trying-toclone.surge.sh Open in urlscan Pro
139.59.195.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trying-toclone.surge.sh/
Submission: On July 27 via api (July 27th 2023, 2:33:51 am UTC) from JP — Scanned from JP

Summary HTTP 96 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 96 HTTP transactions. The main IP is 139.59.195.30, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is trying-toclone.surge.sh.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 23rd 2023. Valid for: a year.

This is the only time trying-toclone.surge.sh was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	139.59.195.30 139.59.195.30	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
42	192.229.237.104 192.229.237.104	15133 (EDGECAST) (EDGECAST)
1	34.237.178.183 34.237.178.183	14618 (AMAZON-AES) (AMAZON-AES)
17	2600:9000:219... 2600:9000:2197:4a00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	171.161.116.200 171.161.116.200	10794 (BANKAMERICA) (BANKAMERICA)
8	63.140.50.250 63.140.50.250	16509 (AMAZON-02) (AMAZON-02)
1	3.114.107.150 3.114.107.150	16509 (AMAZON-02) (AMAZON-02)
1 3	54.144.151.173 54.144.151.173	14618 (AMAZON-AES) (AMAZON-AES)
1	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:208... 2600:9000:208e:6800:d:addc:2400:93a1	16509 (AMAZON-02) (AMAZON-02)
96	11

4 139.59.195.30 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

trying-toclone.surge.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 192.229.237.104 (United States)

ASN15133 (EDGECAST, US)

www1.bac-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.178.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-178-183.compute-1.amazonaws.com

content-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2197:4a00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 171.161.116.200 (United States)

ASN10794 (BANKAMERICA, US)

secure.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 63.140.50.250 (United States)

ASN16509 (AMAZON-02, US)

target.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.107.150 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-107-150.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.144.151.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-151-173.compute-1.amazonaws.com

sofa.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:208e:6800:d:addc:2400:93a1 (United States)

ASN16509 (AMAZON-02, US)

storage.glancecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	bac-assets.com www1.bac-assets.com — Cisco Umbrella Rank: 19293	950 KB
17	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1089	337 KB
13	bankofamerica.com 1 redirects secure.bankofamerica.com — Cisco Umbrella Rank: 13021 target.bankofamerica.com — Cisco Umbrella Rank: 17026 sofa.bankofamerica.com — Cisco Umbrella Rank: 11040 tilt.bankofamerica.com Failed www.bankofamerica.com Failed	6 KB
4	surge.sh trying-toclone.surge.sh	144 KB
2	glancecdn.net storage.glancecdn.net — Cisco Umbrella Rank: 8374	12 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 210	771 B
1	content-cdn.com content-cdn.com — Cisco Umbrella Rank: 443337	185 B
96	8

	Domain	Requested by
42	www1.bac-assets.com	trying-toclone.surge.sh www1.bac-assets.com
17	tags.tiqcdn.com	www1.bac-assets.com tags.tiqcdn.com
8	target.bankofamerica.com	www1.bac-assets.com
4	trying-toclone.surge.sh	trying-toclone.surge.sh www1.bac-assets.com
3	sofa.bankofamerica.com	1 redirects tags.tiqcdn.com
2	storage.glancecdn.net	tags.tiqcdn.com storage.glancecdn.net
2	secure.bankofamerica.com	www1.bac-assets.com tags.tiqcdn.com
1	www.google-analytics.com	tags.tiqcdn.com
1	dpm.demdex.net	tags.tiqcdn.com
1	content-cdn.com	trying-toclone.surge.sh
0	www.bankofamerica.com Failed	tags.tiqcdn.com
0	tilt.bankofamerica.com Failed	tags.tiqcdn.com
96	12

This site contains links to these domains. Also see Links.

Domain
secure.bankofamerica.com
www.sipc.org

Subject Issuer	Validity	Valid
*.surge.sh Sectigo RSA Domain Validation Secure Server CA	`2023-04-23` - `2024-05-18`	a year	crt.sh
www1.bac-assets.com Entrust Certification Authority - L1M	`2023-05-02` - `2024-05-14`	a year	crt.sh
content-cdn.com R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
secure.bankofamerica.com Entrust Certification Authority - L1M	`2023-05-02` - `2024-06-02`	a year	crt.sh
target.bankofamerica.com Entrust Certification Authority - L1M	`2023-01-11` - `2024-02-11`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
sofa.bankofamerica.com Entrust Certification Authority - L1M	`2022-10-18` - `2023-10-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.glancecdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://trying-toclone.surge.sh/
Frame ID: 19CE9657FC8D98471A805A330C96266F
Requests: 95 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America - Banking, Credit Cards, Loans and Merrill Investing

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

96
Requests

82 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1471 kB
Transfer

5812 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bankofamerica.com/login/sign-in/signOnV2Screen.go
Title: Login

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/apply-now-services/credit-cards/initialize-icai?requesttype=C&campaignid=4063883&productoffercode=A8&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta
Title: Unlimited 1.5% cash back on all purchasesUnlimited 1.5% cash back on all purchases >Unlimited 1.5% cash backon all purchases >

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: Member SIPC layer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://sofa.bankofamerica.com/eluminate?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta HTTP 302
https://sofa.bankofamerica.com/cm?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&cvdone=p

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
trying-toclone.surge.sh/ 563 KB
79 KB 494ms
94ms Document
text/html 139.59.195.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trying-toclone.surge.sh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.59.195.30 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Surge /
Resource Hash: 3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Age: 131818
Cache-Control: public, max-age=0, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 02:33:44 GMT
ETag: "3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d"
Response-Time: 17ms
Server: Surge
Surge-Cache: HIT
Surge-Stamp: 16637::1690289871463-f74b9ad4e9b0c344278f8e53d9fa260a
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 babel-polyfill.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/platform/ 96 KB
32 KB 33ms
7ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/platform/babel-polyfill.js

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72AF) /

Resource Hash

d29b4304625e55cffd5e646bebf9d589034ee99d546e1f70ea91ac21da47c955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUE73sUf-Ngc5BcWo_AAAAGM
x-cache: HIT
content-length: 32867
last-modified: Thu, 07 Sep 2017 20:52:52 GMT
server: ECS (tkb/72AF)
etag: "17e38-5589fa4d4b100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 7acfcf42.css
www1.bac-assets.com/homepage/spa-assets/bundles/ 598 KB
57 KB 36ms
9ms Stylesheet
text/css 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/7acfcf42.css

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731D) /

Resource Hash

795168b8ef4086f033c918f708b8e72f101ce2662cc7576843760f98454d479a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUJGL6H1gbIO844uvZAAAAPU
x-cache: HIT
content-length: 58435
last-modified: Fri, 02 Jun 2023 01:02:39 GMT
server: ECS (tkb/731D)
etag: "95796-5fd1b1bfdafee"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 require.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/ 25 KB
8 KB 31ms
4ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/730E) /

Resource Hash

3c07fca41c0264691556bb4551861209b63fb504abe71e829eff2ec75558c6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CURbSrJx__QNtE-Ii_wAAAF0
x-cache: HIT
content-length: 7899
last-modified: Thu, 07 Sep 2017 20:52:52 GMT
server: ECS (tkb/730E)
etag: "656b-5589fa4d4b100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H/1.1 200
OK auth.js Show response
trying-toclone.surge.sh/ 85 B
537 B 214ms
71ms Script
application/javascript 139.59.195.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trying-toclone.surge.sh/auth.js
Requested by: Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.59.195.30 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Surge /
Resource Hash: 0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:33:44 GMT
Surge-Stamp: 16562::1690289871463-4f8875817e3de03a532307a6235bf6fe
Server: Surge
Age: 131817
ETag: "0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Response-Time: 1ms
Cache-Control: public, max-age=0, must-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 85
Surge-Cache: HIT

