rg.ml.com
Open in
urlscan Pro
152.199.21.168
Public Scan
Effective URL: https://rg.ml.com/2022/PartCom/401K/BENE/20212477-1_EMAL_p123_PARTICIPAN_220420_401K_Y_C_N_E_F1_POP.html
Submission: On July 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on June 22nd 2022. Valid for: a year.
This is the only time rg.ml.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.42.49 13.111.42.49 | 22606 (EXACT-7) (EXACT-7) | |
1 4 | 152.199.21.168 152.199.21.168 | 15133 (EDGECAST) (EDGECAST) | |
2 | 171.161.126.64 171.161.126.64 | 10794 (BANKAMERICA) (BANKAMERICA) | |
1 | 171.159.118.100 171.159.118.100 | 10794 (BANKAMERICA) (BANKAMERICA) | |
6 | 3 |
ASN22606 (EXACT-7, US)
PTR: click.message.rg.ml.com
click.message.rg.ml.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ml.com
2 redirects
click.message.rg.ml.com rg.ml.com — Cisco Umbrella Rank: 234059 www.benefits.ml.com — Cisco Umbrella Rank: 100099 |
219 KB |
1 |
bankofamerica.com
www.bankofamerica.com — Cisco Umbrella Rank: 9412 |
|
6 | 2 |
Domain | Requested by | |
---|---|---|
4 | rg.ml.com |
1 redirects
rg.ml.com
|
2 | www.benefits.ml.com |
rg.ml.com
|
1 | www.bankofamerica.com |
rg.ml.com
|
1 | click.message.rg.ml.com | 1 redirects |
6 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
details-he.re |
Subject Issuer | Validity | Valid | |
---|---|---|---|
about.bankofamerica.com Entrust Certification Authority - L1M |
2022-06-22 - 2023-06-22 |
a year | crt.sh |
www.benefits.ml.com Entrust Certification Authority - L1M |
2022-02-03 - 2023-02-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://rg.ml.com/2022/PartCom/401K/BENE/20212477-1_EMAL_p123_PARTICIPAN_220420_401K_Y_C_N_E_F1_POP.html
Frame ID: 5F66D5957FA06B2CD32FB57F585079E7
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
How does your marital status affect your beneficiary?Page URL History Show full URLs
-
https://click.message.rg.ml.com/?qs=95ed164a1b10f92f5c63670ada5b2bf74c27e2a5556e20e22edc3eda7fd7f02c58666a3b...
HTTP 302
https://rg.ml.com/2022/PartCom/401K/BENE/20212477-1_EMAL_p123_PARTICIPAN_220420_401K_Y_C_N_E_F... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: SIPC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.message.rg.ml.com/?qs=95ed164a1b10f92f5c63670ada5b2bf74c27e2a5556e20e22edc3eda7fd7f02c58666a3b3d5f26bae3ec2a4302ba92e753e5c3119514ee85
HTTP 302
https://rg.ml.com/2022/PartCom/401K/BENE/20212477-1_EMAL_p123_PARTICIPAN_220420_401K_Y_C_N_E_F1_POP.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://rg.ml.com/2022/PartCom/401K/BENE/js/DDO.js HTTP 302
- https://www.bankofamerica.com/banking-information/error-page-en.html
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
20212477-1_EMAL_p123_PARTICIPAN_220420_401K_Y_C_N_E_F1_POP.html
rg.ml.com/2022/PartCom/401K/BENE/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MerrilLogoHDR.png
www.benefits.ml.com/ATGDocs/Production/contentRepository/Public/BOL0048401/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error-page-en.html
www.bankofamerica.com/banking-information/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bofa_pattern1_rgb_blue.jpg
www.benefits.ml.com/ATGDocs/Production/contentRepository/Public/BOL0051648/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connections_regular-web.woff
rg.ml.com/Public/FONTS/Connections_Regular/ |
82 KB 82 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connections_light-web.woff
rg.ml.com/Public/FONTS/Connections_Light/ |
83 KB 83 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| bactm_setTMLib4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rg.ml.com/ | Name: BIGipServerpool_mcoeapporigin-ash.bankofamerica.com_443 Value: 101034176.64288.0000 |
|
.benefits.ml.com/ | Name: gwmBOLppzpidExt Value: gwmbolppzexttx2 |
|
.benefits.ml.com/ | Name: Bear Value: pHVRlmM1GMgL4abVIOQ8p5Kd0CcNhgKrsqlw5ChLWdk= |
|
.benefits.ml.com/ | Name: TS01e9a6e6 Value: 0141952b4c7f9118200d06afc8057587e51e55fd7b7c163d292d02322bd9c7d01855a897eec9cd11efdf513184898bbff5c8125d3a24429fe8989eb70a99c48ca5d926aa4d568e9275a13ec14ba82019d1b754444d |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' http: https: data: blob: vjs.zencdn.net bofa.demdex.net tags.tiqcdn.com *.akamaihd.net *.baml.com bankofamerica.tt.omtrdc.net *.ml.com secure.insightexpressai.com *.businesswire.com testdata.coremetrics.com http://*.bankofamerica.com https://*.bankofamerica.com *.brightcove.com *.brightcove.net *.sharethis.com *.twitter.com twitter.com *.facebook.com www.linkedin.com delicious.com digg.com api.pinterest.com www.stumbleupon.com www.myspace.com buzz.yahoo.com www.bankofamerica.com www.boa.com www.ml.com www.merrill.com www.totalmerrill.com www.merrilllynch.com www.ust.com www.us-trust.com www.ustrust.com www.baml.com www.ba-ml.com www.bac.com acemegreen.thismoment.com analytics1.onedotone.net *.googleapis.com ecx.images-amazon.com brightcove.vo.llnwd.net *.doubleclick.net cdnt.meteorsolutions.com expressyourthanks.thismoment.com thismoment-a.akamaihd.net api.tiles.mapbox.com *.google.com *.gstatic.com www.youtube.com www.google-analytics.com bofa.44doors.com *.mapbox.com bofa.demdex.net *.maxmind.com *.betrad.com sjs.bizographics.com www.googletagmanager.com *.userzoom.com *.evidon.com *.zencdn.net *.licdn.com *.company-target.com *.demandbase.com brightcove.hs.llnwd.net *.boldchat.com *.2mdn.net *.dartmotif.net *.doubleclick.com *.merrilledge.com *.digitas.com *.serving-sys.com *.mediamind.com *.corporate-ir.net *.imwx.com; font-src 'self' http: https: *.zencdn.net *.ml.com data:; |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.message.rg.ml.com
rg.ml.com
www.bankofamerica.com
www.benefits.ml.com
13.111.42.49
152.199.21.168
171.159.118.100
171.161.126.64
06072b33a1fa23aa76ae8170b80fe89c0ba27bc04897f9f61920dd6a81fc4164
1172386e1cd9f7fd9d7646df035d93473bbbf19e1b325fc54d9c2aa76e5a7a80
2b4a7271ab69939287222100c7444bf2e04df380f185297e0d59dbd3ef30e4a5
375c389586d868eb1fb26461a370d3c412931dab91040c04c2a5d90b529cfc2d
a4d095eb183466170bf0e155d271d2fc5a1d6dc7f3e21dcec4b04da36d5e8219