urlscan.io logo urlscan.io
SecurityTrails logo

vsimssuppliers.bankofamerica.com Open in urlscan Pro
171.161.152.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vsimssuppliers.bankofamerica.com/
Effective URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2...
Submission Tags: @phishunt_io
Submission: On March 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 171.161.152.88, located in United States and belongs to BANKAMERICA, US. The main domain is vsimssuppliers.bankofamerica.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 23rd 2024. Valid for: a year.
This is the only time vsimssuppliers.bankofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 171.161.152.88 10794 (BANKAMERICA)
1 1 171.159.216.65 10794 (BANKAMERICA)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
15 5
9    171.161.152.88 (United States)

ASN10794 (BANKAMERICA, US)
PTR: vsimssuppliers-prod-vip.bankofamerica.com
vsimssuppliers.bankofamerica.com
1    171.159.216.65 (United States)

ASN10794 (BANKAMERICA, US)
PTR: fedsso-pf-rva-ext-vip.bankofamerica.com
fedsso.bankofamerica.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
10 bankofamerica.com
vsimssuppliers.bankofamerica.com
fedsso.bankofamerica.com — Cisco Umbrella Rank: 555731
47 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 477
115 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 853
248 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 716
88 KB
15 4
Domain Requested by
9 vsimssuppliers.bankofamerica.com 2 redirects vsimssuppliers.bankofamerica.com
6 cdn.cookielaw.org vsimssuppliers.bankofamerica.com
cdn.cookielaw.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 ajax.googleapis.com vsimssuppliers.bankofamerica.com
1 fedsso.bankofamerica.com 1 redirects
15 5

This site contains links to these domains. Also see Links.

Domain
securemessagingp.bankofamerica.com
www.bofaml.com
www.onetrust.com
Subject Issuer Validity Valid
vsimssuppliers.bankofamerica.com
Entrust Certification Authority - L1M		 2024-01-23 -
2025-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Frame ID: B8D279B1014E88120F1DD31EE6A604F5
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank of America | Simplified Sign-On

Page URL History Show full URLs

  1. https://vsimssuppliers.bankofamerica.com/ HTTP 302
    https://vsimssuppliers.bankofamerica.com/VSIMS2/ngpages HTTP 302
    https://fedsso.bankofamerica.com/as/authorization.oauth2?response_type=code&client_id=A12495VSIMSExt&redirect... HTTP 302
    https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