GET
H2 200 assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
www1.bac-assets.com/homepage/spa-assets/images/ 3 KB
2 KB 6ms
5ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/733D) /

Resource Hash

7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUXQr-hrrAj4Cr02MaQAAACI
x-cache: HIT
content-length: 1604
last-modified: Fri, 15 Mar 2019 14:29:29 GMT
server: ECS (tkb/733D)
etag: "d90-58422ddd48440"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg
www1.bac-assets.com/homepage/spa-assets/images/ 36 KB
14 KB 9ms
9ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73ED) /

Resource Hash

ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUSPNu8hMhT2dQX4kuAAAAas
x-cache: HIT
content-length: 14111
last-modified: Fri, 18 May 2018 14:59:45 GMT
server: ECS (tkb/73ED)
etag: "90c6-56c7c33d69a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg
www1.bac-assets.com/homepage/spa-assets/images/ 587 B
428 B 5ms
4ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73C2) /

Resource Hash

46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUEhOsVcwykSt8VMG5AAAAYE
x-cache: HIT
content-length: 326
last-modified: Fri, 18 May 2018 14:59:45 GMT
server: ECS (tkb/73C2)
etag: "24b-56c7c33d69a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
www1.bac-assets.com/homepage/spa-assets/images/ 7 KB
3 KB 4ms
3ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/734F) /

Resource Hash

3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUGvKKh4hOruBwvcYnQAAACU
x-cache: HIT
content-length: 2916
last-modified: Fri, 18 May 2018 14:59:45 GMT
server: ECS (tkb/734F)
etag: "1c96-56c7c33d69a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg
www1.bac-assets.com/homepage/spa-assets/images/ 5 KB
2 KB 3ms
3ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/733F) /

Resource Hash

1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUAeb_qmqDhwkpvh0PgAAAj4
x-cache: HIT
content-length: 1841
last-modified: Fri, 18 May 2018 14:59:45 GMT
server: ECS (tkb/733F)
etag: "1381-56c7c33d69a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-calendar-CSXef62d939.svg
www1.bac-assets.com/homepage/spa-assets/images/ 1 KB
715 B 4ms
4ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/732E) /

Resource Hash

79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUSCiIwifAz-0dO2x2gAAAE4
x-cache: HIT
content-length: 590
last-modified: Thu, 05 Apr 2018 17:15:06 GMT
server: ECS (tkb/732E)
etag: "4a7-5691d14b61a80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg
www1.bac-assets.com/homepage/spa-assets/images/ 6 KB
2 KB 3ms
3ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7355) /

Resource Hash

2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUD96ODB0_2si3Fo_jwAAAPg
x-cache: HIT
content-length: 2243
last-modified: Wed, 19 Jun 2019 01:25:59 GMT
server: ECS (tkb/7355)
etag: "169f-58ba31c94d7c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-hp-assets-offers-consumer-merrill-en-rebrand-merrill-me_l1nav_ret_planning_3539686_e.webp
www1.bac-assets.com/homepage/spa-assets/images/ 614 B
779 B 3ms
3ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-offers-consumer-merrill-en-rebrand-merrill-me_l1nav_ret_planning_3539686_e.webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/732F) /

Resource Hash

8faba458d243f473199f2d36b2954c66bf34c3ba5dd22992cac7b0f650e09277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 00:04:27 GMT
server: ECS (tkb/732F)
age: 2364728
etag: "266-5c28f74189d86"
x-boa-requestid: ZJ3CUAGFJxGndlzAHCmHSgAAAFk
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 614
expires: Thu, 27 Jul 2023 02:33:45 GMT

GET
H2 200 assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png
www1.bac-assets.com/homepage/spa-assets/images/ 4 KB
4 KB 3ms
3ms Image
image/png 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/728F) /

Resource Hash

6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2017 16:09:25 GMT
server: ECS (tkb/728F)
age: 2364728
etag: "1006-55f85f12b7740"
x-boa-requestid: ZJ3CUZJ_okHwRV1coUedhgAAATw
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 4102
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-news-life-services-yni_sec_phone_4657392_e-CSX8c7d2691.webp
www1.bac-assets.com/homepage/spa-assets/images/ 88 KB
88 KB 3ms
3ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-life-services-yni_sec_phone_4657392_e-CSX8c7d2691.webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72A7) /

Resource Hash

03b74e5c453f3a747cc73007570f2dc4d68c4071eb60ddfd384ec2d4f265c8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 07 Apr 2023 00:07:36 GMT
server: ECS (tkb/72A7)
age: 2364728
etag: "15f92-5f8b3d003a0f3"
x-boa-requestid: ZJ3CUWBlUgVIM-uqCCPewQAAABc
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 90002
expires: Thu, 27 Jul 2023 02:33:45 GMT

GET
H2 200 assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
www1.bac-assets.com/homepage/spa-assets/images/ 7 KB
3 KB 5ms
4ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/734F) /

Resource Hash

3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUGvKKh4hOruBwvcYnQAAACU
x-cache: HIT
content-length: 2916
last-modified: Fri, 18 May 2018 14:59:45 GMT
server: ECS (tkb/734F)
etag: "1c96-56c7c33d69a40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-calendar-CSXef62d939.svg
www1.bac-assets.com/homepage/spa-assets/images/ 1 KB
655 B 5ms
5ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/732E) /

Resource Hash

79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364728
x-boa-requestid: ZJ3CUSCiIwifAz-0dO2x2gAAAE4
x-cache: HIT
content-length: 590
last-modified: Thu, 05 Apr 2018 17:15:06 GMT
server: ECS (tkb/732E)
etag: "4a7-5691d14b61a80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg
www1.bac-assets.com/homepage/spa-assets/images/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-colored-flagscape-v2-CSX4e4e3134.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7308) /

Resource Hash

3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364726
x-boa-requestid: ZJ3CUk1Ttzo7rM3gT-FOpAAAAhI
x-cache: HIT
content-length: 960
last-modified: Fri, 15 Mar 2019 14:29:29 GMT
server: ECS (tkb/7308)
etag: "83a-58422ddd48440"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-icons-arrow_right_blue-CSXbd9e506c.svg
www1.bac-assets.com/homepage/spa-assets/images/ 218 B
286 B 6ms
5ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-icons-arrow_right_blue-CSXbd9e506c.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7332) /

Resource Hash

c5347f46cf67c827170c2f9d4cb65b0cf467a0a2e38f679a078d317f289ed6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364724
x-boa-requestid: ZJ3CVII-w1Cr_ptr7KB-ugAAADY
x-cache: HIT
content-length: 185
last-modified: Thu, 07 Sep 2017 20:52:52 GMT
server: ECS (tkb/7332)
etag: "da-5589fa4d4b100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET cnx-regular.woff2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

GET cnx-light.woff2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/ 0
0

GET cnx-medium.woff2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET
H2 200 dWdnY2Y6Ly9nZWx2YXQtZ2JweWJhci5maGV0ci5mdS8=.gif
content-cdn.com/723/ 42 B
185 B 561ms
206ms Image
image/gif 34.237.178.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-cdn.com/723/dWdnY2Y6Ly9nZWx2YXQtZ2JweWJhci5maGV0ci5mdS8=.gif

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.237.178.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-178-183.compute-1.amazonaws.com

Software

envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 44
server: envoy
content-length: 42
vary: Origin
content-type: image/gif

GET cnx-regular.woff
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

GET cnx-medium.woff
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET cnx-light.woff
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/ 0
0

GET
H2 200 assets-images-site-homepage-news-new_erica-CSX703c053a.png
www1.bac-assets.com/homepage/spa-assets/images/ 64 KB
64 KB 14ms
13ms Image
image/png 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-new_erica-CSX703c053a.png

