urlscan.io logo urlscan.io
SecurityTrails logo

secure0100.micro-global.workers.dev Open in urlscan Pro
172.67.164.220  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Submission: On June 19 via manual from AU — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 73 HTTP transactions. The main IP is 172.67.164.220, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure0100.micro-global.workers.dev.
TLS certificate: Issued by WE1 on June 17th 2024. Valid for: 3 months.
This is the only time secure0100.micro-global.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

IP Address AS Autonomous System
2 172.67.164.220 13335 (CLOUDFLAR...)
20 192.229.173.77 15133 (EDGECAST)
14 2600:9000:20e... 16509 (AMAZON-02)
4 171.161.116.200 10794 (BANKAMERICA)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.212.158.112 14618 (AMAZON-AES)
1 44.207.212.157 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:207... 16509 (AMAZON-02)
73 11
2    172.67.164.220 (United States)

ASN13335 (CLOUDFLARENET, US)
secure0100.micro-global.workers.dev
20    192.229.173.77 (United States)

ASN15133 (EDGECAST, US)
secure1.bac-assets.com
14    2600:9000:20e2:9000:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
4    171.161.116.200 (United States)

ASN10794 (BANKAMERICA, US)
secure.bankofamerica.com
9    2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    3.212.158.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-158-112.compute-1.amazonaws.com
rail.bankofamerica.com
1    44.207.212.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-212-157.compute-1.amazonaws.com
dpm.demdex.net
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2607:f8b0:4004:c07::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2073:9400:d:addc:2400:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.glancecdn.net
Apex Domain
Subdomains		 Transfer
20 bac-assets.com
secure1.bac-assets.com — Cisco Umbrella Rank: 25349
668 KB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1321
308 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378
220 KB
5 bankofamerica.com
secure.bankofamerica.com — Cisco Umbrella Rank: 11256
rail.bankofamerica.com — Cisco Umbrella Rank: 24490
tilt.bankofamerica.com Failed
53 KB
2 glancecdn.net
storage.glancecdn.net — Cisco Umbrella Rank: 10387
12 KB
2 workers.dev
secure0100.micro-global.workers.dev
62 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
21 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 638
306 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 249
1 KB
73 9
Domain Requested by
20 secure1.bac-assets.com secure0100.micro-global.workers.dev
secure1.bac-assets.com
14 tags.tiqcdn.com secure1.bac-assets.com
tags.tiqcdn.com
9 cdn.cookielaw.org secure1.bac-assets.com
cdn.cookielaw.org
4 secure.bankofamerica.com secure1.bac-assets.com
2 storage.glancecdn.net tags.tiqcdn.com
storage.glancecdn.net
2 secure0100.micro-global.workers.dev secure1.bac-assets.com
1 www.google-analytics.com tags.tiqcdn.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 dpm.demdex.net tags.tiqcdn.com
1 rail.bankofamerica.com secure0100.micro-global.workers.dev
0 tilt.bankofamerica.com Failed tags.tiqcdn.com
73 11
Subject Issuer Validity Valid
micro-global.workers.dev
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
secure1.bac-assets.com
Entrust Certification Authority - L1M		 2024-05-08 -
2025-06-08		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
secure.bankofamerica.com
Entrust Certification Authority - L1M		 2024-03-28 -
2025-04-28		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
rail.bankofamerica.com
Entrust Certification Authority - L1M		 2024-04-05 -
2025-05-05		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.glancecdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-09 -
2025-06-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Frame ID: BDEF674A0B70F13F8BAD41C635609BC5
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank of America | Online Banking | Enroll in Online & Mobile Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

