secureonline20200403-bankofamerica-com-l87180201.ournits.com Open in urlscan Pro
148.251.213.220 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201
Effective URL:
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
Submission: On April 03 via manual (April 3rd 2020, 6:58:04 pm UTC) from US

Summary HTTP 41 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 41 HTTP transactions. The main IP is 148.251.213.220, located in Germany and belongs to HETZNER-AS, DE. The main domain is secureonline20200403-bankofamerica-com-l87180201.ournits.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.

This is the only time secureonline20200403-bankofamerica-com-l87180201.ournits.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	195.56.165.14 195.56.165.14	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
12	148.251.213.220 148.251.213.220	24940 (HETZNER-AS) (HETZNER-AS)
28	192.229.233.230 192.229.233.230	15133 (EDGECAST) (EDGECAST)
41	4

2 195.56.165.14 (Hungary) 1 redirects

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)

bbknet.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 148.251.213.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s6.hostssdserver.com

secureonline20200403-bankofamerica-com-l87180201.ournits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 192.229.233.230 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

www1.bac-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bac-assets.com www1.bac-assets.com	136 KB
12	ournits.com secureonline20200403-bankofamerica-com-l87180201.ournits.com	119 KB
2	bbknet.hu 1 redirects bbknet.hu	1 KB
41	3

	Domain	Requested by
28	www1.bac-assets.com	secureonline20200403-bankofamerica-com-l87180201.ournits.com
12	secureonline20200403-bankofamerica-com-l87180201.ournits.com	bbknet.hu secureonline20200403-bankofamerica-com-l87180201.ournits.com
2	bbknet.hu	1 redirects
41	3

This site contains links to these domains. Also see Links.

Domain
staticweb.bankofamerica.com
www.bankofamerica.com
secure.bankofamerica.com
promo.bankofamerica.com
itunes.apple.com
play.google.com
realestatecenter.bankofamerica.com
homeloanhelp.bankofamerica.com
www.ml.com
www.merrilledge.com
www.privatebank.bankofamerica.com
bettermoneyhabits.bankofamerica.com
locators.bankofamerica.com
red.bankofamerica.com
homeloans5.bankofamerica.com
www.sipc.org
careers.bankofamerica.com
www.facebook.com
instagram.com
www.linkedin.com
www.pinterest.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
bbknet.hu Let's Encrypt Authority X3	`2020-02-12` - `2020-05-12`	3 months	crt.sh
*.ournits.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
www1.bac-assets.com Entrust Certification Authority - L1M	`2019-12-13` - `2020-12-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
Frame ID: 4166B4FA1065E124DC461EC8FD232FFE
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90... Page URL
https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90... HTTP 302
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=rut... Page URL
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

256 kB
Transfer

1127 kB
Size

1
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://staticweb.bankofamerica.com/cavmwebbactouch/common/index.html#home?app=signonv2
Title: Login

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/sitemap/hub/signin.go?request_locale=en_US
Title: Login

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/auth/enroll/enroll-entry/
Title: Enroll in online banking

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/mycommunications/public/appointments/getTopics.go?marketingCode=NEWHP_ECHMPG
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://promo.bankofamerica.com/mobile-banking/
Title: Learn More about the app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/bank-america-mobile-banking/id284847138?mt=8%27

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/bank-of-america-mobile-banking/id284847138?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.infonow.bofa

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/secure-mycommunications/public/appointments/?marketingCode=HPCS_ECBBA_A1000
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://realestatecenter.bankofamerica.com/
Title: Find a home

Search URL Search Domain Scan URL

URL: https://homeloanhelp.bankofamerica.com/en/index.html
Title: Need help with home loan payments?

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/secure-mycommunications/public/appointments/?marketingCode=HPHL_ECBBA_A5000
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/applynow/initialize-workflow.go?requesttype=VLSTATUS
Title: Check your auto application status

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/secure-mycommunications/public/appointments/?marketingCode=HPAL_ECBBA_A1000
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://www.ml.com/merrill/index.html?src_cd=bac_hp_nav_merrill

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/investing/online-trading?src_cd=bac_hp_nav_mesd
Title: Build your own portfolio

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/guided-investing?src_cd=bac_hp_nav_mgi
Title: Get a professionally managed portfolio

