![](/screenshots/4d351f95-d19a-4b72-9d13-b0c480d59dab.png)
www.bankofamerica.com
Open in
urlscan Pro
171.161.102.100
Public Scan
Submission: On June 21 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on July 31st 2023. Valid for: a year.
This is the only time www.bankofamerica.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 171.161.102.100 171.161.102.100 | 10794 (BANKAMERICA) (BANKAMERICA) | |
15 | 192.229.233.231 192.229.233.231 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2600:9000:211... 2600:9000:211a:1600:7:2bfb:7c00:93a1 | () () | |
21 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
bac-assets.com
www2.bac-assets.com — Cisco Umbrella Rank: 190012 |
384 KB |
3 |
bankofamerica.com
www.bankofamerica.com — Cisco Umbrella Rank: 14319 |
580 KB |
1 |
tiqcdn.com
tags.tiqcdn.com |
|
21 | 3 |
Domain | Requested by | |
---|---|---|
15 | www2.bac-assets.com |
www.bankofamerica.com
www2.bac-assets.com |
3 | www.bankofamerica.com |
www2.bac-assets.com
|
1 | tags.tiqcdn.com |
www.bankofamerica.com
|
21 | 3 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bankofamerica.com Entrust Certification Authority - L1M |
2023-07-31 - 2024-08-29 |
a year | crt.sh |
www2.bac-assets.com Entrust Certification Authority - L1M |
2023-06-23 - 2024-07-16 |
a year | crt.sh |
tags.tiqcdn.com Amazon RSA 2048 M02 |
2024-03-19 - 2025-04-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bankofamerica.com/security-center/privacy-overview/
Frame ID: 26E1BF37DAC47E1962BBFDB79E89BE78
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/4d351f95-d19a-4b72-9d13-b0c480d59dab.png)
Page Title
Bank of America Privacy Notices and PoliciesDetected technologies
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
![](/vendor/wappa/icons/RequireJS.png)
Detected patterns
- require.*\.js
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Sign in
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Schedule an appointment
Search URL Search Domain Scan URL
Title: Data protection notices for employees,contractors and applicants
Search URL Search Domain Scan URL
Title: Control how we can share your data andmarket to you
Search URL Search Domain Scan URL
Title: See how to receive promotional emails
Search URL Search Domain Scan URL
Title: YourAdChoices layer
Search URL Search Domain Scan URL
Title: Network Advertising Initiative's Opt-Out Tool layer
Search URL Search Domain Scan URL
Title: Social Media User Terms
Search URL Search Domain Scan URL
Title: Community Guidelines
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Patent: patents.bankofamerica.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.bankofamerica.com/security-center/privacy-overview/ |
158 KB 38 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
babel-polyfill.js
www2.bac-assets.com/security-center/spa-assets/components/utilities/platform/ |
97 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3537a85d.css
www2.bac-assets.com/security-center/spa-assets/bundles/ |
2 MB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daee712.css
www2.bac-assets.com/security-center/spa-assets/bundles/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www2.bac-assets.com/security-center/spa-assets/components/utilities/vendor/require/2.2.0/js/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
www2.bac-assets.com/security-center/spa-assets/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-security-center-top-engagement-area-module-privacy-notice-large-CSX1db73800.webp
www2.bac-assets.com/security-center/spa-assets/images/ |
74 KB 74 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-security-center-top-priority-module-locker-460-Circle-CSX415951ab.jpg
www2.bac-assets.com/security-center/spa-assets/images/ |
29 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-security-center-privacy-notice-banner-banner-privacy-notice-large-CSXca49167d.webp
www2.bac-assets.com/security-center/spa-assets/images/ |
85 KB 85 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-bofa_icon_optout1_ko-CSX2fdcab0b.png
www2.bac-assets.com/security-center/spa-assets/images/ |
499 B 631 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
371 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