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7308) /

Resource Hash

a1c28de478a88c957daebdfe824082696a3be976edb099dbe9c60b8070d925e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 01:13:13 GMT
server: ECS (tkb/7308)
age: 2364784
etag: "100cc-5fda812b86b1a"
x-boa-requestid: ZJ3CGIRqdbOdl8qopWhXuAAAADY
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 65740
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
H2 200 assets-images-site-homepage-news-mb_yni_bb_3034668_1440-CSXe3b51fda.jpg
www1.bac-assets.com/homepage/spa-assets/images/ 10 KB
10 KB 16ms
16ms Image
image/jpeg 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-homepage-news-mb_yni_bb_3034668_1440-CSXe3b51fda.jpg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7371) /

Resource Hash

36d949908df2e6067788cfc71a6f8d26baf2ef9a93e6a91a8377cb26d2ea8f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 01:13:28 GMT
server: ECS (tkb/7371)
age: 2364726
etag: "2692-5a3eaf4c85e00"
x-boa-requestid: ZJ3CUnXChmRnFiNcNRryyAAAABA
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 9874
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ecb031ec1c13840c371b9369ce1b4374247e23b7281aa15d169847c21ac8969

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg
www1.bac-assets.com/homepage/spa-assets/images/ 380 B
394 B 16ms
16ms Image
image/svg+xml 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-global-logos-icon-ehl-white-CSX189e8f4c.svg

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/733E) /

Resource Hash

c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364727
x-boa-requestid: ZJ3CUl7sbZGnu2UH2ofB_wAAAeI
x-cache: HIT
content-length: 269
last-modified: Wed, 12 Aug 2020 01:04:20 GMT
server: ECS (tkb/733E)
etag: "17c-5aca3c488ebd8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:44 GMT

GET cnx-regular.ttf
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

GET cnx-medium.ttf
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET cnx-light.ttf
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/ 0
0

GET
H2 200 6960ce2f.js Show response
www1.bac-assets.com/homepage/spa-assets/bundles/ 634 KB
164 KB 21ms
20ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/6960ce2f.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73EB) /

Resource Hash

2220e146e94a06306037b8e38c436a79d1aceecd79174f296f75a2ed375e1b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364727
x-boa-requestid: ZJ3CUg7JG-mnYB0PPFJ33QAAAT0
x-cache: HIT
content-length: 167952
last-modified: Fri, 18 Feb 2022 18:38:17 GMT
server: ECS (tkb/73EB)
etag: "9e8e8-5d84f2fb3fae2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 e1d34f63.js Show response
www1.bac-assets.com/homepage/spa-assets/bundles/ 971 KB
94 KB 14ms
13ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/e1d34f63.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7307) /

Resource Hash

7eeb6691f26d27578017557d3fc243f6f5a93be41312b15bfa2764751ea4fa62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 526754
x-boa-requestid: ZLnN53ZjBi9XrELg91q3IQAAAOw
x-cache: HIT
content-length: 95509
last-modified: Fri, 21 Jul 2023 00:14:06 GMT
server: ECS (tkb/7307)
etag: "f2cae-600f4249583cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 10e4ad8.js Show response
www1.bac-assets.com/homepage/spa-assets/bundles/ 929 KB
196 KB 14ms
13ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7356) /

Resource Hash

5109f1a07c92c04715c345b4b2bac9124871ece7a0caa54ac3e89a65f02363ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 526755
x-boa-requestid: ZLnN59GUOkQgfXj7rqZdIwAAAkA
x-cache: HIT
content-length: 199987
last-modified: Fri, 21 Jul 2023 00:14:06 GMT
server: ECS (tkb/7356)
etag: "e8287-600f42496facd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 323 KB
63 KB 34ms
6ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Requested by: Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 160e9d01f19cdd364d51bfcdb61c0f201b924da774ecb3157a2c42bccaf394fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 0UoswXNQwbvmNUToWPFUVHgIAFGi6IXe
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:32:56 GMT
last-modified: Wed, 28 Jun 2023 01:10:32 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 157
x-amz-server-side-encryption: AES256
etag: W/"3a59d8bdc2b2122ea207b4ca2bb95d56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 1Do8IhO4qQHVJwAyGk2wXdBbFFFDGDeerNoxLec9f_Q5kIvYQrOx8Q==

GET
H2 200 fetch.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/fetch/2.0.3/js/ 10 KB
3 KB 3ms
2ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/fetch/2.0.3/js/fetch.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72B7) /

Resource Hash

3b84d92da91b81ba61b9ddd2628cebe507f673a75a1d6dc8679ec1eb1ed05dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364726
x-boa-requestid: ZJ3CUxbSrJx__QNtE-Ij7AAAAAs
x-cache: HIT
content-length: 2938
last-modified: Fri, 02 Nov 2018 15:37:22 GMT
server: ECS (tkb/72B7)
etag: "2633-579b04fb4b080"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 require-css.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require-css/0.1.8/js/ 3 KB
1 KB 3ms
2ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require-css/0.1.8/js/require-css.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7329) /

Resource Hash

067e3bbbda237b2efa938536e6731e61f6e50d013473ad15b19ba7a15c5e6192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364726
x-boa-requestid: ZJ3CUz96ODB0_2si3FpAYwAAAKQ
x-cache: HIT
content-length: 1134
last-modified: Thu, 07 Sep 2017 20:52:52 GMT
server: ECS (tkb/7329)
etag: "a8a-5589fa4d4b100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

OPTIONS
H/1.0 403
Forbidden iac
secure.bankofamerica.com/login/rest/sas/sparta/v2/ 0
0 1223ms
174ms Preflight 171.161.116.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1690425225103

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Oops /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

script-src 'self' boa-api.arkoselabs.com *.bac-assets.com cdn.cookielaw.org resources.digital-cloud.medallia.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com cdn.cookielaw.org *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: GET
Origin: https://trying-toclone.surge.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com cdn.cookielaw.org resources.digital-cloud.medallia.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com cdn.cookielaw.org *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Server: Oops
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Serviced-By: 0VkEPQ96y/9C8ZDokDq2Tw==--OSP6/Tdc2m5Na1dEB3KE/A==

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
515 B 154ms
9ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_BANNER&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=1

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: c1af6627-32a3-4da8-818e-c88003c72e8c
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
517 B 151ms
8ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_ENGAGEMENTBANNER&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=2

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: 945184d5-f20d-4ae5-8701-adac8bae331a
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
917 B 150ms
7ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_SUPHIGHLIGHT_01&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=3

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: 72003665-b206-443b-a129-72b292f160d2
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
515 B 151ms
9ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_SUPHIGHLIGHT_02&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=4

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: c4f1e12e-6da4-40f1-99ee-8811ce96e141
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
516 B 153ms
12ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_REGHIGHLIGHT_01&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=5

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: f64150ea-5d0b-41a4-8d07-95467bbb59c8
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
516 B 149ms
8ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_REGHIGHLIGHT_02&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=6

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: 5586e1af-d922-4ff6-a7a5-5082504aba97
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
516 B 149ms
9ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_REGHIGHLIGHT_03&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=7