Search URL Search Domain Scan URL

URL: https://www.ml.com/working-with-merrill-lynch-financial-advisor.html?src_cd=bac_hp_nav_mlwm
Title: Work with a dedicated advisor

Search URL Search Domain Scan URL

URL: https://www.ml.com/merrill/index.html?src_cd=bac_hp_nav_compare#compare
Title: Compare ways to invest

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/secure-mycommunications/public/appointments/?marketingCode=HPINV_ECBBA_A3000
Title: Schedule an appointment

Search URL Search Domain Scan URL

URL: https://www.privatebank.bankofamerica.com/?src_cd=bac_hp_nav_private
Title: Bank of America Private Bank

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en
Title: Visit BetterMoneyHabits.com

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/article/how-much-do-you-really-need-to-save-for-retirement?cm_sp=GWM-SelfDirectedBrokerage-_-ME_Nav_BMH-_-G216LT00H4_L1_Nav_ME_Batch1_Gen_L1_Tile_243x105.jpg
Title: Get step-by-step guidance for every stage of life

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/credit
Title: Credit

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/debt
Title: Debt

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/saving-budgeting
Title: Saving & Budgeting

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/home-ownership
Title: Home Ownership

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/auto
Title: Auto

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/retirement
Title: Retirement

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/college
Title: College

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/privacy-security
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/personal-banking
Title: Personal Banking

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/taxes-income
Title: Taxes & Income

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/auth/forgot/reset-entry/
Title: Forgot ID/Passcode?

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/enroll/entry/olbEnroll.go?request_locale=en_US
Title: Enroll

Search URL Search Domain Scan URL

URL: https://promo.bankofamerica.com/hp-oaa2/
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://locators.bankofamerica.com/
Title: Find your closest financial center or ATM

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/m/pages/mobile/home-mobile.aspx?src_cd=bac_hp_l1_mobile
Title: Investing

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/?src_cd=bac_hp_l1_tablet
Title: Investing

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/online-banking/mobile-and-online-banking-features/
Title: Get the free app

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/secure-offers/public/customizedOffers/?subchannel=ECHMHL&cm_sp=Cons-CC-_-NotAssigned-_-CCW5SZ5I01_SuperHighlights_ECLOrebrandG3_ecloGrayShlGp1Cta
Title: Find a credit card quickly Get the right card for you. You can check for customized offers in 60 seconds. Get started finding the right credit card for you

Search URL Search Domain Scan URL

URL: https://red.bankofamerica.com/?cm_sp=EBZ-Corp_SocialResponsibility-_-CorporateSocialResponsibility-_-EIT1SXYR01_SuperHighlights_2019RED_powerToHelpEndAidsV2ShlCta
Title: The power to help end AIDS We've committed $30 million to (RED) through 2025 to help fight HIV/AIDS in Africa. Learn more about how to help fight HIV/AIDS in Africa

Search URL Search Domain Scan URL

URL: https://promo.bankofamerica.com/nextgen/?ep=empty&mktgCode=Autohp03hl0219&cm_sp=eLend-Auto-ABPA-_-AutoLending-_-EWT1QSMS01_Highlights_NH_Auto_HL_G3_getStartedAutoLoanSHLCta
Title: Enjoy your ride and your rate Check out our low-rate auto loans and find your next car with our online shopping resource. Get started

Search URL Search Domain Scan URL

URL: https://promo.bankofamerica.com/advantage_banking/?cm_sp=DEP-Checking-_-NotAssigned-_-DCTAQT0N01_Highlights_NH_Checking_Feat_HL_G3_bauChkCtaHL
Title: Get checking with the right features Including a $0 Liability Guarantee that covers fraudulent transactions. Get started with a Bank of America Checking Account

Search URL Search Domain Scan URL

URL: https://promo.bankofamerica.com/hp-oaa2/?cm_sp=ESZ-EnterpriseSales-_-SSSS-_-EST2QU1301_Highlights_NH_NewtoBACv1Sept2019_new1HLCta
Title: New to Bank of America? Explore our banking solutions with Bank of America and Merrill’s investment services. Explore our products and see what banking solutions and investment services Bank of America and Merrill have to offer.

Search URL Search Domain Scan URL

URL: https://www.merrilledge.com/?cm_sp=GWM-SelfDirectedBrokerage-_-NotAssigned-_-G2T1QVMT01_Highlights_NH_Merrill_InvestYourWay_HL4_Ad_default_merrillEdgeHlCta
Title: Invest your way Enjoy streamlined investing with a Merrill Edge Self‑Directed account. Get started investing with a Merrill Edge Self-Directed account.