199 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg
www2.bac-assets.com/security-center/spa-assets/images/ |
380 B 396 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-regular.woff2
www2.bac-assets.com/security-center/spa-assets/components/utilities/global/sparta-style-utility/4.9.2/font/cnx-regular/ |
11 KB 11 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular.woff2
www2.bac-assets.com/security-center/spa-assets/components/utilities/global/sparta-style-utility/4.9.2/font/roboto-regular/ |
15 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-medium.woff2
www2.bac-assets.com/security-center/spa-assets/components/utilities/global/sparta-style-utility/4.9.2/font/cnx-medium/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cnx-bold.woff2
www2.bac-assets.com/security-center/spa-assets/components/utilities/global/sparta-style-utility/4.9.2/font/cnx-bold/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9cb605c1.js
www.bankofamerica.com/security-center/spa-assets/bundles/ |
2 MB 533 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f063bdc6.js
www.bankofamerica.com/security-center/spa-assets/bundles/ |
63 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/bofa/main/prod/ |
43 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fetch.js
www.bankofamerica.com/security-center/spa-assets/components/utilities/vendor/fetch/2.0.3/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
require-css.js
www.bankofamerica.com/security-center/spa-assets/components/utilities/vendor/require-css/0.1.11/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-favicon-favicon-CSX8d65d6e4.ico
www2.bac-assets.com/security-center/spa-assets/images/ |
15 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.bankofamerica.com
- URL
- https://www.bankofamerica.com/security-center/spa-assets/components/utilities/vendor/fetch/2.0.3/js/fetch.js
- Domain
- www.bankofamerica.com
- URL
- https://www.bankofamerica.com/security-center/spa-assets/components/utilities/vendor/require-css/0.1.11/js/require-css.js
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage boolean| setMDA boolean| isMDA object| digitalData object| nucleusSpartaProperties object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| createCSSBundleLink object| sparta function| requirejs function| require function| define object| theBody object| global undefined| handlebars object| spaParams object| spartaRequireLoop object| loopExecs object| required function| onLoopReady function| getCurriedBundleDefineShim3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bankofamerica.com/ | Name: WPID Value: F2S1 |
|
.bankofamerica.com/ | Name: SID Value: 0002771E2D0066758921 |
|
.www.bankofamerica.com/ | Name: TS0126dbc2 Value: 01c10528f5bed3c875468180ac8af846766fd17a80f6d4f9bace3b6070ffc17f6b23d00f52e238bf6a822ef6e051863d324603f45c |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com *.merrilledge.com; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tags.tiqcdn.com
www.bankofamerica.com
www2.bac-assets.com
www.bankofamerica.com
171.161.102.100
192.229.233.231
2600:9000:211a:1600:7:2bfb:7c00:93a1
12b8cde96d88d5f4c66da60019ce6e2ab507cbc079c2b4b5fe2cada549e3a4bb
237e14a05f05a02caa2874a3c62bc47ac036941cea56f28460a371c179f61237
3325c407362c02daa8688f643d805876576c6043ca212e12209109391503266a
341d70536cd5b4be9fa62afe7d46e7931115b7b11107815fdf85253491615467
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
5290c13210ddc766508f21b2b30ef59561e1021150c03f04e684950e4b5afcd9
612370ee1b24956cdea28fdffcb01c619a6b3d865c769c433652d3612ce3e236
656063fcf219582b6f4cf39bb8a406f6db7ca993f86522dd5a9a24a0a0ba9663
684703607eb155dc12adcab4c39e19e7b31492840a9e60bd3901eea6a95ad7a4
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d
a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3
a5db21febc8440f34b1917be32c2d7818c863747a555a5d7b6576460735037ed
adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6
b751cacb0eb62dcf85462b1cdb0eb1476707074976e6beae04fc9a144d912c3b
c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a
d4764beaaa8d40a0d70fb4f5b052fd3133cf4a589ea22033304ab7441c57721c
d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7
d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402