245 kB
Transfer

605 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vsimssuppliers.bankofamerica.com/ HTTP 302
    https://vsimssuppliers.bankofamerica.com/VSIMS2/ngpages HTTP 302
    https://fedsso.bankofamerica.com/as/authorization.oauth2?response_type=code&client_id=A12495VSIMSExt&redirect_uri=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJERUYiLCJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZU5UU2QzaXRtRkM0dnZRV3oyYlhnVG04eHdJIiwic3VmZml4IjoiVlR3cWp1LjE3MTExNDg4NDcifQ..lRBm0kBq4_D39o4taAlayA.xbSXstKoRmyO1NqBgFq7PdDdUaTgp-2aiW_JPNBqHI3lKAVR0cFxg-0pMUPctSQ3rdIvE9Pcbg7O02_tnrPhMA62Ld7yTPqNqEysMyA9G3C2k5-jv0bOmJM4kGv64vTF.3g-DlZyjNa67LLwxHDMIZQ&nonce=uEG8afeycMUzPN34NrSiGRkAxAEltF8u_NVRvzQjbwA&acr_values=AAL1%20AAL2%20AAL3&scope=openid%20basic%20extended&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt HTTP 302
    https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/
Redirect Chain
  • https://vsimssuppliers.bankofamerica.com/
  • https://vsimssuppliers.bankofamerica.com/VSIMS2/ngpages
  • https://fedsso.bankofamerica.com/as/authorization.oauth2?response_type=code&client_id=A12495VSIMSExt&redirect_uri=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2Fpa%2Foidc%2Fcb&state=eyJ6aXAiOiJER...
  • https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=...
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
37c1227b7c2945f47a3602a487a6fb84d1c3b92b62715c16dc30d86819050379
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
19157
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Content-Type
text/html
Date
Tue, 19 Mar 2024 23:07:28 GMT
ETag
"4ad5-5d621a99607c0"
Expires
0
Keep-Alive
timeout=5, max=510
Last-Modified
Sat, 22 Jan 2022 01:29:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com; img-src 'self' data: 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com; connect-src 'self' 'unsafe-inline' wss: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com; frame-src 'self' 'unsafe-inline' *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com; font-src 'self' 'unsafe-inline' data: *.ml.com *.bankofamerica.com *.baml.com *.bluematrix.com *.thomsonreuters.com *.thomsonreuters.biz *.thomsonreuters.net *.sentieo.com *.refinitiv.com *.refinitiv.biz *.refinitiv.net *.fmrco.com
Content-Type
text/html;charset=utf-8
Date
Tue, 19 Mar 2024 23:07:28 GMT
Expect-CT
max-age=3600, enforce
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=20000
Location
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:14:16 GMT
x-content-type-options
nosniff
age
53592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 08:14:16 GMT
otSDKStub.js
cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/otSDKStub.js
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2644089b943508719c3186cb84c122435c6cd94c0d076998a68a64cee57e0229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vsimssuppliers.bankofamerica.com/
Origin
https://vsimssuppliers.bankofamerica.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
hQHLOKwwbZEMxao4/1YKSg==
content-length
5817
x-ms-lease-status
unlocked
last-modified
Tue, 01 Jun 2021 12:41:07 GMT
server
cloudflare
etag
0x8D924FA86CE368F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38440e69-501e-007f-684f-79f618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e706f7303e0-FRA
expires
Wed, 20 Mar 2024 23:07:28 GMT
urlmunger.js
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/urlmunger.js
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
6907d38c11f6e8c524f42d92dc96335ac4c624b5b68b6fbe1af3b965bff8c143
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"1149-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=509
Content-Length
4425
X-XSS-Protection
1; mode=block
Expires
0
stylesNS.css
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/stylesNS.css
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
b5470ca4862e0d3ee881373658529da88f5ffa0ece36c6d5a6747a0254f39145
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"a9a-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=508
Content-Length
2714
X-XSS-Protection
1; mode=block
Expires
0
vsims_sso_header_ver1.gif
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/vsims_images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/vsims_images/vsims_sso_header_ver1.gif
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
f00e01ca5ded2f2e488a09b296f16d86b09da3ee5e19f8c5ed290da1a7e806a9
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"1590-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=512
Content-Length
5520
X-XSS-Protection
1; mode=block
Expires
0
logo.jpg
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/sso_login.fcc_files/logo.jpg
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
af1de3b556c744a64116f2382aa99b994e591b58dd3679df8d03b7c61205f257
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"a11-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=512
Content-Length
2577
X-XSS-Protection
1; mode=block
Expires
0
fe2327be-9227-4bad-ac58-1d9087d3e912.json
cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/fe2327be-9227-4bad-ac58-1d9087d3e912.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951d6f2efe56f17e5699d0330024c19496c28da115cd7e7531b9a343d3aac9eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
NrnuQDDp983yBz05MOOirg==
content-length
1451
x-ms-lease-status
unlocked
last-modified
Tue, 01 Jun 2021 12:41:07 GMT
server
cloudflare
etag
0x8D924FA86D90E0B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6a9fa40e-e01e-0018-3f59-79e6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e70bf9603e0-FRA
expires
Wed, 20 Mar 2024 23:07:28 GMT
stylesNS.css
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/stylesNS.css
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
73420c56812b9cf8771858bdb90516933a951c1c6a2625f28e518089808d4f59
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"b61-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=512
Content-Length
2913
X-XSS-Protection
1; mode=block
Expires
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		79 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41285a6b4b3d6d4862fd1d954f6ce8021811139d55736f117ec1472d87e801e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 23:07:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
86711e72c8933659-FRA
vary
Accept-Encoding
content-type
text/javascript
headerBG.gif
vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/vsims_images/ 		35 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/vsims_images/headerBG.gif
Requested by
Host: vsimssuppliers.bankofamerica.com
URL: https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.152.88 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
vsimssuppliers-prod-vip.bankofamerica.com
Software
/
Resource Hash
1b961a05fe8c238aa50d12a6fea750d6aa9b6e575810999a62ae8f0812a988a2
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/SiteMinder/webagent/forms/?resumePath=https%3A%2F%2Ffedsso.bankofamerica.com%2Fas%2F2cZV0Uf8CG%2Fresume%2Fas%2Fauthorization.ping&vnd_pi_requested_resource=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FVSIMS2%2Fngpages&vnd_pi_application_name=A12495VSIMSExt&client_id=A12495VSIMSExt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 23:07:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Last-Modified
Tue, 14 May 2019 14:06:25 GMT
ETag
"23-588d989d0da40"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=511
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.18.0/ 		377 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vsimssuppliers.bankofamerica.com/
Origin
https://vsimssuppliers.bankofamerica.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cIchS4lr7UaDx9LQCq2apA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
85787
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:55 GMT
server
cloudflare
etag
0x8D91E52BCFB1A90
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b7061a20-f01e-0066-6c67-7976a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e72f91503e0-FRA
en.json
cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/ba3f940e-03b2-45a5-a1a8-87aac991842e/ 		24 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe2327be-9227-4bad-ac58-1d9087d3e912/ba3f940e-03b2-45a5-a1a8-87aac991842e/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ec10e8e047dfe296f0d3d0e23d16192312eb47dd644d3847948ea3a8505894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
un26Jgp6+PeHt4jbCvRNKg==
content-length
8184
x-ms-lease-status
unlocked
last-modified
Tue, 01 Jun 2021 12:41:10 GMT
server
cloudflare
etag
0x8D924FA88BF6823
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
45a0dcab-a01e-007b-7876-797b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e73495003e0-FRA
expires
Wed, 20 Mar 2024 23:07:29 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MrQfM8mTXwqoZ1+V6sXNuw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2938
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:48 GMT
server
cloudflare
etag
0x8D91E52B88C8775
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d9767959-b01e-0048-1e59-7924b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e73b9b803e0-FRA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd89775249b84792efdf669aeb157ad3e8d8e8e7f5d4d5b4a2c74e199bddc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vsimssuppliers.bankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 23:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2g8ZYN+WBSlZ/5k1miqWvg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11471
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:49 GMT
server
cloudflare
etag
0x8D91E52B990E2B7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bc2805fa-c01e-000f-4867-794fef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
86711e73b9ba03e0-FRA
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| antiClickjack function| handleEnterKey function| formSubmit function| envSpecificICP function| returnEnvSpecificICP function| envSpecificSignOnHelp function| returnEnvSpecificSignOnHelp function| envSpecificGetID function| returnEnvSpecificGetID function| doTest boolean| isNS4 boolean| isOtherNS function| errorMessage function| getParameterByName function| ValidateForm function| showHints function| jsonFeed object| otStubData object| OneTrustStub object| Optanon object| OneTrust