73
Requests

75 %
HTTPS

50 %
IPv6

9
Domains

11
Subdomains

11
IPs

1
Countries

1347 kB
Transfer

5553 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request olbEnroll.go
secure0100.micro-global.workers.dev/login/enroll/entry/ 		519 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ba171ce0c44d3540973cd5747f50c3d7dac11978251585788091993be02361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1
cf-cache-status
DYNAMIC
cf-ray
895fd912fe87875a-MIA
content-encoding
br
content-type
text/html
date
Wed, 19 Jun 2024 01:46:53 GMT
expires
Wed, 19 Jun 2024 01:46:54 GMT
last-modified
Mon, 13 May 2024 04:29:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AN%2BHF4DT51OLF2LhsDiHmbRqKBfDyLIPI7IAG%2B7evy%2B6vqxUEvwjkIywBh7YKeDr4O%2FuV0HW4%2FyOItvboVBYKT%2FaFDmL10wSvEK8B4yxIQH7u5%2BhkmLpSe4%2BefTOEvqFNj%2FIISDtobkmf%2FAXWBhprom7VfvcNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-boa-requestid
ZnI4jZMW-ZJNFee3pUBHiAAAAFM
x-serviced-by
z0+MsWiE6yFI4bLYtC7ECw==--MMg3K9qiq8cKeCxZH8Svxg==
babel-polyfill.js
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/platform/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/platform/babel-polyfill.js
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877B) /
Resource Hash
a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jsWAgQhQHgUnCTi8WgAAAFc
x-cache
HIT
content-length
34250
last-modified
Mon, 12 Feb 2024 03:06:45 GMT
server
ECS (mid/877B)
etag
"183fe-61126915a38ae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
require.js
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require/2.2.0/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8766) /
Resource Hash
adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jkLkrc45Ffr8BQRVWAAAAGE
x-cache
HIT
content-length
7899
last-modified
Mon, 12 Feb 2024 03:06:45 GMT
server
ECS (mid/8766)
etag
"6570-61126915b7519"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-logos-BofA_rgb-CSX5624a146.svg
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8769) /
Resource Hash
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jgNfPtsgQKb8GOwzbAAAACs
x-cache
HIT
content-length
1603
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/8769)
etag
"dc7-58bc25f0a9a80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=26920000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877D) /
Resource Hash
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jpJg0km1xtGnCCZjgwAAAcY
x-cache
HIT
content-length
1009
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/877D)
etag
"7d7-58bc25f0a9a80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=26920000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8767) /
Resource Hash
3a1b52b7233dfe08972f5f53d864d752f45809f9fd298966de4802dc13bf1d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/8767)
age
2409215
etag
"1193-58bc25f0a9a80"
x-boa-requestid
Zk11juZfh2zEVpex1okvOwAAAGM
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/gif
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
4499
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/878F) /
Resource Hash
36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/878F)
age
2409215
etag
"1b6a-58bc25f0a9a80"
x-boa-requestid
Zk11ju-RQWOzY97cUORYTwAAAAU
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
7018
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877C) /
Resource Hash
f831295258274780ec6638f8644cfc0e3532d0826f98d373b2ef5de888d50e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/877C)
age
2409215
etag
"adb1-58bc25f0a9a80"
x-boa-requestid
Zk11jgSxs--F43BSxwXh_wAAADY
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
44465
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/876A) /
Resource Hash
f970c0e040cdc56f52d1d1b89b2357ec587ee5a0a7d1e00f7354ae65e074b4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/876A)
age
2409215
etag
"f6c3-58bc25f0a9a80"
x-boa-requestid
Zk11js1xQMoQSvM7S_gXmAAAAF8
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
63171
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-login-common-Xmark@2x-gray-CSX98b2f672.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-Xmark@2x-gray-CSX98b2f672.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8769) /
Resource Hash
164d28ad78b8fe33d8e42864920d7647cc505b93b3fd266f0d66e63c566e0ef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/8769)
age
2409214
etag
"b83-58bc25f0a9a80"
x-boa-requestid
Zk11jxHWAKSePYdD0HfQnwAAAAs
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
2947
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-timeout-icon_red_error-CSX50a7cb02.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		787 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-timeout-icon_red_error-CSX50a7cb02.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8747) /
Resource Hash
e370992dd3acb665187ed9eefaf8de0102db12b22153de534ac8c019d0b84136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/8747)
age
2409215
etag
"313-58bc25f0a9a80"
x-boa-requestid
Zk11jqkjNPlVgqmOVW0MaAAAABY
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
787
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-header-lock-CSX1f35fd71.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-lock-CSX1f35fd71.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/878F) /
Resource Hash
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/878F)
age
2409215
etag
"cc36-58bc25f0a9a80"
x-boa-requestid
Zk11jpEcAXYqLrjIHJMregAAAhY
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
52278
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-site-login-common-pill-CSX5f69f222.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-pill-CSX5f69f222.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8768) /
Resource Hash
6d608a9d27ae614aa0b16fe920f6a811bf6d4f320a5819b51d3edb9672912ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 09:15:15 GMT
server
ECS (mid/8768)
age
2409215
etag
"7e6-60a19397ef666"
x-boa-requestid
Zk11jsWAgQhQHgUnCTi8XAAAAGU
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
2022
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		343 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877C) /
Resource Hash
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/877C)
age
2409215
etag
"157-58bc25f0a9a80"
x-boa-requestid
Zk11joFMcwrmbiCeKRNV5QAAAhM
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png
cache-control
max-age=26920000, public
accept-ranges
bytes
content-length
343
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-header-secure-lock-CSXa09bf5fc.svg
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		353 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/876A) /
Resource Hash
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jlYSOJt5Ak2oX_olXgAAAW0
x-cache
HIT
content-length
257
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/876A)
etag
"161-58bc25f0a9a80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=26920000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
assets-images-global-title-flagscape_red-CSX345e7fd7.svg
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8714) /
Resource Hash
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11joFMcwrmbiCeKRNV5gAAAm4
x-cache
HIT
content-length
1201
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/8714)
etag
"84c-58bc25f0a9a80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=26920000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
cnx-regular.woff2
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 		0
0
c0248f02.js
