%2F&dt=Home%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2098&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J6841CXW17&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 13:12:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bankofamerica.bdashops.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 30ms
30ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jun 2024 13:12:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 77878
x-ms-lease-status: unlocked
last-modified: Tue, 25 Jun 2024 02:35:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: aca2f1b4-d01e-008d-0a1a-c7df2c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89a5b09b3a4e3685-FRA

GET
H2 200 vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
8 KB 6ms
6ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Bs17k9OjMwf3BB.93Nk56AGQ.4a4ZNdL
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: VBPJY8WF5QG3W1X9
age: 12251
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8356
x-amz-id-2: /8TckarTAjTH+zTo05EZ2i5fByctf9WdCEjS8mnspYPevkKAZVXCr0PEKB4L7iYCyz5oXkOzMu24XcAXy+ZAt50/o3z3+yMA
x-served-by: cache-lga21934-LGA, cache-fra-eddf8230036-FRA
last-modified: Mon, 01 Apr 2024 18:44:39 GMT
server: AmazonS3
etag: "2f5438508c293a1ad8e8f5b6a6cbd520"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: b192f6f4e541671d3524661dfb849f1973088be3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 0, 1748

GET
H2 200 ClientStore.6a44fb7b8738a625d0dd.js Show response
static-tracking.klaviyo.com/onsite/js/ 64 KB
18 KB 9ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/ClientStore.6a44fb7b8738a625d0dd.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2ec96393e460590b4347e4fef216e5b2581e1db9a8f69722cbfc968dd26ef0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KpWfRPgJRylExt6u8os6.XLRtDcAQOsH
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: SY79ZYHTPG19Q1D0
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 18213
x-amz-id-2: WacCd/D1rkhdX3EdmbRoQAEvHiaXr7GKno04fdxi6X75jXlb/0d8ADcnx6KpmQEj42AzXYMaSLk=
x-served-by: cache-lga21973-LGA, cache-fra-eddf8230036-FRA
last-modified: Thu, 20 Jun 2024 19:01:55 GMT
server: AmazonS3
etag: "c370a0982ca7acb059e62e95163879d3"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 97026b1f7c32e737ff5d972d2365025508027e31
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3, 1803

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ 0
0 211ms
149ms Preflight
text/html 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=SZejeR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bankofamerica.bdashops.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 89a5b09be8521947-FRA
content-encoding: gzip
content-language: en-us
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 13:12:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

OPTIONS
H2 200 track-analytics
a.klaviyo.com/onsite/ 0
0 201ms
141ms Preflight
text/html 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=SZejeR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bankofamerica.bdashops.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 89a5b09be8551947-FRA
content-encoding: gzip
content-language: en-us
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 13:12:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

GET 532.fd12aea0b682fdb6c73a.css
static-tracking.klaviyo.com/onsite/js/ 0
0

GET
H2 200 styles.ccf9eb43fb94f6b4efde.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
4 KB 8ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: u4YOvN.DBhziRupMNLHlSlohoVjRmp1y
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: 5KXPPMNQYY777BDZ
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4092
x-amz-id-2: EUGXw0DAGX4+matKgg00bRmlgecQHpespuTEOtX5yANRJd4bfAOs8gTtHzn5D1M+K5fFfjb9Wlc=
x-served-by: cache-lga21972-LGA, cache-fra-eddf8230036-FRA
last-modified: Wed, 03 Apr 2024 02:24:08 GMT
server: AmazonS3
etag: "c6c30853a63ebd4a4189fa8dcd359f29"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a2a09d2f114724cda111ccd8470493362b1982e3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 39, 1790

GET
H2 200 vendors~Render.73a25566a8d0e857f80f.js Show response
static-tracking.klaviyo.com/onsite/js/ 12 KB
5 KB 11ms
11ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/vendors~Render.73a25566a8d0e857f80f.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc7addbd19fe5d5f444e00d2e27641962190abd5cb5d358e020010c3ddce3b90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: BGmyNp5O2DoUJvoiviChcHi96o8sxZkM
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: 6BFSRHNKXQYCE1V7
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4236
x-amz-id-2: JxjbSSdTneOyO6KbufE36JUCHlEV6HS0VH4VepAzBpnb7lYt+nMGscd6a2tq1YVAFIJ9LU6fEEE=
x-served-by: cache-lga21966-LGA, cache-fra-eddf8230036-FRA
last-modified: Wed, 22 May 2024 18:52:04 GMT
server: AmazonS3
etag: "2c8e39a88c04abd31899f30154ba9374"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: f0d00264916f82b3f67af2b22deeea1c6e9bda2d
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 16, 1788

