urlscan.io logo urlscan.io
SecurityTrails logo

bankofamerica-secure-login.framer.ai Open in urlscan Pro
35.71.142.77  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bankofamerica-secure-login.framer.ai/
Effective URL: https://bankofamerica-secure-login.framer.ai/
Submission: On September 28 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 24 HTTP transactions. The main IP is 35.71.142.77, located in United States and belongs to AMAZON-02, US. The main domain is bankofamerica-secure-login.framer.ai.
TLS certificate: Issued by E6 on September 6th 2024. Valid for: 3 months.
This is the only time bankofamerica-secure-login.framer.ai was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

IP Address AS Autonomous System
1 35.71.142.77 16509 (AMAZON-02)
19 2600:9000:249... 16509 (AMAZON-02)
3 3.160.150.33 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
24 4
Apex Domain
Subdomains		 Transfer
19 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 29997
340 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 42713
6 KB
1 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 152970
20 KB
1 framer.ai
bankofamerica-secure-login.framer.ai
12 KB
24 4
Domain Requested by
19 framerusercontent.com bankofamerica-secure-login.framer.ai
3 events.framer.com bankofamerica-secure-login.framer.ai
events.framer.com
1 app.framerstatic.com bankofamerica-secure-login.framer.ai
1 bankofamerica-secure-login.framer.ai
24 4

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com
secure.bankofamerica.com
Subject Issuer Validity Valid
*.framer.ai
E6		 2024-09-06 -
2024-12-05		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
framerstatic.com
Amazon RSA 2048 M02		 2024-09-22 -
2025-10-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bankofamerica-secure-login.framer.ai/
Frame ID: 1330EE3DCD590D534780B679FCE6D9F6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank Of America

Page URL History Show full URLs

  1. http://bankofamerica-secure-login.framer.ai/ HTTP 307
    https://bankofamerica-secure-login.framer.ai/ Page URL