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: e5c5c27a-8930-4b1f-b783-8871fcaf599c
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 json Show response
target.bankofamerica.com/m2/bankofamerica/mbox/ 150 B
516 B 148ms
8ms XHR
application/json 63.140.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://target.bankofamerica.com/m2/bankofamerica/mbox/json?screenHeight=1200&screenWidth=1600&colorDepth=24&browserWidth=1600&browserHeight=1200&browserTimeOffset=0&mboxPage=cc18e042f2a7427d8e115686efd66c0c&mboxVersion=1.8.0&mboxHost=trying-toclone.surge.sh&mboxURL=https%3A%2F%2Ftrying-toclone.surge.sh%2F&mboxReferrer=&mboxXDomain=enabled&mboxTime=1690425225231&profile.BA_0021=null&profile.BOA_0020=null&profile.BOA_HPR=null&profile.state=null&profile.tc_lang=en_US&mboxSession=066b2cd5-19f8-4763-a78b-8e9330491dfc&mbox=BOA_HOME_SIGNON_REGHIGHLIGHT_04&mboxPC=9b1fc3fd-ffb9-4501-b02a-f4881652843c&mboxCount=8

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/10e4ad8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.50.250 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
content-length: 150
x-xss-protection: 1; mode=block
x-request-id: ab1841dd-7d7c-4870-9680-e60878670e71
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://trying-toclone.surge.sh
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1 404
Not Found index.js
trying-toclone.surge.sh/spa/widgets/loader/5.1.2/ 0
0 221ms
77ms Script
text/html 139.59.195.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trying-toclone.surge.sh/spa/widgets/loader/5.1.2/index.js
Requested by: Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/bundles/e1d34f63.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.59.195.30 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Surge /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:33:45 GMT
Surge-Stamp: 16625::1690289871463
Server: Surge
ETag: W/"2037-Bpq88syl4OLNTwUiR08il4/lN+0"
Content-Type: text/html; charset=utf-8
Connection: close
Content-Length: 8247
Surge-Cache: HIT

GET messages.json
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-validation-framework/7.1.8/data/en/ 0
0

GET inputs.json
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-input-utility/12.1.1/data/en/ 0
0

GET iac
secure.bankofamerica.com/login/rest/sas/sparta/v2/ 0
0

GET
H2 200 helpers-checkbox.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-checkbox/1.0.1/js/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-checkbox/1.0.1/js/helpers-checkbox.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73EF) /

Resource Hash

edd7e2a8d2f83f2725eedf1d6481cd10fd2063725705acf50e2838fada39f1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVSCiIwifAz-0dO2y_AAAADM
x-cache: HIT
content-length: 898
last-modified: Fri, 07 Apr 2023 00:07:35 GMT
server: ECS (tkb/73EF)
etag: "8eb-5f8b3cff97f3d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-cinema.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-cinema/1.0.1/js/ 13 KB
3 KB 6ms
6ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-cinema/1.0.1/js/helpers-cinema.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7328) /

Resource Hash

bafa439596df3191b3b4be3fef9bcabe76a2d79d09001cbf74b60826f271af02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVIEKBaikPAFeQXVYKwAAAR0
x-cache: HIT
content-length: 3151
last-modified: Fri, 07 Apr 2023 00:07:27 GMT
server: ECS (tkb/7328)
etag: "3240-5f8b3cf815285"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-code.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-code/1.0.2/js/ 2 KB
904 B 6ms
6ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-code/1.0.2/js/helpers-code.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731D) /

Resource Hash

4e42e5e1c16042397c4afccbef53caf19d56b1b8b4f028ce8b57080d291f4619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVA7JG-mnYB0PPFJ4lwAAASw
x-cache: HIT
content-length: 778
last-modified: Fri, 07 Apr 2023 00:07:31 GMT
server: ECS (tkb/731D)
etag: "89f-5f8b3cfc1c2f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-data.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-data/1.0.3/js/ 2 KB
1 KB 6ms
5ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-data/1.0.3/js/helpers-data.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72B6) /

Resource Hash

8982a9fa114fd1336cb194e4cce9f47059c585f5dc2298cabb922776f836635e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364782
x-boa-requestid: ZJ3CG4RqdbOdl8qopWhYJAAAABM
x-cache: HIT
content-length: 900
last-modified: Fri, 02 Jun 2023 01:02:42 GMT
server: ECS (tkb/72B6)
etag: "894-5fd1b1c2adac1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-datepicker.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-datepicker/1.2.5/js/ 3 KB
1 KB 5ms
5ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-datepicker/1.2.5/js/helpers-datepicker.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/732C) /

Resource Hash

0b83a28e06c9aa193ec27dac80868a0ebd054e04164092ea43542631359a1f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364782
x-boa-requestid: ZJ3CG4RO2WdfSTGH1WfQmAAAALE
x-cache: HIT
content-length: 1264
last-modified: Fri, 02 Jun 2023 01:02:40 GMT
server: ECS (tkb/732C)
etag: "ddc-5fd1b1c0d8acc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-layout-support.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-layout-support/1.0.3/js/ 1 KB
714 B 6ms
5ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-layout-support/1.0.3/js/helpers-layout-support.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731D) /

Resource Hash

266771e6531cdba796b2d66ec19d4d9b8d85b601ea5fdef779497861d346ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVGvKKh4hOruBwvcZcwAAAEM
x-cache: HIT
content-length: 602
last-modified: Fri, 07 Apr 2023 00:07:32 GMT
server: ECS (tkb/731D)
etag: "4c2-5f8b3cfc2b138"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-meta.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-meta/1.6.6/js/ 6 KB
2 KB 6ms
5ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-meta/1.6.6/js/helpers-meta.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73C2) /

Resource Hash

617542aa86e2f4d352ab1f81ba650e2beed3e81772d57979dd36850c45cafc9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVFTgJud5Z5ZSDjHU6AAAAkM
x-cache: HIT
content-length: 1966
last-modified: Fri, 07 Apr 2023 00:07:32 GMT
server: ECS (tkb/73C2)
etag: "168d-5f8b3cfc2d854"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 83 B
771 B 64ms
5ms XHR
application/json 3.114.107.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.107.150 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-107-150.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v047-03c1c9aa7.edge-tyo3.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: RFnyGSQiQdk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://trying-toclone.surge.sh
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
X-Error: 198
Connection: keep-alive
Content-Length: 104
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 prod-_-homepage-content-personal-homepage_personal.js Show response
tags.tiqcdn.com/dle/bofa/main/ 3 B
422 B 613ms
613ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/dle/bofa/main/prod-_-homepage-content-personal-homepage_personal.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: nLbQyMlglyGoXodCndLd0t6DmRceuaJH
date: Thu, 27 Jul 2023 02:27:40 GMT
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 22:20:41 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 526
x-amz-server-side-encryption: AES256
etag: "b519d08ef66fd54910edbedba6181ec2"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3
x-amz-cf-id: aLjhR-ctKZw6Et0vysYxA3xp_zbZ5NAOx2rd5NRuX0s0Rqwxp1MiTw==

GET
H2 200 helpers-radio-button.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-radio-button/1.0.2/js/ 2 KB
1 KB 5ms
3ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-radio-button/1.0.2/js/helpers-radio-button.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7340) /

Resource Hash

3ec3575b230d4869d4f49af8a004ce904ca5affd1f0c8845b181d71252555de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVCPNu8hMhT2dQX4lGgAAAdw
x-cache: HIT
content-length: 948
last-modified: Fri, 07 Apr 2023 00:07:35 GMT
server: ECS (tkb/7340)
etag: "9c7-5f8b3cffae2b2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-select.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-select/1.0.2/js/ 2 KB
1 KB 6ms
3ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-select/1.0.2/js/helpers-select.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73A1) /

Resource Hash

e52ca681723760e1bfce385c3062de578d4b54fa5ee35e6ac8111f62ae1d8e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVYRO2WdfSTGH1WficAAAALg
x-cache: HIT
content-length: 1006
last-modified: Fri, 07 Apr 2023 00:07:35 GMT
server: ECS (tkb/73A1)
etag: "9de-5f8b3cffb0da3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-sparta.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-sparta/1.3.2/js/ 11 KB
4 KB 5ms
3ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-sparta/1.3.2/js/helpers-sparta.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/73EC) /

Resource Hash

1b2d37bdb4763de9bfd09c1beba8094ebd8c279217fd53fd4c0c46a0cddde20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVKj5oBPC2AxPVGQwpgAAAMw
x-cache: HIT
content-length: 3576
last-modified: Fri, 18 Feb 2022 18:38:19 GMT
server: ECS (tkb/73EC)
etag: "2a7b-5d84f2fcb2c68"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-strings.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-strings/1.0.2/js/ 3 KB
1 KB 6ms
4ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-strings/1.0.2/js/helpers-strings.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731E) /

Resource Hash

8e916331d255ed6d9cd24219cf174a37017bcab5a4e0a2075b12d10ed5900bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVEhOsVcwykSt8VMHXAAAAbc
x-cache: HIT
content-length: 1220
last-modified: Fri, 07 Apr 2023 00:07:32 GMT
server: ECS (tkb/731E)
etag: "de2-5f8b3cfc38814"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-textarea.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-textarea/1.0.1/js/ 2 KB
819 B 6ms
5ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-textarea/1.0.1/js/helpers-textarea.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731C) /

Resource Hash

41ae20824dac7d255b8aab267088c1f03401d595b9087937e9e97532eb1b6ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVbKeMBpp9CgaUAcgfQAAAS4
x-cache: HIT
content-length: 717
last-modified: Fri, 07 Apr 2023 00:07:35 GMT
server: ECS (tkb/731C)
etag: "6c2-5f8b3cffbb1b1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 helpers-text-inputs.js Show response
www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-text-inputs/1.0.1/js/ 20 KB
1 KB 6ms
4ms Script
application/x-javascript 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.bac-assets.com/homepage/spa-assets/components/utilities/helpers/helpers-text-inputs/1.0.1/js/helpers-text-inputs.js

Requested by

Host: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/731E) /

Resource Hash

4c9f09c0ebee4ae08188653bb751e8753bff69fc3ea6741a4bf2f5031ab22f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2364725
x-boa-requestid: ZJ3CVCCiIwifAz-0dO2y6gAAADI
x-cache: HIT
content-length: 1292
last-modified: Fri, 07 Apr 2023 00:07:35 GMT
server: ECS (tkb/731E)
etag: "4eca-5f8b3cffb8aa9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 26 Jul 2024 02:33:45 GMT

GET
H2 200 utag.21.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 15 KB
4 KB 6ms
5ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.21.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 614225918e60a9c04c9d7d0dff37813381afa9913e7f861514c968be5de4f760

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: QF3k1I7Kb90zbjx2UBEHImrKIu_9NDTT
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:27 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"bd038ced57c150be187186f7ccea7a4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: _sqngjjB9Mtku7Dp-0uOsxereZRUJM_wKL6Kpb36LtxRN-WhUhGhaQ==

GET
H2 200 utag.35.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 50 KB
16 KB 10ms
10ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.35.js?utv=ut4.48.202205202119
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0d53580b0d429e4f30c9a8a9ae2b09a5efcf753e018290561779f31864426ec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 5kjgHKe4jgwmvoXRSazAH02YZ5b0luRK
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"8c4e1a6acd1c21d76523cc7ba02935a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ACXYixs7IIAU9Qaz9Mc6IGJxAXAb790lYKOzk6Up6KAOTbzODbDNJA==

GET
H2 200 utag.36.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 25 KB
6 KB 3ms
3ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.36.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8f12b1def84e2b1b6c441bf56616c062bfb8adae01d80d5c10c900bd8882aca

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: H7LJdnBJfI3QOQ2yX4vXv8ohkTM.5ZO_
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:29:43 GMT
last-modified: Wed, 28 Jun 2023 01:10:30 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 243
x-amz-server-side-encryption: AES256
etag: W/"debe5a9a33950bee9fb4dc0b5ee0b2ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: i26U4s0KmbZfAGcb5dPwylyfQHPDaQSXbEilBCRCXh5l8cfN2XhHPQ==

GET
H2 200 utag.37.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 8 KB
3 KB 5ms
3ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.37.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc14617f6c782a30eaf57c00f5fb40c23b414ccfa5154a82b4b22acd32b177a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: iY0WWkNaZY6xH4qR3ewFJrg5J246mAtL
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:30 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"cc24e4153ca2711da1ac68d52088ce6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nkAA3pkkaYoL9bmucuSwVeeo9omdX-oi2vBPYAfSrZuIezQZkiX5uw==

GET
H2 200 utag.42.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 17 KB
5 KB 8ms
6ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.42.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df00020ab28dd722a62490611810ac5d56883dc6bc854220a7b5b93674d347d8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: kFpJlaq4G6CW6ngy11xRFbOpNioE25YL
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:30 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"44d1a868c17354fc438ff3ed4ee7b371"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: o_2cpa3fIUkYlgNO-I9eibgGrXe5DpWR1QzDGsNRiwv6in3NzdFbtA==

GET
H2 200 utag.48.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 11 KB
4 KB 7ms
5ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.48.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff969c512f174391037456841f4f82ed889d67305e029070646d0f098edb2cf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: gLf44FIo48lxt_2IDWm5gnRRUX5i4UT.
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:29:43 GMT
last-modified: Wed, 28 Jun 2023 01:10:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 243
x-amz-server-side-encryption: AES256
etag: W/"ff5660f7bc4bfbdcf9f665c24742f94f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nT5hTlMJ2LLqjLjpwYAt_Yn1KXjkpYYr7eRykea28yOs6iLibb237A==

GET
H2 200 utag.55.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 32 KB
8 KB 9ms
8ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.55.js?utv=ut4.48.202306232200
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 247fc553a392ab1a98f83692c82654875c1d6b66e1027e5ac81cba18ab649de4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: kQg9zvV3ftQ4i49ZrW_3CApHvkVjsIZm
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"0c64bb600f8cc3ded60d165b13407cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: rARX8LI0UnlAax_ju41IwlpBpAQWn6Tgwts0IKmRjzeNG4-alyktyg==

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 8 KB
3 KB 11ms
9ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.72.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c6d6e64fc6884fe14b8010a1e5fe816f9977549ccf0a60b7ed4488a453b8d07

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: TRkUMva04C2OajpKr_h4kmmfZEBhKCqB
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:26 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"94a5bd178b0a746e51b1dc078afc6d62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: bQAK5n6B6q5_HRrkfIL-R2jWUOfg1s73KyAQ-a_QN9qUZd_ktw9mUA==

GET
H2 200 utag.76.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 119 KB
44 KB 11ms
10ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202306232200
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47731f946adcecd7c14a0f00fbbb0ec75a273cfe7d5834f23e081d7b2a0bfe0e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 97obQ0Pl4nC6y_seohAYXBKLJvYb.ZoS
content-encoding: gzip
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"39b4f568784b3664a5f748cf41f39c9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: jbCDXpgmcu8ncYjwMYZEQVe-NnSa_JYkLEhacV16ZDNuflIfUvYgag==

GET
H2 200 utag.85.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 8 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.85.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3c462ad40bdcdc58d4f80568746c5342b2fb43952628987a7215604d2ef5002

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: cJiaONToRi2Cw2LFyz9CTKQbBIdk04pm
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:29:43 GMT
last-modified: Wed, 28 Jun 2023 01:10:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 243
x-amz-server-side-encryption: AES256
etag: W/"8d20893d843ddb42fdbda1ef79cbf692"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: KIqACdHEJtB1TEx7UunuGae-VCn7aE4c09eQgibFTOgRm6xGtmjYsQ==

GET
H2 200 utag.62.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 285 KB
55 KB 9ms
8ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.62.js?utv=ut4.48.202306232200
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83353333e755ece01dc1391c2bc3449f0ca3bace14732a2b2a7d92a3d0a98d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: QmWeUbfDdALsrQqhp9l76kfVlTUc.r23
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:30 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"afef6120ffca5d7f02f71aff1754aecd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: DyVEvDGMMEKna4UlTEbIsTuCJicRKsZehNVBS0GYvjmVrS3EntJvHA==

GET
H2 200 utag.102.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 9 KB
3 KB 11ms
10ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.102.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b699586f05987dbdf521fe8c1c0b410315f1d1c74eb95d4e3d66870fb13224d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 4kbgoWULLyABpn3hzxwapDS0EiUP.Rni
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:31 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"ec188f6e5698bf640e441ac0d21ad7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Cf2vnVxhUResogLMe7i8a-tan93R0a7us01WLcM9yvh7LDhgfDqWJA==

GET
H2 200 utag.108.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 10 KB
4 KB 12ms
11ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202305192332
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e03b58785d42debe3e7eca34a6ca6edddc41a3936d8e85b634c9c3202d98004

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: hmWaJQ.KtMppBhcihkvRm9_vFtaP0zJx
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:33:45 GMT
last-modified: Wed, 28 Jun 2023 01:10:31 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"9428d4c87535b2a8a7d2443d802ac9f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 3kFc40oqV7pQZQj0BuKvXJPVulpIVrlx22nwBy-FKqVSutMD8OEvkA==

GET
H2 200 assets-images-site-hp-assets-mastheads-consumer-cards-en-3-card-bofa_cshsigcm_v[1].webp
www1.bac-assets.com/homepage/spa-assets/images/ 57 KB
57 KB 8ms
8ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-3-card-bofa_cshsigcm_v[1].webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7372) /

Resource Hash

7482d7f682c9d437dd92be5ed45a8aba328307a004c4663818830dc9d5e53a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21 Jan 2022 01:18:24 GMT
server: ECS (tkb/7372)
age: 2364725
etag: "e2ec-5d60d65309411"
x-boa-requestid: ZJ3CVFO1S6NYrl5cNxSFtQAAAHY
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 58092
expires: Thu, 27 Jul 2023 02:33:46 GMT

GET
H2 200 assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-bofa_cshsigcm_v_sky.webp
www1.bac-assets.com/homepage/spa-assets/images/ 48 KB
48 KB 9ms
9ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-bofa_cshsigcm_v_sky.webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/732B) /

Resource Hash

0aecaec2ef92e6c40c4ba289e5876fc5c5df76273e6367096708db636f469857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 28 Jan 2022 01:21:30 GMT
server: ECS (tkb/732B)
age: 2364725
etag: "bf74-5d69a412e2419"
x-boa-requestid: ZJ3CVKj5oBPC2AxPVGQwqAAAAIM
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 49012
expires: Thu, 27 Jul 2023 02:33:46 GMT

GET
H2 200 assets-images-site-hp-assets-mastheads-consumer-cards-en-3-card-bofa_trvsigcm_v.webp
www1.bac-assets.com/homepage/spa-assets/images/ 53 KB
54 KB 11ms
11ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-3-card-bofa_trvsigcm_v.webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/7330) /

Resource Hash

d99297a2c08910067c3ecd881526dda352c485a42169a8c7abfc08949f235bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21 Jan 2022 01:18:46 GMT
server: ECS (tkb/7330)
age: 2364724
etag: "d53a-5d60d668b0d38"
x-boa-requestid: ZJ3CVWBlUgVIM-uqCCPfyQAAAH0
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 54586
expires: Thu, 27 Jul 2023 02:33:46 GMT

GET
H2 200 assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-bofa_nrwcm_mc_300x188.webp
www1.bac-assets.com/homepage/spa-assets/images/ 21 KB
21 KB 11ms
10ms Image
application/octet-stream 192.229.237.104
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-bofa_nrwcm_mc_300x188.webp

Requested by

Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.237.104 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (tkb/72B3) /

Resource Hash

4e5cc2b0c797452d656810a1ed055ccfe2109af186594cd3d78fb1737dd3e4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 02:33:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 00:29:55 GMT
server: ECS (tkb/72B3)
age: 2364724
etag: "540e-5ddc0244aed4b"
x-boa-requestid: ZJ3CVYRO2WdfSTGH1WfiggAAAL0
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/octet-stream
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 21518
expires: Thu, 27 Jul 2023 02:33:46 GMT

GET
H/1.1 200
OK /
trying-toclone.surge.sh/ 64 KB
64 KB 246ms
87ms Image
text/html 139.59.195.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trying-toclone.surge.sh/
Requested by: Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.59.195.30 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Surge /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 02:33:45 GMT
Content-Encoding: gzip
Surge-Stamp: 16637::1690289871463-f74b9ad4e9b0c344278f8e53d9fa260a
Server: Surge
Age: 131819
ETag: "3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Response-Time: 12ms
Cache-Control: public, max-age=0, must-revalidate
Connection: close
Accept-Ranges: bytes
Surge-Cache: HIT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 3ms
3ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bofa/main/202306280109&cb=1690425225503
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 27 Jul 2023 02:27:56 GMT
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C1
age: 350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 0btgs4kZvD7CKKtSbuLUS2Mp-Q70vAioRLSg9KRQsd_cyEfw1ccHzw==

GET
H/1.1 200
OK cookie-id.js Show response
sofa.bankofamerica.com/ 65 B
315 B 1979ms
167ms Script
application/x-javascript 54.144.151.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sofa.bankofamerica.com/cookie-id.js?fn=saveCMCookieToDDO
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.37.js?utv=ut4.48.202305192332
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.151.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-151-173.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 51f380e4abbdf4b680c54f673835d4dd976e5355955a71f3b12191dbff588a82

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Date: Thu, 27 Jul 2023 02:33:47 GMT
Server: Apache
Connection: close
Content-Length: 65
Vary: Host
Content-Type: application/x-javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 169ms
37ms Script
text/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202306232200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 00:46:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6411
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 27 Jul 2023 02:46:55 GMT

GET
H2 200 utag.119.js Show response
tags.tiqcdn.com/utag/bofa/main/prod/ 430 KB
116 KB 27ms
14ms Script
application/javascript 2600:9000:2197:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.119.js?utv=ut4.48.202306280110
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.85.js?utv=ut4.48.202305192332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8335ed4b9a0f56c11ff5ce6300a8a71f6c01abab2b736fa133cb1229557e3b7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: C.EQSzxQ_YoxNm1lbMhjmNoltMGl0Soy
content-encoding: br
via: 1.1 2ceddf204c01dd5fa5f2bb5a77f8beca.cloudfront.net (CloudFront)
date: Thu, 27 Jul 2023 02:29:43 GMT
last-modified: Wed, 28 Jun 2023 01:10:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 244
x-amz-server-side-encryption: AES256
etag: W/"7800585886cf6c3cb2e21d98fc668722"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: cbWRx_E2XYxcFlOpMzR2cRohuFrty0jvxut0T01wYezGNqX-qL3Ehw==

POST session.json
tilt.bankofamerica.com/9671/js/events/v10/ 0
0

GET
H2 200 GlanceCobrowseLoader_5.8.30M.js Show response
storage.glancecdn.net/cobrowse/js/ 12 KB
5 KB 116ms
21ms Script
application/javascript 2600:9000:208e:6800:d:addc:2400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.30M.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202305192332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208e:6800:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef33c805b06baeb5996a963c4d901048e8f3806bfac65a19098500d94f6b040c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 00:08:17 GMT
x-amz-version-id: m21lCl1d69l1yQZEbiAZhRRcS82iGuZw
content-encoding: br
via: 1.1 81e6603eeed88466b469910f8d6dc13e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C3
age: 14178329
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 11 Jan 2023 20:01:40 GMT
server: AmazonS3
etag: W/"0714a33f2566639bfbeea86636ed5eee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-id: BWQl1dNKDInNW2ezUsgc6uQDZsI_OCB4C0eZhIFS8f6m77FjDIhJ0A==