GET
H2 200 Render.811b3473b2834070bb4e.js Show response
static-tracking.klaviyo.com/onsite/js/ 122 KB
31 KB 9ms
9ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/Render.811b3473b2834070bb4e.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7bfa8ea0699556e994a524e682387a033d9175f6c2ae84f1f5f83431ea94f53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Origin: https://bankofamerica.bdashops.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Lbxip2exTykYuNMLfXslnqCM6L.8pjmE
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Thu, 27 Jun 2024 13:12:38 GMT
x-amz-request-id: MM3GWY86MQGK9CRN
age: 12251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 31472
x-amz-id-2: Izyphprogc02Xw+G4WK9qMRQzQ78UGZxOgPxvWeOZlYqB2FHAOC/xlc9+DqaeUnj0dibn4x/RhI=
x-served-by: cache-lga21932-LGA, cache-fra-eddf8230036-FRA
last-modified: Thu, 20 Jun 2024 21:07:17 GMT
server: AmazonS3
etag: "3f9bfa1022c021cd297bbf39f54c4e8e"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: 5a920cb569e831a88083d535d975a11ad98edda8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 3, 1792

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
113 B 181ms
181ms XHR
application/json 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=SZejeR

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
accept: application/json
Referer: https://bankofamerica.bdashops.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 89a5b09cd96c1947-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 track-analytics Show response
a.klaviyo.com/onsite/ 50 B
363 B 164ms
164ms XHR
application/json 2606:4700::6812:cf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/onsite/track-analytics?company_id=SZejeR

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.02363fe5acd5fa75cb6b.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cf0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
accept: application/json
Referer: https://bankofamerica.bdashops.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-length: 50
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en-us
access-control-allow-origin: *
access-control-allow-methods: POST
content-type: application/json
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 89a5b09cc95f1947-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H3 204 rum Show response
bankofamerica.bdashops.com/cdn-cgi/ 0
148 B 19ms
19ms XHR
text/plain 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 27 Jun 2024 13:12:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bankofamerica.bdashops.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89a5b09c08816934-FRA

GET
H3 404 favicon.ico
bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_Enterprise/ 0
1 KB 603ms
602ms Other
text/html 104.18.12.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_Enterprise/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.12.160 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 13:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: child-src ; connect-src 'self' *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com; default-src 'self'; font-src 'self' *.cloudfront.net *.googleapis.com *.gstatic.com *.klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' *.adobe.com *.bdashops.com *.google.com *.incontact.com *.labs.wesupply.xyz *.onetrust.com *.pingone.com *.smartsheet.com service.force.com; img-src 'self' *.googletagmanager.com *.gstatic.com cdn.cookielaw.org *.lightning.force.com *.salesforce.com *.force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bdashops.com *.demdex.net *.fullstory.com *.google.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.klaviyo.com *.maxmind.com *.pcapredict.com *.postcodeanywhere.co.uk *.punchout2go.com *.salesforceliveagent.com *.salesforce.com *.salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com *.force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' *.bdashops.com *.googleapis.com *.gstatic.com *.postcodeanywhere.co.uk *.punchout2go.com https://use.typekit.net *.salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' *.onetrust.com *.pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
cf-cache-status: MISS
server: cloudflare
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89a5b09c088a6934-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 17:12:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 29 KB
1 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,400;0,500&family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Roboto:ital,wght@0,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d1a32e8c534047007e5bf0a75189435caf905a620ae0d5a3384c6ce0b03551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bankofamerica.bdashops.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 13:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 13:12:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 13:12:39 GMT

GET 532.fd12aea0b682fdb6c73a.css
static-tracking.klaviyo.com/onsite/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomHeader/css/weltpixel_custom_header_default.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomFooter/css/weltpixel_custom_footer_default.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_ProductPage/css/weltpixel_product_store_default.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CategoryPage/css/weltpixel_category_store_default.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/styles-m.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/form-builder.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/form-render.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Groupcat/js/fancybox/jquery.fancybox.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Mageplaza_Core/css/magnific-popup.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Webkul_TwoFactorAuth/css/twoFactor.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_OwlCarouselSlider/css/owl.carousel.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_Quickview/css/magnific-popup.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_grid.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/font-icons-core.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/social-icons.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/styled-icons.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/font-icons-extended.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_table.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/utilities.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/tabs.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/toggles-accordions.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/pricing.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/headings.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/blockquotes.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/dividers.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/clients.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/brands.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/responsive.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/pagetitle.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/columns_grids.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/alerts.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/testimonials.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/flex.slider.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_buttons.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/buttons.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/sections.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/parallax.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/animate-core.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/animate-extended.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/aos.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/btt_button.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/jquery.fullPage.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/custom.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/styles-l.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/navigation_desktop.css