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

379 kB
Transfer

965 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bankofamerica-secure-login.framer.ai/ HTTP 307
    https://bankofamerica-secure-login.framer.ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bankofamerica-secure-login.framer.ai/
Redirect Chain
  • http://bankofamerica-secure-login.framer.ai/
  • https://bankofamerica-secure-login.framer.ai/
101 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.142.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Framer/875dde8 /
Resource Hash
9c690cf065ffe3a96cc39fae787abc7c5e27541ffeca1dc2c5243c249da1c9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
11744
content-type
text/html
date
Sat, 28 Sep 2024 22:58:21 GMT
etag
"3fb3f34d118e80b9b5315fa814b7cba1"
last-modified
Sat, 21 Sep 2024 22:07:10 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/875dde8
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="875dde8"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://bankofamerica-secure-login.framer.ai/
Non-Authoritative-Reason
HSTS
chunk-EDUVFPA7.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		637 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/chunk-EDUVFPA7.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0ceb4042e923294bd57075d6f24e6279ef06dca536ef58652942e93c6dba646c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"fa595289ec486bb03c7c06834143faf3"
x-amz-version-id
C_J.Lx_lYAqSzX9wYR1uWV5wiKLUDkfL
age
295059
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
v9ioY7333UUZqgK_OmiQGDva6Fts170df0FPFg9EDy3-iyv-CpbX9Q==
date
Wed, 25 Sep 2024 13:00:44 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="v9ioY7333UUZqgK_OmiQGDva6Fts170df0FPFg9EDy3-iyv-CpbX9Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-RIUMFBNJ.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/chunk-RIUMFBNJ.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
etag
"30ed32fa3444df726bb60d89113cf478"
x-amz-version-id
3gcYwa38x9tSsxaYPiPAVG0CTnO1mXCs
age
85039
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LJua1QRBsibKlW5BCjhg9_pokZTB4gcVLR79Q65jjdIMNGdElSYv-Q==
date
Fri, 27 Sep 2024 23:21:04 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="LJua1QRBsibKlW5BCjhg9_pokZTB4gcVLR79Q65jjdIMNGdElSYv-Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
447
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
V52gENhU-6RCD8etWak4dc1v3di3t8HfEj_-Bqrv_Sg.S6TZ66LQ.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		47 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/V52gENhU-6RCD8etWak4dc1v3di3t8HfEj_-Bqrv_Sg.S6TZ66LQ.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f936626b8a2983e9a155d5bb78f51a9ad098478605e1b61632d54bcb6ddfe0fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"c9c9c79604864531c0f92a275a37e624"
x-amz-version-id
oCyaSINbMmuIY8HNWh.dvECBP_xejhiG
age
295059
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BGqNgWtB4YpW_911lQ1KPcNWJ3Kplhg475hWpwHYazb4leiln5_55g==
date
Wed, 25 Sep 2024 13:00:44 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="BGqNgWtB4YpW_911lQ1KPcNWJ3Kplhg475hWpwHYazb4leiln5_55g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-TRVHLB6F.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		725 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/chunk-TRVHLB6F.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1f0d11a08c8d19455c8a1b6949b4fc7416d4a580500cb4b1146c2487f0582e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
etag
"e298d767f33f634bf83449cf35bb7752"
x-amz-version-id
X0rK_wAh6FBeMYnfGh1cih5T8JJmL_vz
age
85038
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yY8qE7QUSiDlGQL8AmZlwKI8c17HqFUOuGcWxS_RB6a1K_5pc4O6VA==
date
Fri, 27 Sep 2024 23:21:05 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="yY8qE7QUSiDlGQL8AmZlwKI8c17HqFUOuGcWxS_RB6a1K_5pc4O6VA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
725
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-FRTP634D.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		328 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/chunk-FRTP634D.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f8f2a4194abc47ab5aab2e4663807324445140c1eba8b04199863b967d21b782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
etag
"e39636c44e6458d62244d9644878218d"
x-amz-version-id
ss63UsD0OdOUoaBMkceK46R2SIsHW_iK
age
85038
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NU-cDuzlpObg0hL19rFTNqHd3DeGfIy_hD6bR6sWhWUVNk4RyezF7Q==
date
Fri, 27 Sep 2024 23:21:05 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="NU-cDuzlpObg0hL19rFTNqHd3DeGfIy_hD6bR6sWhWUVNk4RyezF7Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
328
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-MXCMW3FC.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/chunk-MXCMW3FC.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f4bff71568519e864f26c887b57c67bb0d074f750d2b20313edc0905e9bad71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"8d4d096bd768b6c0c9fedc7214d19d18"
x-amz-version-id
JvFOVTyAPYxfTP.DmV_GCm4srl886azL
age
295059
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZvE3VHZGiwNcIahQqFnOPIxS1M9UaUQZKg9oYwIJjxj-0jpQmiwYCw==
date
Wed, 25 Sep 2024 13:00:44 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="ZvE3VHZGiwNcIahQqFnOPIxS1M9UaUQZKg9oYwIJjxj-0jpQmiwYCw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