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/ 		2 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8767) /
Resource Hash
dbcbad5207c3fda20be254a12f8352f997a61d02b2bbad1e864c69dd8a73896a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jgSxs--F43BSxwXiAAAAAF8
x-cache
HIT
content-length
317901
last-modified
Mon, 13 May 2024 04:30:27 GMT
server
ECS (mid/8767)
etag
"188421-6184e58464db3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:53 GMT
cnx-regular.woff
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 		0
0
utag.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		607 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bdb7b2151a15af6852d2722c4a66a78ace7dc72b412b6e53a84280b42d6f9e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
34TxVRLD.DNgie92Ftl9U.6OoxQMKqlv
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:44:42 GMT
last-modified
Thu, 23 May 2024 09:57:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
133
x-amz-server-side-encryption
AES256
etag
W/"36d1828ee3cfe3e3f7150ab3e04e4be6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
sjzTRqJbGL8aZtK1lW8uihLwnb5WNmDTHS25YIDLOPqP2GYfP90SQg==
fetch.js
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/fetch/2.0.3/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/fetch/2.0.3/js/fetch.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8747) /
Resource Hash
b47a550de7cae47f1e27c99d13bb79bffb2217510fc5e80370157bbefad32b74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409215
x-boa-requestid
Zk11jwNfPtsgQKb8GOwzbwAAACc
x-cache
HIT
content-length
2942
last-modified
Mon, 12 Feb 2024 03:25:08 GMT
server
ECS (mid/8747)
etag
"2630-61126d31a0905"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:54 GMT
require-css.js
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require-css/0.1.8/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require-css/0.1.8/js/require-css.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/vendor/require/2.2.0/js/require.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877C) /
Resource Hash
47ba207dd4efb13519fbe8644483fd47c213c9ccc62295d0f9ac51cfd25f6c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2409216
x-boa-requestid
Zk11jl_yiEGREKTfmQDmDAAAAIk
x-cache
HIT
content-length
1134
last-modified
Mon, 12 Feb 2024 03:25:08 GMT
server
ECS (mid/877C)
etag
"a8c-61126d31b0304"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:54 GMT
cnx-regular.ttf
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 		0
0
iac
secure.bankofamerica.com/login/rest/sas/sparta/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1718761614063
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
Software
Oops /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://secure0100.micro-global.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Server
Oops
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Serviced-By
+z58B0atc09RsiEqEpJ4KQ==--JJkQlaj2SG8N7MmNRUJFlg==
vendb.js
secure1.bac-assets.com/sparta/client/helper/spa-assets/components/utilities/client-helper/behbio/vendb/3.0.0/js/ 		780 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/client/helper/spa-assets/components/utilities/client-helper/behbio/vendb/3.0.0/js/vendb.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/8725) /
Resource Hash
21d8774346a76334f7f55e9e4a742881cdd6bb5921914e397298d3a21a49c674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2412665
x-boa-requestid
Zk1oFYFMcwrmbiCeKRM_zQAAAnE
x-cache
HIT
content-length
133455
last-modified
Mon, 11 Dec 2023 06:52:22 GMT
server
ECS (mid/8725)
etag
"c2f2c-60c3660360fda"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:54 GMT
iac
secure.bankofamerica.com/login/rest/sas/sparta/v2/ 		0
0
cau-enroll.js
secure0100.micro-global.workers.dev/pa/components/utilities/ah-continuous-auth-util/1.1/deploy/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure0100.micro-global.workers.dev/pa/components/utilities/ah-continuous-auth-util/1.1/deploy/cau-enroll.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.164.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bec96e29e3de8270793bc096388faafc5222d21ede31fd43725f73e6f078dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
age
1632
x-boa-requestid
ZmYeVl4nwDiSzY-LDDIRUAAAAAg
x-serviced-by
FcWNFTSUcx9AzHGZ/h/AyQ==--NhDlj0KVUSleaoKe2JesUg==
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Aug 2022 09:01:17 GMT
server
cloudflare
etag
W/"53e-5e657fdc8d55e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycLm7YUM2cSlpN0GUhO1ICBBG6gjaBVg4b350Us0o1VLVZtbMMOH5kOPjeke%2BDGI5RKXXFzFAhVkBS9YRsFa27gEoP6WNGdA%2FhDWNiNeeq7O%2FPJgYsdj6UnymLhhEXi09rcE5aN96q%2BUO%2B0T9ykK5mtdddF%2Bgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
895fd9188f41875a-MIA
iac
secure.bankofamerica.com/login/rest/sas/sparta/ 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.bankofamerica.com/login/rest/sas/sparta/iac
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
Software
Oops /
Resource Hash
fd87fe92cc6a2d1dd789af66276e2cb98ed0f62f25f76ee87e417f0741b90a0d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 01:46:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
X-BOA-RequestID
ZnI4jkzbCC9kfv0uGD_vewAAAL4
X-Serviced-By
uzI0e9dqWEjjm3DQZNtIAw==--+z58B0atc09RsiEqEpJ4KQ==
Transfer-Encoding
chunked
Connection
Keep-Alive
Pragma
no-cache
Server
Oops
Vary
Accept-Encoding
Content-Type
text/plain;charset=utf-8
Content-Language
en-US
Cache-Control
no-cache
Keep-Alive
timeout=40, max=494
Expires
Thu, 01 Jan 1970 00:00:00 GMT
otSDKStub.js
cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/otSDKStub.js
Requested by
Host: secure1.bac-assets.com
URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/bundles/c0248f02.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Origin
https://secure0100.micro-global.workers.dev
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
1C7BuQ3LGAlBcdxyvs3Sgw==
content-length
6884
x-ms-lease-status
unlocked
last-modified
Sat, 18 May 2024 00:40:19 GMT
server
cloudflare
etag
0x8DC76D31823A768
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bcd15587-a01e-0001-01ea-c19277000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd9195df77482-MIA
browser.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-browser-support-utility/4.5.5/data/en/ 		0
0
messages.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-validation-framework/7.2.1/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
inputs.json
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/ 		0
0
hover.js
rail.bankofamerica.com/30306/ 		77 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rail.bankofamerica.com/30306/hover.js?dt=change_details&r=0.34719389362263864
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.212.158.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-158-112.compute-1.amazonaws.com
Software
haile /
Resource Hash
b70590e727681251674300af945d91e3b61171b6482c2734f59ddef09b12d34d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 01:46:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
haile
content-type
application/x-javascript
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-xss-protection
1
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
2c1a49ef-7c60-4b64-b3dd-07c1a5351aab
https://secure0100.micro-global.workers.dev/ 		185 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://secure0100.micro-global.workers.dev/2c1a49ef-7c60-4b64-b3dd-07c1a5351aab
Requested by
Host: secure0100.micro-global.workers.dev
URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b745d23b485e6f8523c160f5ec3090ad3eb803a18827f5f6a64195549b2b6c7