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/home-ownership/buying-home-comfortably-affordably
Title: Buy a home comfortably and affordably with these tips

Search URL Search Domain Scan URL

URL: https://homeloans5.bankofamerica.com/PrequalBenefits_redesign/default.aspx?subCampCode=59160&dmcode=18097571050
Title: Get started with the Bank of America Digital Mortgage Experience™

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC layer

Search URL Search Domain Scan URL

URL: http://careers.bankofamerica.com/careershome.aspx
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BankofAmerica
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/bankofamerica/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bank-of-america
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/bettermoneyhabits/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/BankofAmerica
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bankofamerica
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201 Page URL
https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201 HTTP 302
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com Page URL
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201 HTTP 302
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set index.php Show response
bbknet.hu/l/onlinelogon109012.info.serve290/ 390 B
804 B 412ms
276ms Document
text/html 195.56.165.14
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL: https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.56.165.14 , Hungary, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5f8d3aa7d472d4912b8e1e2a96ff342b79bfedab2a80e6acaeacbbde346c9d16

Request headers

Host: bbknet.hu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Fri, 03 Apr 2020 18:57:46 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: PHPSESSID=6u3helse7iad94ouf5eujm5hq1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Content-Language: hu

GET
H/1.1

200
OK

Cookie set / Show response
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/
Redirect Chain

https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201
https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com

280 B
759 B

675ms
563ms

Document
text/html

148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com

Requested by

Host: bbknet.hu
URL: https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

54244440c99cc6b6c76d6715c840f9f54fd2267c4f11bc9e6f456038f6914a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secureonline20200403-bankofamerica-com-l87180201.ournits.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Origin: https://bbknet.hu
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://bbknet.hu/l/onlinelogon109012.info.serve290/index.php?id=ruth.haney@nordstrom.com&hr90=019201

Response headers

Date: Fri, 03 Apr 2020 18:57:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate max-age=60, private, proxy-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PHPSESSID=o0oql2d61fh3i9arn5l59lr732; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 224
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 03 Apr 2020 18:57:46 GMT
Server: Apache/2.4.18 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Content-Language: hu

POST
H/1.1 200
OK Primary Request n6DU16N3qqhkCuJpFuFEWw Show response
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/ 356 KB
63 KB 54ms
54ms Document
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw

Requested by

Host: secureonline20200403-bankofamerica-com-l87180201.ournits.com
URL: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

ebf9cca2745572328af5c6d2d2b0aa45c763e97d6f0ce22a27851ab82a3f1dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secureonline20200403-bankofamerica-com-l87180201.ournits.com
Connection: keep-alive
Content-Length: 45
Pragma: no-cache
Cache-Control: no-cache
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=o0oql2d61fh3i9arn5l59lr732
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/?id=ruth.haney@nordstrom.com

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate max-age=60, private, proxy-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=299
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 938777c5.css
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/ 574 KB
56 KB 99ms
56ms Stylesheet
text/css 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

e2af925e991dcc30e8fd3211d644a6195928891c3f98f8c053a2e4ef8da09d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Feb 2020 09:36:44 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=172800, proxy-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=298
Content-Length: 56710
X-XSS-Protection: 1; mode=block
Expires: Sun, 03 May 2020 18:57:48 GMT

GET
H2 200 assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
www1.bac-assets.com/homepage/spa-assets/images/ 3 KB
2 KB 154ms
30ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D1B) /

Resource Hash

7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738771
x-boa-requestid: gEnhQ6dGYh0AA9Vqr14AAABf
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 1604
last-modified: Mon, 25 Mar 2019 19:11:21 GMT
server: ECS (lcy/1D1B)
x-frame-options: SAMEORIGIN
etag: "d90-584eff84b6452"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg
www1.bac-assets.com/homepage/spa-assets/images/ 36 KB
14 KB 156ms
31ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D6F) /

Resource Hash

ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738771
x-boa-requestid: gEnfq6dGYhYAAvjf5UUAAACN
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 14111
last-modified: Mon, 04 Jun 2018 19:19:02 GMT
server: ECS (lcy/1D6F)
x-frame-options: SAMEORIGIN
etag: "90c6-56dd5ce734606"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg
www1.bac-assets.com/homepage/spa-assets/images/ 587 B
425 B 149ms
25ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D22) /

