certificates.bankofamerica.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 171.159.226.149, located in United States and belongs to BANKAMERICA, US. The main domain is certificates.bankofamerica.com. The Cisco Umbrella rank of the primary domain is 575817.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 10th 2023. Valid for: a year.

This is the only time certificates.bankofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	171.159.226.149 171.159.226.149		10794 (BANKAMERICA) (BANKAMERICA)
6	1

6 171.159.226.149 (United States)

ASN10794 (BANKAMERICA, US)

certificates.bankofamerica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	bankofamerica.com certificates.bankofamerica.com — Cisco Umbrella Rank: 575817	103 KB
6	1

	Domain	Requested by
6	certificates.bankofamerica.com	certificates.bankofamerica.com
6	1

This site contains links to these domains. Also see Links.

Domain
certenroll.bankofamerica.com
flagscape.bankofamerica.com

Subject Issuer	Validity	Valid
certificates.bankofamerica.com Entrust Certification Authority - L1M	`2023-05-10` - `2024-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://certificates.bankofamerica.com/
Frame ID: 771AF975794B2867BB8ACEC80B74B6CF
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America Certificate Services

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

103 kB
Transfer

99 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://certenroll.bankofamerica.com/
Title: https://certenroll.bankofamerica.com/

Search URL Search Domain Scan URL

URL: http://flagscape.bankofamerica.com/portal/site/lob10040075/menuitem.d05906a83dedcb1f7f5a0510e3cc5cba/?vgnextoid=3c51f49529839410VgnVCM2000003cccc5abRCRD
Title: Flagscape Digital Certificates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
certificates.bankofamerica.com/ 3 KB
4 KB 742ms
103ms Document
text/html 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.bankofamerica.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

7cde92bf5325c8549dae2c36750187a1745270cb068b64b8fe8733e4c52593da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Connection: Upgrade, Keep-Alive
Content-Length: 2904
Content-Security-Policy: default-src 'self';
Content-Type: text/html
Date: Fri, 17 May 2024 17:42:45 GMT
ETag: "b58-587b02167d500"
Expect-CT: max-age=3600, enforce
Keep-Alive: timeout=5, max=512
Last-Modified: Mon, 29 Apr 2019 19:17:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Upgrade: h2,h2c
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK BofATheme.css
certificates.bankofamerica.com/css/ 12 KB
13 KB 101ms
100ms Stylesheet
text/css 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.bankofamerica.com/css/BofATheme.css

Requested by

Host: certificates.bankofamerica.com
URL: https://certificates.bankofamerica.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

3be8995d19f1453334d90effcfc1fd99101e79476df2ce017986848d85cc552d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://certificates.bankofamerica.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 17:42:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
Last-Modified: Fri, 26 Apr 2019 14:02:32 GMT
ETag: "3060-5876f62c8ce00"
Expect-CT: max-age=3600, enforce
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=511
Content-Length: 12384
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.PNG
certificates.bankofamerica.com/css/Images/ 17 KB
17 KB 202ms
100ms Image
image/png 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.bankofamerica.com/css/Images/logo.PNG

Requested by

Host: certificates.bankofamerica.com
URL: https://certificates.bankofamerica.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

ae46b4ccad2750e06f441789d42a63fe10938279e3c99223ee6fbbaf98990017

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://certificates.bankofamerica.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 17:42:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
Last-Modified: Fri, 26 Apr 2019 08:21:14 GMT
ETag: "4247-5876a9e335280"
Expect-CT: max-age=3600, enforce
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=510
Content-Length: 16967
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logos-bar.png
certificates.bankofamerica.com/css/Images/ 18 KB
19 KB 395ms
200ms Image
image/png 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.bankofamerica.com/css/Images/logos-bar.png

Requested by

Host: certificates.bankofamerica.com
URL: https://certificates.bankofamerica.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