script_main.KPYRHLGI.mjs
framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/1SPpQRp19rdknmQ2oli8Sp/script_main.KPYRHLGI.mjs
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
5d88e1ca0e9b72ea0dbe392224442150a302982d920a14dfffd0b716d958acd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"45b19789b0db536f4615c30c7201e93a"
x-amz-version-id
J01D6FYhVJ.qQrFNJgNV_MbwS5h.bGNg
age
98977
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LA450ZgnJRAlIaSZ2yOfO1BbEcXXOT5zsJ-gDsCjAQQi22FwL4bcoQ==
date
Fri, 27 Sep 2024 19:28:46 GMT
content-type
text/javascript
last-modified
Sat, 21 Sep 2024 22:07:09 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="LA450ZgnJRAlIaSZ2yOfO1BbEcXXOT5zsJ-gDsCjAQQi22FwL4bcoQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
AES256
script
events.framer.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash
2e1a2ac17cdb96c3c75f3ee659733c110b73392955cc9523dffdcf04254aaa63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18089
timestamp
Sat, 28 Sep 2024 22:57:13 GMT
content-encoding
gzip
x-amz-apigw-id
e1qCTEVNIAMEuPA=
x-amzn-trace-id
Root=1-66f88a0e-109509f444040b7f42fae22e
x-amzn-requestid
ed701a5b-2768-4cd9-b859-379b21a0e7ca
via
1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6181
x-amz-cf-id
z8V_UKqoN3oC1oBPhSAaceR5d8Ml9NryPrNXIQKoHCiMQeSrdoOe2A==
date
Sat, 28 Sep 2024 22:58:22 GMT
content-type
text/javascript
x-amz-cf-pop
FRA60-P7
WxRbo2Zvp7e1FMWABBWfMwk6Mw.png
framerusercontent.com/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/WxRbo2Zvp7e1FMWABBWfMwk6Mw.png?scale-down-to=512
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
417c64875f9d1658342c009a06f55bd12739d6bb69d920014c909835928a2703
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"4a86acaeb60a048bab85d9a49d773a08"
age
609479
x-content-type-options
nosniff
x-amzn-requestid
42602d55-cdf4-4d88-872e-8d6d9ce242fe
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aUWrnzweatkMVeVZC8NTvq2kY7TwhK_dtV0gMxOygnd7zzgx8cb3Ng==
date
Sat, 21 Sep 2024 21:40:23 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="aUWrnzweatkMVeVZC8NTvq2kY7TwhK_dtV0gMxOygnd7zzgx8cb3Ng==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef3d47-12f748e85031f0616d38d83f;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
ykn0JzfXVm8ZcOunxDc5mCGmFPs.png
framerusercontent.com/images/ 		473 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/ykn0JzfXVm8ZcOunxDc5mCGmFPs.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"f6f74792e7ce049e3a26a8a725dba8c8"
age
1218435
x-content-type-options
nosniff
x-amzn-requestid
e68a062a-7955-4b06-b839-04fb45a6efd1
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Ado0lzi779Jn0ESZ-vdtceV6dMkfck8_s7CU-fFggVYkNFOEefuYMA==
date
Sat, 14 Sep 2024 20:31:07 GMT
content-type
image/png
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="Ado0lzi779Jn0ESZ-vdtceV6dMkfck8_s7CU-fFggVYkNFOEefuYMA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
root=1-66e5f28b-420deaaf184e9dbe2a07ab29;parent=03734a9781006a4d;sampled=0;lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
UeQvi0SDzAQc5RnXiDFGssa2zM.png
framerusercontent.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/UeQvi0SDzAQc5RnXiDFGssa2zM.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"a1874bec60e4440a4c0d240ef3d0a385"
age
609479
x-content-type-options
nosniff
x-amzn-requestid
985bc9b0-7a05-48b2-95cd-86e932c0b45c
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KpozJvFhf8rEgIbyJWWfT7hNs43fiAka5HeQYlG-KjWkT06VkvtvAQ==
date
Sat, 21 Sep 2024 21:40:23 GMT
content-type
image/png
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="KpozJvFhf8rEgIbyJWWfT7hNs43fiAka5HeQYlG-KjWkT06VkvtvAQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef3aa3-38e4b3e02de7f0d47937ea54;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
QLHXwQOwh4fH52zPAKcXSTjBjOs.png
framerusercontent.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/QLHXwQOwh4fH52zPAKcXSTjBjOs.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"cdcb0f012c00908030c706b328c6325e"
age
609479
x-content-type-options
nosniff
x-amzn-requestid
504b667d-84b9-45bd-a7e0-c60118725ea8
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
_yQPYCSGhgl4JQcK4ROtZbr3iJCDChHZZPahFWfjOqhS9wW0deANLg==
date
Sat, 21 Sep 2024 21:40:23 GMT
content-type
image/png
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="_yQPYCSGhgl4JQcK4ROtZbr3iJCDChHZZPahFWfjOqhS9wW0deANLg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef3aa3-2501e1e5298b59f051f1a58e;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
CIINW1ao3lO0XXzaCwrBwFBU.png
framerusercontent.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/CIINW1ao3lO0XXzaCwrBwFBU.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0c2020b8c8d1475a96c9919300154d33453305f70278b46da6936ca887a29a47
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"2423a477da487e9dbc58e8f486ae3a2b"
age
609478
x-content-type-options
nosniff
x-amzn-requestid
bf4099a2-73e7-4732-a7fe-dadbec19aa8a
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tCNTW4raPtKGbpvah8jmaHfBUHnV2-ORFdj-Pg2gt25sArzwmNrHZQ==
date
Sat, 21 Sep 2024 21:40:24 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="tCNTW4raPtKGbpvah8jmaHfBUHnV2-ORFdj-Pg2gt25sArzwmNrHZQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef3d47-14c5a33548fa57c42217b9ac;Parent=2752b2bae542a5b3;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