OPTIONS
H/1.0 403
Forbidden log
secure.bankofamerica.com/login/rest/sas/sparta/ui/event/ 0
0 173ms
173ms Preflight 171.161.116.200
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bankofamerica.com/login/rest/sas/sparta/ui/event/log

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

Oops /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://trying-toclone.surge.sh
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: script-src 'self' boa-api.arkoselabs.com *.bac-assets.com cdn.cookielaw.org resources.digital-cloud.medallia.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com cdn.cookielaw.org *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:;
Server: Oops
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Serviced-By: 0VkEPQ96y/9C8ZDokDq2Tw==--OSP6/Tdc2m5Na1dEB3KE/A==

POST log
secure.bankofamerica.com/login/rest/sas/sparta/ui/event/ 0
0

GET
BLOB 200
OK cbd01337-d2e5-4a82-bdfb-d82146169099
https://trying-toclone.surge.sh/ 75 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trying-toclone.surge.sh/cbd01337-d2e5-4a82-bdfb-d82146169099
Requested by: Host: trying-toclone.surge.sh
URL: https://trying-toclone.surge.sh/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 75
Content-Type: application/javascript

GET
H/1.1

200
OK

cm
sofa.bankofamerica.com/
Redirect Chain

https://sofa.bankofamerica.com/eluminate?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonu...
https://sofa.bankofamerica.com/cm?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Updat...

43 B
620 B

674ms
169ms

Image
image/gif

54.144.151.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofa.bankofamerica.com/cm?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&cvdone=p
Protocol: HTTP/1.1
Server: 54.144.151.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-151-173.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jul 2023 02:33:49 GMT
Server: Apache
Vary: Host
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Connection: close
Content-Length: 43
Expires: Wed, 26 Jul 2023 02:33:49 GMT

Redirect headers

Location: /cm?ci=90010394&st=1690425225482&vn1=4.2.7.1BOA&ec=utf-8&ul=https%3A//trying-toclone.surge.sh&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&tid=9&cm_sp=Cons-CC-_-CC007-Sky-_-CCA1HZ9Z02_Hero_NH_Card_Big_Bonus_Update_APR23_CMSDefault_MH_product2Cta&cvdone=p
Date: Thu, 27 Jul 2023 02:33:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Vary: Host
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"

GET cls_report
www.bankofamerica.com/spa/widgets/ 0
0

GET
H2 200 GlancePresenceVisitor_5.8.30M.js Show response
storage.glancecdn.net/cobrowse/js/ 18 KB
7 KB 4ms
4ms Script
application/javascript 2600:9000:208e:6800:d:addc:2400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_5.8.30M.js
Requested by: Host: storage.glancecdn.net
URL: https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.8.30M.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208e:6800:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7f059d05d7edfb517dbe739f102ca9066f7a40dc76ee9ed4bed55183f8bf0cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trying-toclone.surge.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 00:05:25 GMT
x-amz-version-id: CBFKXH6uw_4cDFTt9UXM5a_2E1XoV4d9
content-encoding: gzip
via: 1.1 81e6603eeed88466b469910f8d6dc13e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C3
age: 4501704
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 11 Jan 2023 20:01:41 GMT
server: AmazonS3
etag: W/"7da96f73a9c9914a2b70f6527b901c9c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-id: nczrJ8IYBOAMzXY6R8usl_pXspHTIBdlRywpL4xx1l1O0sVfu-_L3g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff2

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.ttf

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-validation-framework/7.1.8/data/en/messages.json

Domain: www1.bac-assets.com
URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-input-utility/12.1.1/data/en/inputs.json

Domain: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1690425225103

Domain: tilt.bankofamerica.com
URL: https://tilt.bankofamerica.com/9671/js/events/v10/session.json

Domain: secure.bankofamerica.com
URL: https://secure.bankofamerica.com/login/rest/sas/sparta/ui/event/log

Domain: www.bankofamerica.com
URL: https://www.bankofamerica.com/spa/widgets/cls_report?_cls_s=d9355d3f-1d9c-4136-bc4b-3deb668f555a%3A0&_cls_v=f471e8c1-3f90-456b-b18b-a5dc9a4e5aa4&pv=2&f_cls_s=true

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surge.sh/	1970-01-20 22:19:21	Name: bactm_lts Value: %7B%22adobeMID%22%3A%7B%22errors%22%3A%5B%7B%22code%22%3A198%2C%22msg%22%3A%22Requests%20from%20this%20country%20are%20blocked%20by%20partner%22%7D%5D%7D%7D
.surge.sh/	1970-01-20 22:19:21	Name: utag_main Value: v_id:01899531f085000fc24e1497bbc103074002006c00b08$_sn:1$_se:1$_ss:1$_st:1690427025354$ses_id:1690425225354%3Bexp-session$_pn:1%3Bexp-session
.surge.sh/	1969-12-31 23:59:59	Name: celebrussession Value: _16904252260490.ce612b2091ef79c15a762bbe6a6bc951_9671
.surge.sh/	1970-01-20 23:09:45	Name: _cls_v Value: f471e8c1-3f90-456b-b18b-a5dc9a4e5aa4
.surge.sh/	1969-12-31 23:59:59	Name: _cls_s Value: d9355d3f-1d9c-4136-bc4b-3deb668f555a:0
sofa.bankofamerica.com/	1970-01-20 23:09:45	Name: CoreID6 Value: 83171690425228043860444
sofa.bankofamerica.com/	1969-12-31 23:59:59	Name: TestSess3 Value: 83171690425228043860444
sofa.bankofamerica.com/	1969-12-31 23:59:59	Name: 90010394_login Value: 1690425229095607471390010394
sofa.bankofamerica.com/	1969-12-31 23:59:59	Name: 90010394_reset Value: 1690425229