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
189098
Content-Type
id
dpm.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.207.212.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-212-157.compute-1.amazonaws.com
Software
/
Resource Hash
fe5e986bae5ca0a559073753376b7fd711f351435e4d533be131df8219a87561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

dcs
dcs-prod-va6-1-v060-0398031f6.edge-va6.demdex.com 8 ms
pragma
no-cache
date
Wed, 19 Jun 2024 01:46:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
n0SAobiZSDc=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://secure0100.micro-global.workers.dev
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
793
expires
Thu, 01 Jan 1970 00:00:00 UTC
prod-_-osp-tool-multi-get-started.js
tags.tiqcdn.com/dle/bofa/main/ 		1 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/dle/bofa/main/prod-_-osp-tool-multi-get-started.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
924794a7d5ed90e83cea7a337818fdfba6378cd6e79f0e9c0a5fcc692753de9a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:13:30 GMT
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 18:35:52 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
2005
x-amz-server-side-encryption
AES256
etag
W/"646f0064c8a5c0307b92bf5b75301860"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
3X_Trp86crxi278MInpIFOu8V5FCEnmNFYn0W6SEnbGVm3bYxHiRKQ==
assets-images-site-client-helper-refresh-CSXcdc99b8a.png
secure.bankofamerica.com/auth/forgot/spa-assets/images/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.bankofamerica.com/auth/forgot/spa-assets/images/assets-images-site-client-helper-refresh-CSXcdc99b8a.png?message=BehBio+SDK+is+not+loaded+due+to+iacall
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
Software
Oops /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://secure0100.micro-global.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Server
Oops
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Serviced-By
+z58B0atc09RsiEqEpJ4KQ==--JJkQlaj2SG8N7MmNRUJFlg==
assets-images-site-client-helper-refresh-CSXcdc99b8a.png
secure.bankofamerica.com/auth/forgot/spa-assets/images/ 		0
0
utag.21.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.21.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b25c3001c0b46242a352ee28eadf06dd2410770c8c4adf7e0241fc3531f5e2b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
3Eq5QdRBUoxCiDTMua.jsuhreCXR45YS
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:44:44 GMT
last-modified
Thu, 23 May 2024 09:57:46 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
131
x-amz-server-side-encryption
AES256
etag
W/"d39e063d87763b1102d785a511f0c2f7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
QVrVfqOpvaGgk-Z1a_m2Sf8XyvENroZRZqvyLSVVtKeb-z6RDKYPVw==
utag.36.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.36.js?utv=ut4.48.202308112143
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
400acca7e3ccc31ec9bb35f0bdb0e33bede3f62bcc24e19cfddd84684df36936

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rLWvJD8Z.aWFMJH034IBVq9vkK0mT9A1
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:36 GMT
last-modified
Thu, 23 May 2024 09:57:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
19
x-amz-server-side-encryption
AES256
etag
W/"9801fbeae2be109661e6606720a59a10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
iDS5dvQaSe2Picwp62TQrOXZwtExLC5e_EKoHhln4Cu27bQhuW-htg==
utag.37.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.37.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ab923f77e4aeaa3b8ac50b19e8de542aea9802782e8d26c6a9c48f16b8fb722

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DPaPOBcldjjvF5_XZla6GsENtyU_m3YW
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:44:44 GMT
last-modified
Thu, 23 May 2024 09:57:47 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
131
x-amz-server-side-encryption
AES256
etag
W/"a4b00170273fdc517330d226dd75e6cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
RC5FtF6tITN4dKna-1OFYPZCXzZpGykNxCviQSH7QUfYoUDIa2Bv6A==
utag.42.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.42.js?utv=ut4.48.202308112143
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57c9817e0935db455f9448c526c2c09b931ea844492bd5babc2205e8e5c08f30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
TofgwimltvMg2O8G0TI.K0G_7IC7A7QT
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:36 GMT
last-modified
Thu, 23 May 2024 09:57:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
19
x-amz-server-side-encryption
AES256
etag
W/"fed536091eaebd85bb54c0e9ab5f3386"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
R6VJYDJf8Db7u46w86VTHCrhddB5QIz3N2aU5pc8LuGO8jaQ0nsB0A==
utag.55.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.55.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8058784b25ff4d41273395fb2de40f0eec636ebd49e809bb052829a1a765ed23

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
oGwnkKQ5r1AyIz9ziYCttskmzpey9Ks_
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:44:51 GMT
last-modified
Thu, 23 May 2024 09:57:46 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
124
x-amz-server-side-encryption
AES256
etag
W/"7dcb3ab0b4511bc92e257bf92d613cdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
uGaHPMNY0v-oCYArzTpm0AAdogR8rEtGH9j8Pf9AUsjnb52dTdG8CA==
utag.65.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.65.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d2cd5e02eb25a599a2e6ccfa67ab5beae1ea6275e758d21de4099a738229fc0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
7H4_qrzrPkGK9y6CUWR8eTrxGK1WM61_
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:37 GMT
last-modified
Thu, 23 May 2024 09:57:47 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
18
x-amz-server-side-encryption
AES256
etag
W/"a56d3705d88cb1b72257445d10bf2ec4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
DkNP79akN4cFvEhRjqZc1GlK0kjViOHbEb0mqkCZ5zET30IFzQ09Cg==
utag.72.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.72.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3f72c331f4f5de6396c7ede19c4132a5df47f77476c0e03d64b6dc4391531a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
W2dk9iPnUvfp_v68vtbuA8EUTsSG5SuJ
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:36 GMT
last-modified
Thu, 23 May 2024 09:57:48 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
19
x-amz-server-side-encryption
AES256
etag
W/"11fab9a0c06095de082d7f8b985b8e85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
2xw3QHoINDXe81W-OwlePHkOPev7mNq4TTEbm7o9e-JJS9ktVHA1ow==
utag.76.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		205 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0376f7f472615e4c375d124a6ddf0f374b246050b4f250972e76ec7bb8123fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jgb1I9xAaMsHJ2M2wfcLrbl40eFyesMm
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:44:29 GMT
last-modified
Thu, 23 May 2024 09:57:46 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
146
x-amz-server-side-encryption
AES256
etag
W/"e9d9b146933579ac451408b99f3bb12e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
2TzLMREADkt1OlSrk2GKTd2Xe1U5rpVivQ7PZiAU9aFxACHuBVJq_g==
utag.62.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		294 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.62.js?utv=ut4.48.202405180033
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b39da3394744a073215494c0439d20759e068181936da446846bdfb989d12d5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rPhvUoKLoN9WJ9QF4GofNeJMFnGb4KY8
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:36 GMT
last-modified
Thu, 23 May 2024 09:57:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
19
x-amz-server-side-encryption
AES256
etag
W/"42be2a10628903aba3ef714eca18c37f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
4_XBON_tGdBN6ohO86gsxRsusHQZu1IS1Iic1T21n8jJSvSj76zuQg==
utag.102.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.102.js?utv=ut4.48.202308112143
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4eeae7d2f0484c98984a94afa0319ed6fa51ae5a6d1886355311ff1221de7d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
idl4xqHksUf52UjnVy.1Sptjb0AMCl5j
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:36 GMT
last-modified
Thu, 23 May 2024 09:57:44 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
19
x-amz-server-side-encryption
AES256
etag
W/"ee0d116ee00b96c998c5bb7376050637"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
4uV10F03VOvJ_DEMdoy06s_D7YEeJ4-WFEmLhwiV4z4IYLSzYWAunQ==
utag.108.js
tags.tiqcdn.com/utag/bofa/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202403160018
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2805d78702855bbb19b4c5e7f0ccd96d028690ac7747e511cb35667fcf5c3701