Resource Hash

46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738772
x-boa-requestid: gD_uhadGYh0ABcR3IjIAAAEh
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 326
last-modified: Mon, 04 Jun 2018 19:19:02 GMT
server: ECS (lcy/1D22)
x-frame-options: SAMEORIGIN
etag: "24b-56dd5ce7349f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
www1.bac-assets.com/homepage/spa-assets/images/ 7 KB
3 KB 146ms
22ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D27) /

Resource Hash

3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738772
x-boa-requestid: gD-XKadGYgwAAbFT0rAAAAE0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 2916
last-modified: Mon, 04 Jun 2018 19:19:02 GMT
server: ECS (lcy/1D27)
x-frame-options: SAMEORIGIN
etag: "1c96-56dd5ce7326c2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg
www1.bac-assets.com/homepage/spa-assets/images/ 5 KB
2 KB 150ms
27ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D67) /

Resource Hash

1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738771
x-boa-requestid: gEnk0adGYhUAAmq-k2cAAAG9
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 1841
last-modified: Mon, 04 Jun 2018 19:19:02 GMT
server: ECS (lcy/1D67)
x-frame-options: SAMEORIGIN
etag: "1381-56dd5ce732aab"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-calendar-CSXef62d939.svg
www1.bac-assets.com/homepage/spa-assets/images/ 1 KB
712 B 151ms
29ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D46) /

Resource Hash

79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 2895791
x-boa-requestid: Q72zEKdGgkIAACD9j8IAAAEn
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 590
last-modified: Thu, 29 Mar 2018 01:18:29 GMT
server: ECS (lcy/1D46)
x-frame-options: SAMEORIGIN
etag: "4a7-56882e6b32cca"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg
www1.bac-assets.com/homepage/spa-assets/images/ 6 KB
2 KB 41ms
23ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D20) /

Resource Hash

2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738771
x-boa-requestid: gEoClqdGYhUAAKS2Q4sAAAAf
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 2243
last-modified: Wed, 19 Jun 2019 00:32:58 GMT
server: ECS (lcy/1D20)
x-frame-options: SAMEORIGIN
etag: "169f-58ba25efff42a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-offers-ME_Batch1_Gen_L1_Tile_243x105.webp
www1.bac-assets.com/homepage/spa-assets/images/ 728 B
880 B 42ms
23ms Image
image/webp 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-offers-ME_Batch1_Gen_L1_Tile_243x105.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D1C) /

Resource Hash

5314ce08621ae1844b4ef0c672d68effcb3ade4009909fdf835c97166fda7500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Fri, 10 Nov 2017 17:33:23 GMT
server: ECS (lcy/1D1C)
age: 6738772
etag: "2d8-55da45148689f"
x-boa-requestid: gEDiZadGYh0ABcR3IjMAAAEC
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 728
expires: Fri, 03 Apr 2020 18:57:49 GMT

GET
H2 200 assets-images-site-hp-assets-mastheads-consumer-deposits-en-DEP_MH_ARBF6SBW_1440.webp
www1.bac-assets.com/hp-assets/spa-assets/images/ 48 KB
49 KB 50ms
32ms Image
image/webp 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-deposits-en-DEP_MH_ARBF6SBW_1440.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D50) /

Resource Hash

e765291c76e877a933ee44a7d05a44f1c1ea9fa549a61417f31caa93b0de476a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Wed, 18 Sep 2019 19:01:28 GMT
server: ECS (lcy/1D50)
age: 2771203
etag: "c176-592d876e133d1"
x-boa-requestid: RcTy8adGgjoAACCt66UAAABz
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 49526
expires: Fri, 03 Apr 2020 18:57:49 GMT

GET
H2 200 assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png
www1.bac-assets.com/homepage/spa-assets/images/ 4 KB
4 KB 49ms
31ms Image
image/png 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D2B) /