Domain: bankofamerica.bdashops.com
URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/navigation_mobile.css

Domain: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css

Domain: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css

Domain: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css

Domain: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bankofamerica.bdashops.com/	1970-01-20 21:38:17	Name: X-Magento-Vary Value: d84b9fa04995e27aadfb30d7c082ef1b3e71648e57384d062d9cd8ac961ed42f
.bdashops.com/	1970-01-21 07:14:13	Name: _ga_J6841CXW17 Value: GS1.1.1719493958.1.0.1719493958.0.0.0
.bdashops.com/	1970-01-21 07:14:13	Name: _ga Value: GA1.1.1037467762.1719493959
bankofamerica.bdashops.com/	1970-01-21 07:14:13	Name: __kla_id Value: eyJjaWQiOiJZakF6T0dZMk56UXRPV0k0T1MwMFptRmxMV0V6T0RndFl6ZzVNRFZpTVRFMlpXUm0iLCIkcmVmZXJyZXIiOnsidHMiOjE3MTk0OTM5NTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYmFua29mYW1lcmljYS5iZGFzaG9wcy5jb20vIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNzE5NDkzOTU5LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL2JhbmtvZmFtZXJpY2EuYmRhc2hvcHMuY29tLyJ9fQ==

74 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/font-icons-extended.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_ProductPage/css/weltpixel_product_store_default.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_grid.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Mageplaza_Core/css/magnific-popup.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_Quickview/css/magnific-popup.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomFooter/css/weltpixel_custom_footer_default.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/font-icons-core.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/form-builder.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Customform/css/form-render.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/testimonials.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/styles-m.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/blockquotes.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/aos.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/clients.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/utilities.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CategoryPage/css/weltpixel_category_store_default.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Amasty_Groupcat/js/fancybox/jquery.fancybox.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Webkul_TwoFactorAuth/css/twoFactor.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/responsive.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/sections.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/Simple-Line-Icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/tabs.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/flex.slider.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/styled-icons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/pricing.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/columns_grids.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_buttons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/parallax.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/custom.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/mage/requirejs/mixins.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/social-icons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_FullPageScroll/css/jquery.fullPage.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/btt_button.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/css/styles-l.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/Luma-Icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_QuickCheckout/js/disabled.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/buttons.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_CustomHeader/css/weltpixel_custom_header_default.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_OwlCarouselSlider/css/owl.carousel.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/bootstrap_table.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/toggles-accordions.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/headings.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/dividers.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/brands.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/imports/shortcodes/alerts.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/navigation_desktop.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/bold/opensans-700.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/light/opensans-300.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/animate-core.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/requirejs/require.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to execute script from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/requirejs/require.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/regular/opensans-400.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/lined-icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/font-icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/pagetitle.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/semibold/opensans-600.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/css/animate-extended.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to execute script from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_QuickCheckout/js/disabled.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to execute script from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/mage/requirejs/mixins.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1 Message: Refused to load the stylesheet 'https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/images/logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bankofamerica.bdashops.com/ Message: Refused to apply style from 'https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_NavigationLinks/css/navigation_mobile.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1 Message: Refused to load the stylesheet 'https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1 Message: Refused to load the stylesheet 'https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