65c0b2cb91e38dcd7d3790f826ba30a6cccdd01add100925eacf8709b47ac87f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://certificates.bankofamerica.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 17:42:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
Connection: Upgrade, Keep-Alive
Content-Length: 18862
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 27 Mar 2019 12:08:38 GMT
ETag: "49ae-585124c34fd80"
Expect-CT: max-age=3600, enforce
X-FRAME-OPTIONS: SAMEORIGIN
Upgrade: h2,h2c
Content-Type: image/png
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=512

GET
H/1.1 200
OK background.png
certificates.bankofamerica.com/css/Images/ 48 KB
49 KB 202ms
101ms Image
image/png 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://certificates.bankofamerica.com/css/Images/background.png

Requested by

Host: certificates.bankofamerica.com
URL: https://certificates.bankofamerica.com/css/BofATheme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

dd830634174cc42faeda651e9e857f268be22ed961dbc0a00353612cb78806d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://certificates.bankofamerica.com/css/BofATheme.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 17:42:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
Last-Modified: Wed, 27 Mar 2019 12:08:38 GMT
ETag: "c170-585124c34fd80"
Expect-CT: max-age=3600, enforce
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/png
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=509
Content-Length: 49520
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found favicon.ico
certificates.bankofamerica.com/ 637 B
1 KB 101ms
100ms Other
text/html 171.159.226.149
BANKAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://certificates.bankofamerica.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.159.226.149 , United States, ASN10794 (BANKAMERICA, US),

Reverse DNS

Software

/

Resource Hash

097f3b0330b5872c0a044e2832b6d5a5f9ccb5d5315a3f3295be4f3fdbcc76de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://certificates.bankofamerica.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 17:42:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';
Last-Modified: Tue, 22 Apr 2014 13:08:10 GMT
ETag: "27d-4f7a14ec26280"
Expect-CT: max-age=3600, enforce
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/html
Cache-Control: must-revalidate, no-cache, no-store, no-transform, public, proxy-revalidate, max-age=3600, s-maxage=3600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=508
Content-Length: 637
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			certificates.bankofamerica.com/	1969-12-31 23:59:59	Name: bac_persist Value: 3563138469.58430.0000
			certificates.bankofamerica.com/	1969-12-31 23:59:59	Name: TS01ad1911 Value: 0176872a98e9d7d97067d529e232289e2156c3ec5c0d718bfc4821d021480fd896d19b84a8420e66d3a74fd814cc0bf924adb4e3a4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://certificates.bankofamerica.com/(Line 8) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-BBOGexNnujshehIQ4WlkijzyT1OZDSFMwde8dE1r6DE='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://certificates.bankofamerica.com/(Line 13) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-37E8jQpewoZckHh2fSuRaS0fS+1naoIcDXIeXzbaGiA='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://certificates.bankofamerica.com/(Line 15) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-6l+tpow5lGPV0MHWZlDv8nD7HrL77FGFldqQ7zc5gxY='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://certificates.bankofamerica.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

certificates.bankofamerica.com
171.159.226.149
097f3b0330b5872c0a044e2832b6d5a5f9ccb5d5315a3f3295be4f3fdbcc76de
3be8995d19f1453334d90effcfc1fd99101e79476df2ce017986848d85cc552d
65c0b2cb91e38dcd7d3790f826ba30a6cccdd01add100925eacf8709b47ac87f
7cde92bf5325c8549dae2c36750187a1745270cb068b64b8fe8733e4c52593da
ae46b4ccad2750e06f441789d42a63fe10938279e3c99223ee6fbbaf98990017
dd830634174cc42faeda651e9e857f268be22ed961dbc0a00353612cb78806d0

certificates.bankofamerica.com Open in urlscan Pro 171.159.226.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

103 kBTransfer

99 kBSize

2 Cookies

2 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

certificates.bankofamerica.com Open in urlscan Pro
171.159.226.149 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

103 kB
Transfer

99 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions