urlscan.io logo urlscan.io
SecurityTrails logo

bp.agari.com Open in urlscan Pro
34.217.170.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bankofamerica.bp.agari.com/
Effective URL: https://bp.agari.com/account/login
Submission: On June 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 34.217.170.160, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is bp.agari.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 10th 2024. Valid for: a year.
This is the only time bp.agari.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.89.168.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-168-251.us-west-2.compute.amazonaws.com
bankofamerica.bp.agari.com
10    34.217.170.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-170-160.us-west-2.compute.amazonaws.com
bp.agari.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:26e8:3e00:10:37ca:2280:21 (United States)

ASN16509 (AMAZON-02, US)
d2fe6z1n40nr0q.cloudfront.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 agari.com
bankofamerica.bp.agari.com
bp.agari.com
693 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
92 KB
1 cloudfront.net
d2fe6z1n40nr0q.cloudfront.net
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
2 KB
16 5
Domain Requested by
10 bp.agari.com bp.agari.com
2 www.google-analytics.com bp.agari.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 d2fe6z1n40nr0q.cloudfront.net bp.agari.com
1 fonts.googleapis.com bp.agari.com
1 bankofamerica.bp.agari.com 1 redirects
16 7

This site contains links to these domains. Also see Links.

Domain
www.agari.com
support.fortra.com
status.agari.com
Subject Issuer Validity Valid
cp.agari.com
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bp.agari.com/account/login
Frame ID: CF5C86A27BCC2176A7B629028176A168
Requests: 15 HTTP requests in this frame

Frame: https://d2fe6z1n40nr0q.cloudfront.net/
Frame ID: 2B89E863A6ACDA3F31937F11F9467DB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Agari - Log In to Agari DMARC Protection

Page URL History Show full URLs

  1. https://bankofamerica.bp.agari.com/ HTTP 302
    https://bp.agari.com/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

16
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

806 kB
Transfer

3193 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bankofamerica.bp.agari.com/ HTTP 302
    https://bp.agari.com/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
bp.agari.com/account/
Redirect Chain
  • https://bankofamerica.bp.agari.com/
  • https://bp.agari.com/account/login
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/account/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
24b12045e73c7332f20856bc3303fdbe5e4695e8851e0913a450b2fd89e5f6a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2987
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 19:47:08 GMT
ETag
W/"24b12045e73c7332f20856bc3303fdbe-gzip"
Expires
Wed, 05 Jun 2024 19:47:08 GMT
Link
</assets/account/login-77482a5ef2c7ddc5083044a1b2d9b145b9816e72833e5475c3e4db489b1af050.js>; rel=preload; as=script; nopush,</assets/account/login-a83f10c1a4d4499e1b692609050cc8e35dfdb24c79a6e580db88a4955df522d2.css>; rel=preload; as=style; nopush,</assets/2/application-30e5ace03e70071efd3e9b6734df553e805b73b2e674bc6a83d77bf675de6ad0.css>; rel=preload; as=style; nopush,</assets/queue.v1-94b833e1c3dab3d720fda87f66217ae2cea71151c4bcfd01f19a0d48f1194844.js>; rel=preload; as=script; nopush,</assets/application-43ac5a53351637846bb55e0a21346d108a09e11d9482dba065c493187a1b22b7.js>; rel=preload; as=script; nopush,</assets/font-awesome-4.7.0/css/font-awesome-902e0929881607c22593d0e268ac5c6a1a6207a47aed95163d1e1a93654b804e.css>; rel=preload; as=style; nopush,</assets/sentry-aecb48134cfbaec2c6fe87d538a196e8ca7d67e8ca85c95fb68cb180d2517682.js>; rel=preload; as=script; nopush
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
a7bf711f-fbc2-4684-b062-eccf2b1ef4b5
X-Runtime
0.169784
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 19:47:08 GMT
Expires
Wed, 05 Jun 2024 19:47:08 GMT
Keep-Alive
timeout=5, max=100
Location
https://bp.agari.com/account/login
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
f9e3c46a-1291-4726-8e69-03aab7d0730f
X-Runtime
0.031061
X-XSS-Protection
1; mode=block
login-77482a5ef2c7ddc5083044a1b2d9b145b9816e72833e5475c3e4db489b1af050.js
bp.agari.com/assets/account/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/account/login-77482a5ef2c7ddc5083044a1b2d9b145b9816e72833e5475c3e4db489b1af050.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
77482a5ef2c7ddc5083044a1b2d9b145b9816e72833e5475c3e4db489b1af050
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
572
login-a83f10c1a4d4499e1b692609050cc8e35dfdb24c79a6e580db88a4955df522d2.css
bp.agari.com/assets/account/ 		926 B
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/account/login-a83f10c1a4d4499e1b692609050cc8e35dfdb24c79a6e580db88a4955df522d2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a83f10c1a4d4499e1b692609050cc8e35dfdb24c79a6e580db88a4955df522d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Content-Length
354
application-30e5ace03e70071efd3e9b6734df553e805b73b2e674bc6a83d77bf675de6ad0.css
bp.agari.com/assets/2/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/2/application-30e5ace03e70071efd3e9b6734df553e805b73b2e674bc6a83d77bf675de6ad0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
91d1ee0cec993f2f960227173b2bd1cac1a3c9e51f80f300f6ab6a9efe57d2da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Thu, 17 Aug 2023 17:20:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Content-Length
14720
queue.v1-94b833e1c3dab3d720fda87f66217ae2cea71151c4bcfd01f19a0d48f1194844.js
bp.agari.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/queue.v1-94b833e1c3dab3d720fda87f66217ae2cea71151c4bcfd01f19a0d48f1194844.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
94b833e1c3dab3d720fda87f66217ae2cea71151c4bcfd01f19a0d48f1194844
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
747
application-43ac5a53351637846bb55e0a21346d108a09e11d9482dba065c493187a1b22b7.js
bp.agari.com/assets/ 		3 MB
626 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/application-43ac5a53351637846bb55e0a21346d108a09e11d9482dba065c493187a1b22b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
43ac5a53351637846bb55e0a21346d108a09e11d9482dba065c493187a1b22b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Tue, 28 May 2024 21:21:10 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
641076
font-awesome-902e0929881607c22593d0e268ac5c6a1a6207a47aed95163d1e1a93654b804e.css
bp.agari.com/assets/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/font-awesome-4.7.0/css/font-awesome-902e0929881607c22593d0e268ac5c6a1a6207a47aed95163d1e1a93654b804e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
902e0929881607c22593d0e268ac5c6a1a6207a47aed95163d1e1a93654b804e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Content-Length
6950
sentry-aecb48134cfbaec2c6fe87d538a196e8ca7d67e8ca85c95fb68cb180d2517682.js
bp.agari.com/assets/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/sentry-aecb48134cfbaec2c6fe87d538a196e8ca7d67e8ca85c95fb68cb180d2517682.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
aecb48134cfbaec2c6fe87d538a196e8ca7d67e8ca85c95fb68cb180d2517682
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
17545
css2
fonts.googleapis.com/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: bp.agari.com
URL: https://bp.agari.com/assets/2/application-30e5ace03e70071efd3e9b6734df553e805b73b2e674bc6a83d77bf675de6ad0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6835634698fdeff45b71a40f11f581340c1cbc37323859b452eb292339c55860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 06 Jun 2024 19:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 19:47:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Jun 2024 19:47:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bp.agari.com
URL: https://bp.agari.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 18:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 06 Jun 2024 20:29:08 GMT
/
d2fe6z1n40nr0q.cloudfront.net/ Frame 2B89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2fe6z1n40nr0q.cloudfront.net/
Requested by
Host: bp.agari.com
URL: https://bp.agari.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:3e00:10:37ca:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bp.agari.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
662
content-type
text/html
date
Thu, 06 Jun 2024 19:47:14 GMT
etag
"291129b9b1628ae42a62ef94cb16ae9f"
last-modified
Wed, 16 Jun 2021 15:11:50 GMT
server
AmazonS3
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
x-amz-cf-id
rNt9aa6yGOfrE1lFhPg-3b-iaR2ae7vQZSW-vXyJL0Tmyp4Vu85KDQ==
x-amz-cf-pop
FRA56-P10
x-cache
RefreshHit from cloudfront
abp.logo-536b010d79a3b20816c46c162aa1e2d031379af535b6172cb698655bdd86621c.svg
bp.agari.com/assets/2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bp.agari.com/assets/2/abp.logo-536b010d79a3b20816c46c162aa1e2d031379af535b6172cb698655bdd86621c.svg
Requested by
Host: bp.agari.com
URL: https://bp.agari.com/account/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
536b010d79a3b20816c46c162aa1e2d031379af535b6172cb698655bdd86621c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Mar 2023 18:11:53 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
keep-alive
Content-Length
2474
collect
www.google-analytics.com/j/ 		15 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=53222109&t=pageview&_s=1&dl=https%3A%2F%2Fbp.agari.com%2Faccount%2Flogin&ul=de-de&de=UTF-8&dt=Agari%20-%20Log%20In%20to%20Agari%20DMARC%20Protection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1731938611&gjid=961129402&cid=499689955.1717703233&tid=UA-21317640-3&_gid=1888743208.1717703233&_r=1&_slc=1&z=1264925609
Requested by
Host: bp.agari.com
URL: https://bp.agari.com/assets/sentry-aecb48134cfbaec2c6fe87d538a196e8ca7d67e8ca85c95fb68cb180d2517682.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ca7001f360288c095f2c66653f5d732c703667d54b5b15cc0ec2660a65f71f3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://bp.agari.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 19:47:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bp.agari.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GYME8TK2GY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f3e46bd75250289b654715824880966e92007aa59e9728ff47257d738f5af27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 19:47:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93509
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 06 Jun 2024 19:47:13 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GYME8TK2GY&gtm=45je4630v9124685161za200&_p=1717703233035&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=499689955.1717703233&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbp.agari.com%2Faccount%2Flogin&dt=Agari%20-%20Log%20In%20to%20Agari%20DMARC%20Protection&sid=1717703233&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5805&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GYME8TK2GY&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 19:47:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bp.agari.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
agari-bde991a342f54f5ac35b4642755c5dda98094879722638aa0cb33dc0531ebf57.ico
bp.agari.com/assets/2/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bp.agari.com/assets/2/agari-bde991a342f54f5ac35b4642755c5dda98094879722638aa0cb33dc0531ebf57.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-160.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
bde991a342f54f5ac35b4642755c5dda98094879722638aa0cb33dc0531ebf57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://bp.agari.com/account/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 19:47:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Jun 2023 17:01:35 GMT
Server
Apache
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Content-Length
15406