Resource Hash

6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Thu, 09 Nov 2017 17:58:43 GMT
server: ECS (lcy/1D2B)
age: 2903899
etag: "1006-55d908e14d6f5"
x-boa-requestid: YH7P9KdGgjoAACCwn98AAAHn
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4102
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-engagement-banner-consumer-2019_certified_mobile_app_eng-nodropshadow_cropped_small.png
www1.bac-assets.com/hp-assets/spa-assets/images/ 19 KB
19 KB 42ms
24ms Image
image/png 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-engagement-banner-consumer-2019_certified_mobile_app_eng-nodropshadow_cropped_small.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D6A) /

Resource Hash

63b36fc2d96a85f37d1b05907fc5274ffc0a4c43224abd457d74ec847d6208e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Tue, 05 Feb 2019 20:41:55 GMT
server: ECS (lcy/1D6A)
age: 4567866
etag: "4c4f-5812ba3cf3f75"
x-boa-requestid: 9E3TW6dGYiQAA55vU4QAAABC
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19535
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-super-highlights-consumer-cards-en-eclo-card_shl_arws9dlv_722.webp
www1.bac-assets.com/hp-assets/spa-assets/images/ 8 KB
8 KB 71ms
53ms Image
image/webp 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-super-highlights-consumer-cards-en-eclo-card_shl_arws9dlv_722.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D52) /

Resource Hash

629678c1195d72932e4676f767613e646618f8caf83cad8c8e0f61675ab39c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Wed, 03 Apr 2019 17:55:16 GMT
server: ECS (lcy/1D52)
age: 6738538
etag: "2066-585a3f4c6a6d7"
x-boa-requestid: jjMgI6dGYgsAAReWYqcAAAB5
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8294
expires: Fri, 03 Apr 2020 18:57:49 GMT

GET
H2 200 assets-images-site-hp-assets-super-highlights-consumer-enterprise-en-RED_campaign-red_wad2019_shl_ark7ghbf_722_v3.webp
www1.bac-assets.com/hp-assets/spa-assets/images/ 9 KB
9 KB 46ms
29ms Image
image/webp 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-super-highlights-consumer-enterprise-en-RED_campaign-red_wad2019_shl_ark7ghbf_722_v3.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D4A) /

Resource Hash

f20cef0c593a884812ca0a87dae3457546307153017601f34f184a77c03067d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Thu, 14 Nov 2019 20:04:41 GMT
server: ECS (lcy/1D4A)
age: 2771203
etag: "2248-59753fded5b29"
x-boa-requestid: RcS-RqdGgiMAACCnMb4AAAGa
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8776
expires: Fri, 03 Apr 2020 18:57:49 GMT

GET
H2 200 assets-images-site-hp-assets-highlights-consumer-auto-loans-en-car_front_icon.svg
www1.bac-assets.com/hp-assets/spa-assets/images/ 588 B
422 B 74ms
57ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-highlights-consumer-auto-loans-en-car_front_icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D74) /

Resource Hash

02da74c9cbdc44f5591deab659758147937da2a4e90377990fc1c9ead662ca9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738732
x-boa-requestid: gpm-3KdGYgwAAQl14McAAAHX
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 301
last-modified: Mon, 04 Mar 2019 18:38:20 GMT
server: ECS (lcy/1D74)
x-frame-options: SAMEORIGIN
etag: "24c-583490f8bf31b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-highlights-consumer-deposits-en-bau_chk-lob_hl1_ar89d6xn_icon.svg
www1.bac-assets.com/hp-assets/spa-assets/images/ 193 B
300 B 48ms
31ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-highlights-consumer-deposits-en-bau_chk-lob_hl1_ar89d6xn_icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D44) /

Resource Hash

2586e15249d104024484b3d942e030c6137444935dd374e6c0d062eaac77d077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738773
x-boa-requestid: gC3wTqdGYiQAA2oWR4kAAAC5
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 179
last-modified: Tue, 15 May 2018 17:46:31 GMT
server: ECS (lcy/1D44)
x-frame-options: SAMEORIGIN
etag: "c1-56c422ec0dbc6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-highlights-consumer-other-en-hl_ntb-03_icon_arp7dcrm_e.svg
www1.bac-assets.com/hp-assets/spa-assets/images/ 960 B
670 B 72ms
55ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-highlights-consumer-other-en-hl_ntb-03_icon_arp7dcrm_e.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D3A) /