rWIdZHEXGbReA5E5UleYGYFxfo.png
framerusercontent.com/images/ 		716 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/rWIdZHEXGbReA5E5UleYGYFxfo.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e64e6ddacc24a22a1f927bdf0ebbba8430dd109d8ca5895fb0148fc936d3390
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"5b16cd332dcf8c7ad9e655095a8f4d93"
age
700051
x-content-type-options
nosniff
x-amzn-requestid
4d391b9f-a0fc-4a52-aca7-7b4a2462d4fa
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yi6J7vufQE49weuZCha96xcVejXp_G7QB2kjRi7tFn-O6BvDpJZWBQ==
date
Fri, 20 Sep 2024 20:30:51 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="yi6J7vufQE49weuZCha96xcVejXp_G7QB2kjRi7tFn-O6BvDpJZWBQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66eddb7b-56a1ab5b54fda44456b62b1e;Parent=06e169a19909b546;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
Ns74X7LPdk3a3zT9zYqsSD8QXI.png
framerusercontent.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/Ns74X7LPdk3a3zT9zYqsSD8QXI.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ce9a85e46dccca26ee7bacc82b90a17f3d5163ba27e7c4681798131c296bb652
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"dea474f6b16da60a9d366fdd5e5e27bc"
age
796204
x-content-type-options
nosniff
x-amzn-requestid
c2cd5163-53c7-475f-ad68-f20ab1abfe83
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
dMjjX8OLiETzW_sD0Qo4312X-1bb_FT-0xPPWCJN_zN3p_bNHCFG5A==
date
Thu, 19 Sep 2024 17:48:18 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="dMjjX8OLiETzW_sD0Qo4312X-1bb_FT-0xPPWCJN_zN3p_bNHCFG5A==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ec63e2-240a007a713449a1749e0cf8;Parent=151612a8b18fde0f;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
mplWNSBe2nv7QklOX2oSFsk.png
framerusercontent.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/mplWNSBe2nv7QklOX2oSFsk.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
162c68394ccf1b8f8a49650f50286eacc81056970b0a52d57f45875151322cb6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"e3018f98bbf5932a0774edb4833a82b9"
age
796204
x-content-type-options
nosniff
x-amzn-requestid
e0749765-626b-468c-a741-5f470cecf6fe
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
q5OdT1Y-y4OT22fVt0vIhyAJKuynNG5PHJXQ-cnu_H30osXdibf_kw==
date
Thu, 19 Sep 2024 17:48:18 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="q5OdT1Y-y4OT22fVt0vIhyAJKuynNG5PHJXQ-cnu_H30osXdibf_kw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ec63e2-7294312b044b159f6ecad03f;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
KezFYNMHylL9gWQADkzngFvjWZ8.png
framerusercontent.com/images/ 		554 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/KezFYNMHylL9gWQADkzngFvjWZ8.png
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6211943246128dc17924cb69f2a2bc05c59fa7212cc9328d84f3877aafcd6065
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"e7764c2deb0facef3c79515ff5b4bd11"
age
609479
x-content-type-options
nosniff
x-amzn-requestid
4d6da9ee-970d-4448-a073-e9f3a9666a8d
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
vu59OsB9_MizmhjSFocyOaTMaiW_MWJNhGfN9FLOT10TPpbvRLp3Sw==
date
Sat, 21 Sep 2024 21:40:23 GMT
content-type
image/png
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="vu59OsB9_MizmhjSFocyOaTMaiW_MWJNhGfN9FLOT10TPpbvRLp3Sw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef3d47-2ae0c4fe321e1f535b95770b;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
Inter-SemiBold.latin-RDYY2AG2.woff2
app.framerstatic.com/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:dc00:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
3600
etag
"6a7880ce1bd9abb417faf126dccfd935"
x-amz-version-id
null
age
21612284
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WDrs_CAEfrLiySkoKH54JVemgHAy0y2ggLYy9aYXgo-dDXGKxHCBSQ==
date
Mon, 22 Jan 2024 19:33:39 GMT
content-type
font/woff2
last-modified
Mon, 22 Jan 2024 18:17:04 GMT
x-frame-options
deny
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20072
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P4
server
CloudFront
x-amz-server-side-encryption
AES256
vQyevYAyHtARFwPqUzQGpnDs.woff2
framerusercontent.com/assets/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/vQyevYAyHtARFwPqUzQGpnDs.woff2
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
3000
etag
"a14a424239fd9cb2e305f2243b1f6177"
x-amz-version-id
SH9la86RvjI0NEj8MqfrPHVtgDnLUhAV
age
4379571
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
MMq08YbCyxIgILxwCiyyijQuuckWNMsifQXrJOHQJiTH2kS-b9EW8g==
date
Fri, 09 Aug 2024 06:25:32 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:12:38 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="MMq08YbCyxIgILxwCiyyijQuuckWNMsifQXrJOHQJiTH2kS-b9EW8g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
27404
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
aws:kms
DXD0Q7LSl7HEvDzucnyLnGBHM.woff2
framerusercontent.com/assets/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/DXD0Q7LSl7HEvDzucnyLnGBHM.woff2
Requested by
Host: bankofamerica-secure-login.framer.ai
URL: https://bankofamerica-secure-login.framer.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bankofamerica-secure-login.framer.ai
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