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.8mWlZVCP7qnhNPenZrpxYUGBem1LG4E
content-encoding
br
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 01:46:28 GMT
last-modified
Thu, 23 May 2024 09:57:43 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
27
x-amz-server-side-encryption
AES256
etag
W/"5d1d1f89961f79781ee0bff4faba3b32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
bvt8Dw7bwzqODd9a8ga99IgDTs5GkyphhtlJa-POLX-WcFkMPAEVLQ==
72e99fdc-3ef1-452a-9b02-e35228fa4504-test.json
cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/72e99fdc-3ef1-452a-9b02-e35228fa4504-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69fd7553df85e5bce9a4b542b0ae5fa8325b54402cde3c1c1781d734f296c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
ClhUPbvoLfGpa5ODr9Iw7g==
content-length
1915
x-ms-lease-status
unlocked
last-modified
Sat, 18 May 2024 00:40:19 GMT
server
cloudflare
etag
0x8DC76D31815EDEB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6813e40a-401e-00aa-76ea-c14565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd91ba9ae7482-MIA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		68 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
895fd91ece4a498a-MIA
access-control-allow-headers
Content-Type
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bofa/main/202405230956&cb=1718761615125
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:9000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 19 Jun 2024 01:39:37 GMT
via
1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
439
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
mczZWlMtPecv7uj4Bz-Zo2oXqRRFl0SolRjFvdzDJFoI3ISwV4m9TQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202405180033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 01:39:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
431
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 19 Jun 2024 03:39:44 GMT
session.json
tilt.bankofamerica.com/7989/js/events/v10/ 		0
0
GlanceCobrowseLoader_6.20.0M.js
storage.glancecdn.net/cobrowse/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.20.0M.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202403160018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9400:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1237a930e685ceca5726d7987c21710671e6e30deb320a45d4211405e20e1532
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 16:49:20 GMT
x-amz-version-id
FgirOru9d1CFLS.z.2BSFUSdf3abobcW
content-encoding
br
x-content-type-options
nosniff
via
1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
291456
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 21 Mar 2024 14:58:19 GMT
server
AmazonS3
etag
W/"9770e2694b30734f8f6e10cdc78a98d4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926
x-amz-cf-id
0ZQ_qpcKsOzTat69AKqgFqyM3X-sjmyULu-mg2axkQzBYMzLXw0H8w==
initializeEnrollment
secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/ 		0
0
initializeEnrollment
secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/initializeEnrollment
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.161.116.200 , United States, ASN10794 (BANKAMERICA, US),
Reverse DNS
Software
Oops /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,cawcsrf,content-type
Access-Control-Request-Method
POST
Origin
https://secure0100.micro-global.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com https: wss: data: blob:; script-src 'self' *.bankofamerica.com *.bac-assets.com *.ml.com fsa.merrilledge.com merrilledge.com s3.amazonaws.com boa-api.arkoselabs.com cdn.cookielaw.org resources.digital-cloud.medallia.com players.brightcove.net metrics.brightcove.com cdnapisec.kaltura.com tags.tiqcdn.com akamai.tiqcdn.com glance.net beta.glancecdn.net storage.glancecdn.net cct.google cdn.mplxtms.com cdn.tt.omtrdc.net data.cmcore.com data.coremetrics.com iocdn.coremetrics.com libs.coremetrics.com mc.coremetrics.com mcdata.coremetrics.com mktgcdn.coremetrics.com recs.coremetrics.com secure-cdn.mplxtms.com convertro.com stage.convertro.com idsync.rlcdn.com test.coremetrics.com testdata.coremetrics.com tmscdn.coremetrics.com www.glancecdn.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com mboxedge34.tt.omtrdc.net anrdoezrs.net cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com bofa.demdex.net cdnstorage.myglance.net bankofamerica.tt.omtrdc.net www.paypalobjects.com cdn-bofa.myglance.net six.cdn-net.com vjs.zencdn.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' data: blob: *.bankofamerica.com *.bac-assets.com *.ml.com cdn.cookielaw.org glance.net beta.glancecdn.net storage.glancecdn.net convertro.com stage.convertro.com idsync.rlcdn.com www.glancecdn.net cdnstorage.myglance.net www.google-analytics.com cdn-bofa.myglance.net resources.digital-cloud.medallia.com 'unsafe-inline'; worker-src 'self' blob:; frame-ancestors 'self' *.bankofamerica.com *.ml.com;
Server
Oops
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Serviced-By
+z58B0atc09RsiEqEpJ4KQ==--JJkQlaj2SG8N7MmNRUJFlg==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202403.2.0/ 		447 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Origin
https://secure0100.micro-global.workers.dev
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
NaqcG2ILVJmSrG/q1ZpJ7w==
age
11571
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
110887
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:18 GMT
server
cloudflare
etag
0x8DC62925356D668
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4a4f7c66-a01e-0089-38a6-c12aae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
895fd91f2e5b7482-MIA
en.json
cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/018ebe59-41e3-7c15-8403-03607af7ca6c/ 		40 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/72e99fdc-3ef1-452a-9b02-e35228fa4504-test/018ebe59-41e3-7c15-8403-03607af7ca6c/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c24db3f922e77cf856062ae3fc08e45306be53c173f6bf3e2b8f641aa460d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
Ws3fgP1hmyGxaYctHHbaeg==
content-length
11790
x-ms-lease-status
unlocked
last-modified
Sat, 18 May 2024 00:40:39 GMT
server
cloudflare
etag
0x8DC76D3240CF593
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
cadcf999-301e-0087-20ea-c1c6a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd91fcf497482-MIA
GlancePresenceVisitor_6.20.0M.js
storage.glancecdn.net/cobrowse/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.glancecdn.net/cobrowse/js/GlancePresenceVisitor_6.20.0M.js
Requested by
Host: storage.glancecdn.net
URL: https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_6.20.0M.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:9400:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
663c37001dfd822873222ee97f569181bcf39e78b3b57570e1160c957c6f9c34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 16:49:31 GMT
x-amz-version-id
ar.srJNZLoviu0lDzmPZuvjOwLB0TrqD
content-encoding
br
x-content-type-options
nosniff
via
1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
291445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 21 Mar 2024 14:58:20 GMT
server
AmazonS3
etag
W/"b59ca484382914d4e9fcb52f9801bc19"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926
x-amz-cf-id
xH8Iw-HhnFkcS8SXPfBXEAFUdKtjsVfrVvvxTssFRyYVyi5wm4lwoA==
assets-images-global-favicon-favicon-CSX8d65d6e4.ico
secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-favicon-CSX8d65d6e4.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.77 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mid/877D) /
Resource Hash
d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
2406043
x-boa-requestid
Zk2B9ELkrc45Ffr8BQSMKAAAACY
x-cache
HIT
content-length
2266
last-modified
Thu, 20 Jun 2019 14:43:38 GMT
server
ECS (mid/877D)
etag
"3aee-58bc25f0a9a80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=26920000, public
accept-ranges
bytes
expires
Thu, 19 Jun 2025 01:46:55 GMT
otPcTab.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/ 		63 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
b6I2OlMzNJPYbIfzxkSWAA==
age
11570
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13627
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:14 GMT
server
cloudflare
etag
0x8DC629250D25EB2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ce83d138-f01e-0019-47a6-c1bfe2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
895fd920e8987482-MIA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
4ErYmXXFNbMLrnc9DrDTsg==
age
11570
x-ms-lease-status
unlocked
last-modified
Mon, 22 Apr 2024 06:06:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
759aea70-301e-00c3-49cc-c11ac9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd920e89b7482-MIA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
493 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
1631
x-ms-lease-status
unlocked
last-modified
Tue, 18 Jun 2024 05:26:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
38cc556b-f01e-005d-72a6-c1638e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd921491a7482-MIA
BOA.PNG
cdn.cookielaw.org/logos/9b1b72d0-06ef-4e7c-9b2a-e8bc09f34daf/5a21514a-3b71-4677-b52d-207b6f11ff68/fceb4368-db91-43cf-af24-36ac5b5badc2/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/9b1b72d0-06ef-4e7c-9b2a-e8bc09f34daf/5a21514a-3b71-4677-b52d-207b6f11ff68/fceb4368-db91-43cf-af24-36ac5b5badc2/BOA.PNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d3432300ba1610b3b7b677b5e821630636aae7f61c01e1058158e69701b2d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jvB7VcShVhyScfVwMaUaWQ==
age
1235
content-length
71361
x-ms-lease-status
unlocked
last-modified
Thu, 13 Oct 2022 13:50:15 GMT
server
cloudflare
etag
0x8DAAD21DBA3A72F
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
556dcac7-d01e-002c-6f53-23d52c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
895fd921e83e31d4-MIA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure0100.micro-global.workers.dev/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 19 Jun 2024 01:46:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
48206
x-ms-lease-status
unlocked
last-modified
Thu, 13 Jun 2024 02:35:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9fe52516-d01e-0063-48c4-bdd5af000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
895fd921e84531d4-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf
Domain
secure.bankofamerica.com
URL
https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1718761614063
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-browser-support-utility/4.5.5/data/en/browser.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-validation-framework/7.2.1/data/en/messages.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure1.bac-assets.com
URL
https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Domain
secure.bankofamerica.com
URL
https://secure.bankofamerica.com/auth/forgot/spa-assets/images/assets-images-site-client-helper-refresh-CSXcdc99b8a.png?message=BehBio+SDK+is+not+loaded+due+to+iacall
Domain
tilt.bankofamerica.com
URL
https://tilt.bankofamerica.com/7989/js/events/v10/session.json
Domain
secure.bankofamerica.com
URL
https://secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/initializeEnrollment