7 Cookies

Domain/Path Name / Value
vsimssuppliers.bankofamerica.com/ Name: nonce.VTwqju.1711148847
Value: 8b77feaf-daf4-4161-ae5b-e5914bacfe26
vsimssuppliers.bankofamerica.com/ Name: TS0160351f
Value: 01894c4cce73c07c0379730faee2053226d654b34879bb562b97353704e70e679e309b3a9f469df35f62d9f8fdfd3a1c43edaff7c9
fedsso.bankofamerica.com/ Name: PF
Value: 6lKQfyr0puZeoBpN1BJErx
fedsso.bankofamerica.com/ Name: bac_persist
Value: 3781242277.24515.0000
.bankofamerica.com/ Name: _bofalid
Value: UKLVGw6qUDOkl60Wkxbmqdschz6LVETHT1ez72/n4QM=
.fedsso.bankofamerica.com/ Name: TS0193529a
Value: 0176872a98d3eac2281287c0b0ed574d80bc0170634c3c7a1a93f20e17d8d62a7eb9366e17cbc32b42e39fec383db09c9ab514bbd6
.vsimssuppliers.bankofamerica.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Mar+20+2024+00%3A07%3A29+GMT%2B0100+(Central+European+Standard+Time)&version=6.18.0&hosts=&consentId=c439b10b-66e6-46d0-ac11-c406cc8f8d20&interactionCount=0&landingPath=https%3A%2F%2Fvsimssuppliers.bankofamerica.com%2FSiteMinder%2Fwebagent%2Fforms%2F%3FresumePath%3Dhttps%253A%252F%252Ffedsso.bankofamerica.com%252Fas%252F2cZV0Uf8CG%252Fresume%252Fas%252Fauthorization.ping%26vnd_pi_requested_resource%3Dhttps%253A%252F%252Fvsimssuppliers.bankofamerica.com%252FVSIMS2%252Fngpages%26vnd_pi_application_name%3DA12495VSIMSExt%26client_id%3DA12495VSIMSExt&groups=C0001%3A1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';frame-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com;style-src 'self' 'unsafe-inline';img-src 'self' data:;connect-src 'self' https://ajax.googleapis.com https://cdn.cookielaw.org https://geolocation.onetrust.com https://fedsso.bankofamerica.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block