Resource Hash

a7b87f6d0c31b6bae2aa79345a350ef5ab61ceb04a83bd7088054f6cac9ab3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738757
x-boa-requestid: gSKSUadGYiQABThdNO4AAAER
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 547
last-modified: Wed, 04 Sep 2019 17:35:49 GMT
server: ECS (lcy/1D3A)
x-frame-options: SAMEORIGIN
etag: "3c0-591bda2c63ff4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-hp-assets-highlights-consumer-merrill-en-merrill_rebrand_logo.svg
www1.bac-assets.com/hp-assets/spa-assets/images/ 14 KB
4 KB 69ms
53ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-highlights-consumer-merrill-en-merrill_rebrand_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D28) /

Resource Hash

637f24f45d4640101ad59c9467921a9451dfeb40670e8a2526424ba8f2033a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 2948428
x-boa-requestid: AlrN7KdGYgsAACMtoecAAAFx
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 3773
last-modified: Thu, 18 Apr 2019 18:13:49 GMT
server: ECS (lcy/1D28)
x-frame-options: SAMEORIGIN
etag: "3669-586d1f6b7ba32"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-Infographic-Simple-CSX6b4e2aae.svg
www1.bac-assets.com/homepage/spa-assets/images/ 494 B
592 B 74ms
57ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-Infographic-Simple-CSX6b4e2aae.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D61) /

Resource Hash

085ee043ed6aac93d71da75295dfb2457ac0d0fde6a65c0d93e3bf5945a3290a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738776
x-boa-requestid: f-c-t6dGYhwAAtgElbsAAAAA
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 329
last-modified: Fri, 18 Aug 2017 18:08:32 GMT
server: ECS (lcy/1D61)
x-frame-options: SAMEORIGIN
etag: "1ee-5570b04509d51"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-Calculator-Simple-CSX9bb359bc.svg
www1.bac-assets.com/homepage/spa-assets/images/ 555 B
418 B 73ms
56ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-Calculator-Simple-CSX9bb359bc.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D75) /

Resource Hash

e647eb42142acfb637eb810dd2424c4dfae6d9809e0206f2edfbdd012ed6cbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f_QUxadGgi8AABGROe0AAAEW
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 310
last-modified: Thu, 17 Aug 2017 18:32:29 GMT
server: ECS (lcy/1D75)
x-frame-options: SAMEORIGIN
etag: "22b-556f73c26fc8e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-Video-Simple-CSXae056e32.svg
www1.bac-assets.com/homepage/spa-assets/images/ 224 B
295 B 74ms
58ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-Video-Simple-CSXae056e32.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D59) /

Resource Hash

18e8d2a980966dbd4ceae04d4d2ecf2042faba2e54e979a10d76d57c48d2d7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738776
x-boa-requestid: f-jooadGgkIAA9NrpZUAAAFv
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 197
last-modified: Thu, 17 Aug 2017 18:32:29 GMT
server: ECS (lcy/1D59)
x-frame-options: SAMEORIGIN
etag: "e0-556f73c270459"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-news-digital-mortgage-hl_yandi_ar5sc588_1440-CSX2c891a7.webp
www1.bac-assets.com/homepage/spa-assets/images/ 7 KB
7 KB 71ms
55ms Image
image/webp 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-digital-mortgage-hl_yandi_ar5sc588_1440-CSX2c891a7.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D75) /

Resource Hash

f0ef7e233e4864a3462d7e659a59227df9cd1b7cee9d004f428d4f0fb27ef31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
last-modified: Fri, 05 Apr 2019 02:16:57 GMT
server: ECS (lcy/1D75)
age: 6738779
etag: "1d24-585bf14c510f6"
x-boa-requestid: f9PQB6dGgjAAA-5tffIAAAEA
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/plain
status: 200
cache-control: max-age=26920000, public
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7460
expires: Fri, 03 Apr 2020 18:57:49 GMT

GET
H2 200 assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg
www1.bac-assets.com/homepage/spa-assets/images/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D75) /

Resource Hash

3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738779
x-boa-requestid: f9PdyKdGgjoABRJiDE4AAAEk
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 960
last-modified: Mon, 25 Mar 2019 20:39:32 GMT
server: ECS (lcy/1D75)
x-frame-options: SAMEORIGIN
etag: "83a-584f133ab056d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-icons-arrow_right_blue-CSXbd9e506c.svg
www1.bac-assets.com/homepage/spa-assets/images/ 218 B
283 B 24ms
24ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-arrow_right_blue-CSXbd9e506c.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D46) /