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

393 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage boolean| setMDA boolean| isMDA object| digitalData object| nucleusSpartaProperties object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| createCSSBundleLink object| sparta function| requirejs function| require function| define object| theBody function| getUrlVars object| moduleContainer number| mdaVersion undefined| spartaStorage string| wrapParam boolean| isMda object| global undefined| handlebars object| spaParams object| spartaRequireLoop object| loopExecs object| required function| onLoopReady function| getCurriedBundleDefineShim object| JSEncryptExports object| KJUR object| Hex object| Base64 function| ASN1 function| _ object| utag_data object| bactm string| bactm_envSelector number| default_key_size string| default_public_exponent function| log object| key function| jQuery function| getSCookie function| glacier function| getIdentifier object| boa object| _cc object| cdwpb object| cdApi boolean| utag_condload object| YAHOO object| CryptoJS string| b64map string| b64pad number| dbits number| canary boolean| j_lm number| BI_FP string| BI_RM object| BI_RC number| rr number| vv object| lowprimes number| lplim number| rng_psize undefined| rng_state object| rng_pool number| rng_pptr number| t object| ua undefined| z function| jsonParse object| ASN1HEX function| utf8tob64u function| b64utoutf8 function| strdiffidx object| KEYUTIL object| _RE_HEXDECONLY object| ignore_keys string| prefix string| nested_delimeter string| data_layer string| tealium_object boolean| tealium_debug object| utag function| hex2b64 function| b64tohex function| b64toBA function| BigInteger function| nbi function| am1 function| am2 function| am3 function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate function| rng_seed_int function| rng_seed_time function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextopem function| pemtohex function| hextoArrayBuffer function| ArrayBuffertohex function| zulutomsec function| zulutosec function| zulutodate function| datetozulu function| uricmptohex function| hextouricmp function| ipv6tohex function| hextoipv6 function| hextoip function| iptohex function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| hextoposhex function| intarystrtohex function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| pss_mgf1_str function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| X509 function| getPageID function| ignoreKey function| processDataObject function| processDataArray function| processDataLayer boolean| __tealium_twc_switch undefined| isMinor boolean| inScope boolean| otEnabled function| _isInDataCollector function| _is string| cm_NormalizeList number| bactm_evtSel function| bactm_addSegmentationValues function| bactm_beginDataCollection function| bactm_capturePageview function| bactm_captureAddlPageview function| bactm_captureDynamicPageview function| bactm_loadDataCollection function| bactm_addProducts function| bactm_captureCustomError function| bactm_createManualLinkClickTag function| bactm_restorePageID function| bactm_productView object| dataCollector function| cX string| array_key_name string| result object| utag_cfg_ovrd object| ___sc30306 object| ___so30306 function| aquarius number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE object| __tp number| __gt object| google_tag_manager object| google_tag_data object| gDataLayer function| gtag function| ga object| CelebrusDataPrivacy string| celebrususeCors string| celebrususeSecureCookies string| celebruswindowID function| celebrusonContentReady function| celebrusgHW object| celebrusRTEHandler object| celebrusVisibilityManager object| celebrusLogger function| celebrusoptIn function| celebrusoptOut function| celebrusanonymous function| celebrusdoReInit function| celebrusstop function| celebrusexecuteJsonResponse function| celebrusexecuteReInitNow function| celebrusstart function| celebruseQI function| celebrusfindCookieVal function| celebruscontentResponse function| celebrusevent function| celebrusclick function| celebrusselect function| celebrustextchange function| celebrusformsubmit function| celebrusSendJsonData function| celebrusonInitialSessionInformationResponse function| celebrusonInPageSessionInformationResponse function| celebrustrackYouTubeIframePlayer function| celebrusgetSessionKey function| celebrusgetRealTimeId object| celebrusInstance function| celebrusGo string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| OneTrustStub object| GLANCE object| gaplugins object| Optanon object| OneTrust

12 Cookies

Domain/Path Name / Value
.secure0100.micro-global.workers.dev/ Name: SPID
Value: Q1S2
.secure0100.micro-global.workers.dev/ Name: SID
Value: 0029552FE1006672388D
.secure0100.micro-global.workers.dev/ Name: TS017f5af8
Value: 010212baac7c9e4d483e4485553d114484665c6e477b6dd0a4426067c4e0cb6f2a15b56ea50d50667bdf03a99da05cd92a93750804
.micro-global.workers.dev/ Name: cdContextId
Value: 1
.micro-global.workers.dev/ Name: bmuid
Value: 1718761614291-72BD7FD0-665C-430D-B50E-E6208C11B402
.bankofamerica.com/ Name: SPID
Value: C1S1
.bankofamerica.com/ Name: SID
Value: 00316F8F40006672388E
.demdex.net/ Name: demdex
Value: 40806186541402860713363320450576535241
secure0100.micro-global.workers.dev/ Name: LSESSIONID
Value: eyJpIjoiUzgxUHRNcTFPSnFHZGE5VVYwK0JQQT09IiwiZSI6IlJpb2NZVzJoZ1RjbHEzdDFOc2VSWVVHTklsRjFyXC9BWFwvSkhrQnpSaDRUV2t2dDhiRTlCWXMwQVwvdVFvN09WTHhzcHliYjhrYmZVaFQzVms5S2JQSEZuT1NCcTJWTmQxaUtuZnZmYzFpMzF6Sld2Q2c4UjQ1MEZLeWphN0V2T2w1TExLN3BIdkRwVEx0SDZLWkxJaFZrUT09In0%3D.2403480084fd01a5.MjVjNjc5NGQzNjU2NmFlYWRhZDdiMmY1MzQ0NThkYTFmNDNjNzJjODY4NWY3MTQzY2Y2MTcxZjlmZTI5MzRmYQ%3D%3D
secure0100.micro-global.workers.dev/ Name: _cc
Value: ZTBjZjBmNDctNTBlNi00MWZj
.micro-global.workers.dev/ Name: celebrussession
Value: _17187616151570.145014b4cab1d1b0e6f3845a9021a03d_7989
secure0100.micro-global.workers.dev/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jun+18+2024+15%3A46%3A55+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=48f9bf3d-3c53-4176-8c41-9fca60cbc638&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fsecure0100.micro-global.workers.dev%2Flogin%2Fenroll%2Fentry%2FolbEnroll.go%3Freason%3Dmodel_enroll&groups=CCBA%3A1%2CCADCA%3A1