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9314) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9314) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9314) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff2' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9402) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9402) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/(Line 9402) Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.ttf' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-light/cnx-light.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to font at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-validation-framework/7.1.8/data/en/messages.json' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-validation-framework/7.1.8/data/en/messages.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-input-utility/12.1.1/data/en/inputs.json' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-input-utility/12.1.1/data/en/inputs.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://trying-toclone.surge.sh/spa/widgets/loader/5.1.2/index.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1690425225103' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1690425225103 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://secure.bankofamerica.com/login/rest/sas/sparta/ui/event/log' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure.bankofamerica.com/login/rest/sas/sparta/ui/event/log Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://tilt.bankofamerica.com/9671/js/events/v10/session.json' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tilt.bankofamerica.com/9671/js/events/v10/session.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://trying-toclone.surge.sh/ Message: Access to XMLHttpRequest at 'https://www.bankofamerica.com/spa/widgets/cls_report?_cls_s=d9355d3f-1d9c-4136-bc4b-3deb668f555a%3A0&_cls_v=f471e8c1-3f90-456b-b18b-a5dc9a4e5aa4&pv=2&f_cls_s=true' from origin 'https://trying-toclone.surge.sh' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.bankofamerica.com/spa/widgets/cls_report?_cls_s=d9355d3f-1d9c-4136-bc4b-3deb668f555a%3A0&_cls_v=f471e8c1-3f90-456b-b18b-a5dc9a4e5aa4&pv=2&f_cls_s=true Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content-cdn.com
dpm.demdex.net
secure.bankofamerica.com
sofa.bankofamerica.com
storage.glancecdn.net
tags.tiqcdn.com
target.bankofamerica.com
tilt.bankofamerica.com
trying-toclone.surge.sh
www.bankofamerica.com
www.google-analytics.com
www1.bac-assets.com
secure.bankofamerica.com
tilt.bankofamerica.com
www.bankofamerica.com
www1.bac-assets.com
139.59.195.30
171.161.116.200
192.229.237.104
2404:6800:400a:80e::200e
2600:9000:208e:6800:d:addc:2400:93a1
2600:9000:2197:4a00:7:2bfb:7c00:93a1
3.114.107.150
34.237.178.183
54.144.151.173
63.140.50.250
03b74e5c453f3a747cc73007570f2dc4d68c4071eb60ddfd384ec2d4f265c8e0
067e3bbbda237b2efa938536e6731e61f6e50d013473ad15b19ba7a15c5e6192
0ae2de68bda2fa22f32b9350b95ff62c402b43b18d2989be707f3e52e4c07f3b
0aecaec2ef92e6c40c4ba289e5876fc5c5df76273e6367096708db636f469857
0b83a28e06c9aa193ec27dac80868a0ebd054e04164092ea43542631359a1f20
0e03b58785d42debe3e7eca34a6ca6edddc41a3936d8e85b634c9c3202d98004
0ecb031ec1c13840c371b9369ce1b4374247e23b7281aa15d169847c21ac8969
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
160e9d01f19cdd364d51bfcdb61c0f201b924da774ecb3157a2c42bccaf394fd
1b2d37bdb4763de9bfd09c1beba8094ebd8c279217fd53fd4c0c46a0cddde20a
1fb7690d7f2b1b600dbea5fbfce96198cae49ad0009fee412d96bc462a27eea9
1ff969c512f174391037456841f4f82ed889d67305e029070646d0f098edb2cf
2220e146e94a06306037b8e38c436a79d1aceecd79174f296f75a2ed375e1b7d
247fc553a392ab1a98f83692c82654875c1d6b66e1027e5ac81cba18ab649de4
266771e6531cdba796b2d66ec19d4d9b8d85b601ea5fdef779497861d346ad91
2d9705dc449a9757f9b36ace6d7479eabcf2a90b210b400d49f7f8e7e4837d2e
36d949908df2e6067788cfc71a6f8d26baf2ef9a93e6a91a8377cb26d2ea8f6b
3b84d92da91b81ba61b9ddd2628cebe507f673a75a1d6dc8679ec1eb1ed05dd4
3c07fca41c0264691556bb4551861209b63fb504abe71e829eff2ec75558c6d2
3c5226fd06e36fbd81095b575f04a9d154182bb975e2f0633ebf9ea44a62e543
3cea3b95b828471bea7705e1a7221843df5ce3d399438d64b4f927d11fdcc47d
3ec3575b230d4869d4f49af8a004ce904ca5affd1f0c8845b181d71252555de9
3f1ea5c409c0d00088df9790fa7698929b4b8d242ec4372ab83fa8c3b969c692
41ae20824dac7d255b8aab267088c1f03401d595b9087937e9e97532eb1b6ed2
46344c37451bf1505050f5ca9096e1d16686172250401bb04558f13eb5bb04f8
47731f946adcecd7c14a0f00fbbb0ec75a273cfe7d5834f23e081d7b2a0bfe0e
4b699586f05987dbdf521fe8c1c0b410315f1d1c74eb95d4e3d66870fb13224d
4c9f09c0ebee4ae08188653bb751e8753bff69fc3ea6741a4bf2f5031ab22f1a
4caed94f9975debb1a1ee2ff2e68395802a18a4cf3f3be7ae057f1b97b2c87ff
4e42e5e1c16042397c4afccbef53caf19d56b1b8b4f028ce8b57080d291f4619
4e5cc2b0c797452d656810a1ed055ccfe2109af186594cd3d78fb1737dd3e4a3
5109f1a07c92c04715c345b4b2bac9124871ece7a0caa54ac3e89a65f02363ee
51f380e4abbdf4b680c54f673835d4dd976e5355955a71f3b12191dbff588a82
5c6d6e64fc6884fe14b8010a1e5fe816f9977549ccf0a60b7ed4488a453b8d07
614225918e60a9c04c9d7d0dff37813381afa9913e7f861514c968be5de4f760
617542aa86e2f4d352ab1f81ba650e2beed3e81772d57979dd36850c45cafc9e
6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c
7482d7f682c9d437dd92be5ed45a8aba328307a004c4663818830dc9d5e53a4e
79266c36aad7737b74bb1a73c53b99e51c2cda5f7e5ac1e9c5f6178e5181159d
795168b8ef4086f033c918f708b8e72f101ce2662cc7576843760f98454d479a
7e6ce497138ce47d8ab66d70c46d245e1261d7f2d3f1db3556eec0ca1c82e2ec
7eeb6691f26d27578017557d3fc243f6f5a93be41312b15bfa2764751ea4fa62
826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510
8982a9fa114fd1336cb194e4cce9f47059c585f5dc2298cabb922776f836635e
8e916331d255ed6d9cd24219cf174a37017bcab5a4e0a2075b12d10ed5900bfe
8faba458d243f473199f2d36b2954c66bf34c3ba5dd22992cac7b0f650e09277
a0d53580b0d429e4f30c9a8a9ae2b09a5efcf753e018290561779f31864426ec
a1c28de478a88c957daebdfe824082696a3be976edb099dbe9c60b8070d925e4
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b8335ed4b9a0f56c11ff5ce6300a8a71f6c01abab2b736fa133cb1229557e3b7
bafa439596df3191b3b4be3fef9bcabe76a2d79d09001cbf74b60826f271af02
c5347f46cf67c827170c2f9d4cb65b0cf467a0a2e38f679a078d317f289ed6d4
c8f12b1def84e2b1b6c441bf56616c062bfb8adae01d80d5c10c900bd8882aca
c90dbe69070de8b85da2a0d820d99cafce056ef64b3a4af14b4139095da0aa7a
d29b4304625e55cffd5e646bebf9d589034ee99d546e1f70ea91ac21da47c955
d99297a2c08910067c3ecd881526dda352c485a42169a8c7abfc08949f235bdb
dbc14617f6c782a30eaf57c00f5fb40c23b414ccfa5154a82b4b22acd32b177a
ddc2154c0d608206ff9c64e5acb6e38a3f153e8a9939d846763ddf701424456d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df00020ab28dd722a62490611810ac5d56883dc6bc854220a7b5b93674d347d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c462ad40bdcdc58d4f80568746c5342b2fb43952628987a7215604d2ef5002
e52ca681723760e1bfce385c3062de578d4b54fa5ee35e6ac8111f62ae1d8e57
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb712628de16e6129a9ca4620149b58f03a03709f763836531030cb6db894dd9
edd7e2a8d2f83f2725eedf1d6481cd10fd2063725705acf50e2838fada39f1e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef33c805b06baeb5996a963c4d901048e8f3806bfac65a19098500d94f6b040c
f7f059d05d7edfb517dbe739f102ca9066f7a40dc76ee9ed4bed55183f8bf0cc
f83353333e755ece01dc1391c2bc3449f0ca3bace14732a2b2a7d92a3d0a98d3

trying-toclone.surge.sh Open in urlscan Pro 139.59.195.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

82 %HTTPS

30 %IPv6

8 Domains

12 Subdomains

11 IPs

3 Countries

1471 kBTransfer

5812 kBSize

9 Cookies

3 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trying-toclone.surge.sh Open in urlscan Pro
139.59.195.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

82 %
HTTPS

30 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1471 kB
Transfer

5812 kB
Size

9
Cookies

96 HTTP transactions
1 data transactions