Resource Hash

c5347f46cf67c827170c2f9d4cb65b0cf467a0a2e38f679a078d317f289ed6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f9hZXadGYiQAAxudmzoAAAGw
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 185
last-modified: Fri, 18 Aug 2017 18:08:32 GMT
server: ECS (lcy/1D46)
x-frame-options: SAMEORIGIN
etag: "da-5570b0450a520"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H/1.1 404
Not Found cnx-light.woff2
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 56ms
55ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-light.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=297
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-regular.woff2
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 56ms
55ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-regular.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=300
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-medium.woff2
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 106ms
52ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-medium.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=296
X-XSS-Protection: 1; mode=block

GET
H2 200 assets-images-site-homepage-bmh-module-home-own-3_HomeOwn_3_319x363-CSXd734cc87.svg
www1.bac-assets.com/homepage/spa-assets/images/ 3 KB
1 KB 25ms
25ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-bmh-module-home-own-3_HomeOwn_3_319x363-CSXd734cc87.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D54) /

Resource Hash

32460c5dfe1dd77624a124087e350d0a4b98a800768bb4fe226857b8b717377d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f_SfX6dGYhYAAiPXzA8AAAFI
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 1223
last-modified: Thu, 03 Aug 2017 15:20:28 GMT
server: ECS (lcy/1D54)
x-frame-options: SAMEORIGIN
etag: "cb6-555daebac168f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-bmh-module-default-0_Default_2_319x363-CSX4141ca60.svg
www1.bac-assets.com/homepage/spa-assets/images/ 12 KB
2 KB 28ms
27ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-bmh-module-default-0_Default_2_319x363-CSX4141ca60.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D38) /

Resource Hash

8520eec25b93b00aa9dcfb7e554bc07a41dd8d4206e188f2d555768ab27974d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f_SlbqdGYgsABG1tkZ4AAACD
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 2168
last-modified: Thu, 03 Aug 2017 15:20:28 GMT
server: ECS (lcy/1D38)
x-frame-options: SAMEORIGIN
etag: "3072-555daebab4b6a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-bmh-module-saving-2_Saving_1_319x363-CSX576d7c82.svg
www1.bac-assets.com/homepage/spa-assets/images/ 2 KB
1 KB 24ms
24ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-bmh-module-saving-2_Saving_1_319x363-CSX576d7c82.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D26) /

Resource Hash

09617755ba1429c63fa191eafa934211e1ae168f3478e81fae73d5606e9b184d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f_Suf6dGYhUAAK82mMYAAAF0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 945
last-modified: Thu, 03 Aug 2017 15:20:29 GMT
server: ECS (lcy/1D26)
x-frame-options: SAMEORIGIN
etag: "8bf-555daebb13fbb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H2 200 assets-images-site-homepage-bmh-module-family-7_Family_2_319x363-CSXb4cde9e1.svg
www1.bac-assets.com/homepage/spa-assets/images/ 5 KB
2 KB 25ms
24ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-bmh-module-family-7_Family_2_319x363-CSXb4cde9e1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D75) /

Resource Hash

1a700c876a9472387defe0be3a9990f9e8a303e2c7b03456962c260edbd94ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f_SMP6dGYh0AAVgiAKAAAADO
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 2168
last-modified: Thu, 03 Aug 2017 15:20:28 GMT
server: ECS (lcy/1D75)
x-frame-options: SAMEORIGIN
etag: "14f7-555daebab7e32"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ecb031ec1c13840c371b9369ce1b4374247e23b7281aa15d169847c21ac8969

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 assets-images-global-logos-icon-ehl-white-CSX70568bdb.svg
www1.bac-assets.com/homepage/spa-assets/images/ 556 B
482 B 25ms
25ms Image
image/svg+xml 192.229.233.230
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-icon-ehl-white-CSX70568bdb.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.230 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D65) /

Resource Hash

b71cfb08551552ec9195a345847fca308a7cf8b8752206fd7a83ee7e7e50f17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/n6DU16N3qqhkCuJpFuFEWw
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Apr 2020 18:57:48 GMT
content-encoding: gzip
age: 6738778
x-boa-requestid: f9nm9KdGYiQABThdM4EAAAFf
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000
content-length: 360
last-modified: Fri, 02 Aug 2019 00:43:42 GMT
server: ECS (lcy/1D65)
x-frame-options: SAMEORIGIN
etag: "22c-58f17a66541ae"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 03 Apr 2021 18:57:48 GMT