40 Console Messages

Source Level URL
Text
recommendation verbose URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to font at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to font at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to font at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-browser-support-utility/4.5.5/data/en/browser.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-browser-support-utility/4.5.5/data/en/browser.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-validation-framework/7.2.1/data/en/messages.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-validation-framework/7.2.1/data/en/messages.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure1.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-input-utility/12.1.2/data/en/inputs.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1718761614063' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure.bankofamerica.com/login/rest/sas/sparta/v2/iac?dfp=true&_=1718761614063
Message:
Failed to load resource: net::ERR_FAILED
worker error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://bup.bankofamerica.com/client/v3.1/web/wup?cid=barbie' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure.bankofamerica.com/auth/forgot/spa-assets/images/assets-images-site-client-helper-refresh-CSXcdc99b8a.png?message=BehBio+SDK+is+not+loaded+due+to+iacall' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure.bankofamerica.com/auth/forgot/spa-assets/images/assets-images-site-client-helper-refresh-CSXcdc99b8a.png?message=BehBio+SDK+is+not+loaded+due+to+iacall
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/initializeEnrollment' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure.bankofamerica.com/login/rest/sas/sparta/entry/v1/initializeEnrollment
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://tilt.bankofamerica.com/7989/js/events/v10/session.json' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://tilt.bankofamerica.com/7989/js/events/v10/session.json
Message:
Failed to load resource: net::ERR_FAILED
worker error URL: https://secure0100.micro-global.workers.dev/login/enroll/entry/olbEnroll.go?reason=model_enroll
Message:
Access to XMLHttpRequest at 'https://bup.bankofamerica.com/client/v3.1/web/wup?cid=barbie' from origin 'https://secure0100.micro-global.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
dpm.demdex.net
geolocation.onetrust.com
rail.bankofamerica.com
secure.bankofamerica.com
secure0100.micro-global.workers.dev
secure1.bac-assets.com
storage.glancecdn.net
tags.tiqcdn.com
tilt.bankofamerica.com
www.google-analytics.com
secure.bankofamerica.com
secure1.bac-assets.com
tilt.bankofamerica.com
171.161.116.200
172.67.164.220
192.229.173.77
2600:9000:2073:9400:d:addc:2400:93a1
2600:9000:20e2:9000:7:2bfb:7c00:93a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
2607:f8b0:4004:c07::8a
3.212.158.112
44.207.212.157
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
1237a930e685ceca5726d7987c21710671e6e30deb320a45d4211405e20e1532
164d28ad78b8fe33d8e42864920d7647cc505b93b3fd266f0d66e63c566e0ef6
1b745d23b485e6f8523c160f5ec3090ad3eb803a18827f5f6a64195549b2b6c7
21d8774346a76334f7f55e9e4a742881cdd6bb5921914e397298d3a21a49c674
24ba171ce0c44d3540973cd5747f50c3d7dac11978251585788091993be02361
2805d78702855bbb19b4c5e7f0ccd96d028690ac7747e511cb35667fcf5c3701
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
3a1b52b7233dfe08972f5f53d864d752f45809f9fd298966de4802dc13bf1d77
3bdb7b2151a15af6852d2722c4a66a78ace7dc72b412b6e53a84280b42d6f9e7
400acca7e3ccc31ec9bb35f0bdb0e33bede3f62bcc24e19cfddd84684df36936
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
47ba207dd4efb13519fbe8644483fd47c213c9ccc62295d0f9ac51cfd25f6c61
57c9817e0935db455f9448c526c2c09b931ea844492bd5babc2205e8e5c08f30
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
663c37001dfd822873222ee97f569181bcf39e78b3b57570e1160c957c6f9c34
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69d3432300ba1610b3b7b677b5e821630636aae7f61c01e1058158e69701b2d5
6ab923f77e4aeaa3b8ac50b19e8de542aea9802782e8d26c6a9c48f16b8fb722
6bec96e29e3de8270793bc096388faafc5222d21ede31fd43725f73e6f078dd1
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
6d608a9d27ae614aa0b16fe920f6a811bf6d4f320a5819b51d3edb9672912ad9
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4
7d2cd5e02eb25a599a2e6ccfa67ab5beae1ea6275e758d21de4099a738229fc0
7e90effe2c4b60df553e50c5e65bcf113ad7a2ddf3d5e7a594f2b8a9ccfd4523
8058784b25ff4d41273395fb2de40f0eec636ebd49e809bb052829a1a765ed23
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
924794a7d5ed90e83cea7a337818fdfba6378cd6e79f0e9c0a5fcc692753de9a
a108985f6e9a607d6e1b8cb294cdad7bffb288589c3f9fa3768b84763b0af94d
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9c24db3f922e77cf856062ae3fc08e45306be53c173f6bf3e2b8f641aa460d7
adab1708b4b053c52d06be506c9630c44bb6a4b986d03344d3cf91997c9e6ad6
b25c3001c0b46242a352ee28eadf06dd2410770c8c4adf7e0241fc3531f5e2b3
b39da3394744a073215494c0439d20759e068181936da446846bdfb989d12d5b
b3f72c331f4f5de6396c7ede19c4132a5df47f77476c0e03d64b6dc4391531a7
b47a550de7cae47f1e27c99d13bb79bffb2217510fc5e80370157bbefad32b74
b4eeae7d2f0484c98984a94afa0319ed6fa51ae5a6d1886355311ff1221de7d7
b70590e727681251674300af945d91e3b61171b6482c2734f59ddef09b12d34d
c0376f7f472615e4c375d124a6ddf0f374b246050b4f250972e76ec7bb8123fa
d5bba1cae66759adfee0d50ab0419e6bb19a48f8c360e4be8e582ba75e7a1402
dbcbad5207c3fda20be254a12f8352f997a61d02b2bbad1e864c69dd8a73896a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e370992dd3acb665187ed9eefaf8de0102db12b22153de534ac8c019d0b84136
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
f69fd7553df85e5bce9a4b542b0ae5fa8325b54402cde3c1c1781d734f296c58
f831295258274780ec6638f8644cfc0e3532d0826f98d373b2ef5de888d50e43
f970c0e040cdc56f52d1d1b89b2357ec587ee5a0a7d1e00f7354ae65e074b4dc
fd87fe92cc6a2d1dd789af66276e2cb98ed0f62f25f76ee87e417f0741b90a0d
fe5e986bae5ca0a559073753376b7fd711f351435e4d533be131df8219a87561