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| queue object| DataTablesDefaults function| show_confirmation_dialog function| adjust_notification_container function| show_alert function| show_banner function| show_notification function| toggle_button_state function| applyErrorMessage function| clearErrorMessages function| doFormAction function| add_commas function| add_hidden_values_to_form function| encode_url_parameters object| Legend function| $ function| jQuery object| Routes object| Highcharts object| HighchartsAdapter function| moment object| Handlebars object| RSVP function| _ function| SimpleMDE function| marked function| FixedHeader function| provide object| Agari object| Expando object| HandlebarsTemplates object| AccountLogin string| gaHostKey object| gaEffectiveUser object| gaEffectiveOrg object| gaRealOrg string| GoogleAnalyticsObject function| ga object| Sentry object| __SENTRY__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

7 Cookies

Domain/Path Name / Value
bankofamerica.bp.agari.com/ Name: _hwksid
Value: 5df74b73a4e7bc026ec79f36aa564b35
bp.agari.com/ Name: _hwksid
Value: 3f31ee3a3976c5fc07cb511f2b6fe803
bp.agari.com/ Name: legend_state
Value: %5Bobject%20Object%5D
.agari.com/ Name: _ga
Value: GA1.2.499689955.1717703233
.agari.com/ Name: _gid
Value: GA1.2.1888743208.1717703233
.agari.com/ Name: _gat
Value: 1
.agari.com/ Name: _ga_GYME8TK2GY
Value: GS1.2.1717703233.1.0.1717703233.0.0.0

1 Console Messages

Source Level URL
Text
recommendation warning URL: https://bp.agari.com/account/login
Message:
[DOM] Found 2 elements with non-unique id #login_master: (More info: https://goo.gl/9p2vKq) %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block