GET
H/1.1 404
Not Found cnx-light.woff
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 52ms
52ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-light.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=299
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-regular.woff
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 54ms
50ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-regular.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=300
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-medium.woff
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 52ms
52ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-medium.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=298
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-light.ttf
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 52ms
52ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-light.ttf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=295
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-regular.ttf
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 51ms
51ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-regular.ttf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=299
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found cnx-medium.ttf
secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/ 0
0 55ms
54ms Font
text/html 148.251.213.220
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/fonts/cnx-medium.ttf

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.251.213.220 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s6.hostssdserver.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com/server8288.logon.expiredp-service039029942012.bofaapplicationsmeu.ou/assets/938777c5.css
Origin: https://secureonline20200403-bankofamerica-com-l87180201.ournits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 03 Apr 2020 18:57:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=60, private, proxy-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=294
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| theBody object| digitalData

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secureonline20200403-bankofamerica-com-l87180201.ournits.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o0oql2d61fh3i9arn5l59lr732

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbknet.hu
secureonline20200403-bankofamerica-com-l87180201.ournits.com
www1.bac-assets.com
148.251.213.220
192.229.233.230
195.56.165.14
02da74c9cbdc44f5591deab659758147937da2a4e90377990fc1c9ead662ca9b
085ee043ed6aac93d71da75295dfb2457ac0d0fde6a65c0d93e3bf5945a3290a
09617755ba1429c63fa191eafa934211e1ae168f3478e81fae73d5606e9b184d
0ecb031ec1c13840c371b9369ce1b4374247e23b7281aa15d169847c21ac8969
18e8d2a980966dbd4ceae04d4d2ecf2042faba2e54e979a10d76d57c48d2d7d4
1a700c876a9472387defe0be3a9990f9e8a303e2c7b03456962c260edbd94ab5
1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9
2586e15249d104024484b3d942e030c6137444935dd374e6c0d062eaac77d077
2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e
32460c5dfe1dd77624a124087e350d0a4b98a800768bb4fe226857b8b717377d
3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543
3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692
46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8
5314ce08621ae1844b4ef0c672d68effcb3ade4009909fdf835c97166fda7500
54244440c99cc6b6c76d6715c840f9f54fd2267c4f11bc9e6f456038f6914a53
5f8d3aa7d472d4912b8e1e2a96ff342b79bfedab2a80e6acaeacbbde346c9d16
629678c1195d72932e4676f767613e646618f8caf83cad8c8e0f61675ab39c46
637f24f45d4640101ad59c9467921a9451dfeb40670e8a2526424ba8f2033a3e
63b36fc2d96a85f37d1b05907fc5274ffc0a4c43224abd457d74ec847d6208e6
6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c
79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
8520eec25b93b00aa9dcfb7e554bc07a41dd8d4206e188f2d555768ab27974d6
a7b87f6d0c31b6bae2aa79345a350ef5ab61ceb04a83bd7088054f6cac9ab3fd
b71cfb08551552ec9195a345847fca308a7cf8b8752206fd7a83ee7e7e50f17d
c5347f46cf67c827170c2f9d4cb65b0cf467a0a2e38f679a078d317f289ed6d4
ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d
e2af925e991dcc30e8fd3211d644a6195928891c3f98f8c053a2e4ef8da09d76
e647eb42142acfb637eb810dd2424c4dfae6d9809e0206f2edfbdd012ed6cbb6
e765291c76e877a933ee44a7d05a44f1c1ea9fa549a61417f31caa93b0de476a
ebf9cca2745572328af5c6d2d2b0aa45c763e97d6f0ce22a27851ab82a3f1dcd
f0ef7e233e4864a3462d7e659a59227df9cd1b7cee9d004f428d4f0fb27ef31a
f20cef0c593a884812ca0a87dae3457546307153017601f34f184a77c03067d3

secureonline20200403-bankofamerica-com-l87180201.ournits.com Open in urlscan Pro 148.251.213.220 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

256 kBTransfer

1127 kBSize

1 Cookies

56 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secureonline20200403-bankofamerica-com-l87180201.ournits.com Open in urlscan Pro
148.251.213.220 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

256 kB
Transfer

1127 kB
Size

1
Cookies

41 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!