access-control-max-age
3000
etag
"757ca4a792b8c7bbe09f6e6cee76e727"
x-amz-version-id
bCCG3uSnAgT3MLzz1ZSQU2cVkYB4Lve.
age
6430338
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
bUY5uRug_Q0eWgILa3fDdT5SluEpJo0EY-HcXmZ_x3BchcdAT_UEbQ==
date
Tue, 16 Jul 2024 12:46:05 GMT
content-type
font/woff2
last-modified
Mon, 15 Jul 2024 14:11:33 GMT
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="bUY5uRug_Q0eWgILa3fDdT5SluEpJo0EY-HcXmZ_x3BchcdAT_UEbQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
27992
x-xss-protection
0
x-amz-cf-pop
FRA56-P6
server
CloudFront
x-amz-server-side-encryption
aws:kms
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

x-amz-apigw-id
e1qCZHsbIAMEQOg=
x-amzn-trace-id
Root=1-66f88a0f-115e2a48563b10070d123b56;Parent=45274c80a387de17;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
10cf35e2-ad39-4661-aeb6-1601762257fa
via
1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
v9ZhanDqipdjfuevja9sYHUoeMFI0NCdE7-VWAiIYoqpy-g9sBFjyw==
date
Sat, 28 Sep 2024 22:58:23 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P7
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-33.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bankofamerica-secure-login.framer.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 28 Sep 2024 22:58:22 GMT
via
1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-amz-apigw-id
e1qCWGZ9IAMEe1Q=
x-amz-cf-id
UougyLrTEuxft5cEvtnJ1ZQurmMM5xIXDGxNMq-KtsqkJpWwOE-mYA==
x-amz-cf-pop
FRA60-P7
x-amzn-requestid
e32787e6-eea2-4e8e-aa19-d5bfaf1622e2
x-cache
Miss from cloudfront
xZxEAQ8c8yOpab2PTH73sUROCGY.jpg
framerusercontent.com/images/ 		26 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/xZxEAQ8c8yOpab2PTH73sUROCGY.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5a332fff0054f5f91d41169ac1ecf7c00a764d1fbb74b924056e4b4dc09855b3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bankofamerica-secure-login.framer.ai/