network	error	URL: https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/Magento_Enterprise/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://static.klaviyo.com/onsite/js/runtime.7ce48e908084f43d99b0.js?cb=1 Message: Refused to load the stylesheet 'https://static-tracking.klaviyo.com/onsite/js/532.fd12aea0b682fdb6c73a.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/bold/opensans-700.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/font-icons.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/Simple-Line-Icons.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/semibold/opensans-600.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/Luma-Icons.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/light/opensans-300.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/WeltPixel_DesignElements/fonts/lined-icons.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://bankofamerica.bdashops.com/ Message: The resource https://bankofamerica.bdashops.com/static/version1719391619/frontend/Pearl/bdabrandshop/en_US/fonts/opensans/regular/opensans-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src ; connect-src 'self' .bdashops.com .fullstory.com .google-analytics.com .klaviyo.com .onetrust.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com .postcodeanywhere.co.uk .salesforce-sites.com; default-src 'self'; font-src 'self' .cloudfront.net .googleapis.com .gstatic.com .klaviyo.com c1.sfdcstatic.com data:; frame-src 'self' .adobe.com .bdashops.com .google.com .incontact.com .labs.wesupply.xyz .onetrust.com .pingone.com .smartsheet.com service.force.com; img-src 'self' .googletagmanager.com .gstatic.com cdn.cookielaw.org .lightning.force.com .salesforce.com .force.com data:; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .bdashops.com .demdex.net .fullstory.com .google.com .googleapis.com .googletagmanager.com .gstatic.com .klaviyo.com .maxmind.com .pcapredict.com .postcodeanywhere.co.uk .punchout2go.com .salesforceliveagent.com .salesforce.com .salesforce-sites.com cdn.cookielaw.org js-agent.newrelic.com .force.com static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' .bdashops.com .googleapis.com .gstatic.com .postcodeanywhere.co.uk .punchout2go.com https://use.typekit.net .salesforce-sites.com service.force.com; base-uri 'self'; form-action 'self' 'unsafe-inline' .onetrust.com .pingone.com *.tradecentric.com auth.bankofamericastore.com bankofamericastore.com www.bankofamericastore.com; worker-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ajax.googleapis.com
bankofamerica.bdashops.com
cdn.cookielaw.org
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.cloudflareinsights.com
static.klaviyo.com
www.googletagmanager.com
bankofamerica.bdashops.com
static-tracking.klaviyo.com
104.18.12.160
151.101.130.133
151.101.194.133
151.101.66.133
2001:4860:4802:34::36
2606:4700::6810:4f49
2606:4700::6812:cf0
2606:4700::6813:b134
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2008
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
04eaf342c366606b19b6a2d681f5f21e53c9a2858185e267ef9d26bd4490d8ff
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11eb25dae008f6289fa7fbf2f1c30c5fd364139bb32f4a18cd251f88ec5f9b29
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
2222a907ad2fb7ba41f4a997ef171321add118fc95f14be074debc3290e1ac59
3d1a32e8c534047007e5bf0a75189435caf905a620ae0d5a3384c6ce0b03551a
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
43f84fc07ca84521ccdd33195be1d62cbe8b43720aecc3e26d859b15061c3b30
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
560a552de7faf10ba5cb6141d3d486cafdb25e646f2b7625ea9e38e66da9ee26
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
61ae0e4ba820262a80246f9ead819b1c5c983342deb1c55d706f11eb2f3a2ad1
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
865ea84f404078b0fbda994f0820cbc24c2b15352b66f1559914b94d0c72b93d
876fd3df0b5822564eac22f15649affb319ba733558fd4818de7104131c892ce
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8f26fd4a8190ddc978590c156aaf2f75973e6d99e9701569977f32a4981cd97c
a2ec96393e460590b4347e4fef216e5b2581e1db9a8f69722cbfc968dd26ef0b
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
c0a9caf662f6ac36c25690c76124101ec7ee0d8937734ddf35ffa89dfb7120ad
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c1207d7071648437231503e32b918f5c38d54493b70ec0e00d4c1ddf41d2b85e
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
d4bc643b0d192cdbb7e96fa2f52a9d3a8d96b776d0a4429f9c339a5d3c248632
dac51a678d9dbdcddd689b4b39f24c6ab4fd94a4e5e3b4b58fc62e4015294304
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc7addbd19fe5d5f444e00d2e27641962190abd5cb5d358e020010c3ddce3b90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42bb819aa7269db9b8ad1d9bee5e4445c9f1a9a28e817eaa9ba3a1c852246f8
e7bfa8ea0699556e994a524e682387a033d9175f6c2ae84f1f5f83431ea94f53
ed9826bd71d237cacdac9e0ecf5fb63101fd0a53c36543270c0bf63f28c9b245
f1393617e3d2cbc147ee96d7e24584d1bbbaf8e725efc24f5d4baff2f49a66e2

bankofamerica.bdashops.com Open in urlscan Pro 104.18.12.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

52 %HTTPS

67 %IPv6

8 Domains

13 Subdomains

13 IPs

3 Countries

633 kBTransfer

1852 kBSize

4 Cookies

2 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bankofamerica.bdashops.com Open in urlscan Pro
104.18.12.160 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

52 %
HTTPS

67 %
IPv6

8
Domains

13
Subdomains

13
IPs

3
Countries

633 kB
Transfer

1852 kB
Size

4
Cookies

105 HTTP transactions
1 data transactions