Response headers

etag
"9a8c812af265d8a1762d37b75d236f53"
age
608188
x-content-type-options
nosniff
x-amzn-requestid
6fb5ec9d-d0ae-43d8-99c9-093e69ba4600
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
vzDO7Goa35eO061B-kmANz7m07IfRcdxdXnkQU_msikkMQrVdL4viQ==
date
Sat, 21 Sep 2024 22:01:54 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P6",cdn-rid;desc="vzDO7Goa35eO061B-kmANz7m07IfRcdxdXnkQU_msikkMQrVdL4viQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-66ef4252-57648a6d5c8c37970e10603d;Parent=51e9697574405e11;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P6

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __framer_onRewriteBreakpoints function| __framer_importFromPackage object| process object| __framer_events boolean| MotionHandoffIsComplete function| __send_framer_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
bankofamerica-secure-login.framer.ai
events.framer.com
framerusercontent.com
2600:9000:223e:dc00:d:6b42:4ec0:93a1
2600:9000:2490:800:d:ada1:a280:93a1
3.160.150.33
35.71.142.77
0c2020b8c8d1475a96c9919300154d33453305f70278b46da6936ca887a29a47
0ceb4042e923294bd57075d6f24e6279ef06dca536ef58652942e93c6dba646c
162c68394ccf1b8f8a49650f50286eacc81056970b0a52d57f45875151322cb6
1f0d11a08c8d19455c8a1b6949b4fc7416d4a580500cb4b1146c2487f0582e6a
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
2dc968863319a6f57e6428a7b4c292ae254d3e462b5f23f71bab492317067d5f
2e1a2ac17cdb96c3c75f3ee659733c110b73392955cc9523dffdcf04254aaa63
4107b11930c4eef1f6ae5a76d441562e6d21a601f1781f37fd085542cd87412b
417c64875f9d1658342c009a06f55bd12739d6bb69d920014c909835928a2703
4e64e6ddacc24a22a1f927bdf0ebbba8430dd109d8ca5895fb0148fc936d3390
5a332fff0054f5f91d41169ac1ecf7c00a764d1fbb74b924056e4b4dc09855b3
5d88e1ca0e9b72ea0dbe392224442150a302982d920a14dfffd0b716d958acd2
6211943246128dc17924cb69f2a2bc05c59fa7212cc9328d84f3877aafcd6065
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
9c690cf065ffe3a96cc39fae787abc7c5e27541ffeca1dc2c5243c249da1c9f6
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
ce9a85e46dccca26ee7bacc82b90a17f3d5163ba27e7c4681798131c296bb652
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e
f4bff71568519e864f26c887b57c67bb0d074f750d2b20313edc0905e9bad71b
f8f2a4194abc47ab5aab2e4663807324445140c1eba8b04199863b967d21b782
f936626b8a2983e9a155d5bb78f51a9ad098478605e1b61632d54bcb6ddfe0fa
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157