merrilledge.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2103 ms crawled 2026-05-18

US · 171.161.108.85 · AS10794 Bank of America, National Association

Reputation 100/100

Classifying

HTML metadata

Title: Online Investing, Stock Trading, and Brokerage - Merrill Edge
Description: Merrill Edge offers a wide range of investment products and advice, including brokerage and retirement accounts, online trading, and financial research.
Language: en-US
Canonical: https://www.merrilledge.com

Open Graph

url: https://www.merrilledge.com/
title: Online Investing, Stock Trading, and Brokerage - Merrill Edge
site name: Merrill Edge
description: Merrill Edge offers a wide range of investment products and advice, including brokerage and retirement accounts, online trading, and financial research.

Technology

CMS: Ghost

Third-party hosts loaded (2)

www.merrilledge.ml.bac-assets.com×4
scripts-olui2.fs.ml.bac-assets.com×1

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2010-01-06

Expires

2027-01-06 231 days left

Updated

2026-02-09

Name servers

a.ns-bac.com
b.ns-bac.org
c.ns-bac.net
d.ns-bac.info
e.ns-boa.biz
f.ns-boa.us
g.ns-bac.com
h.ns-bac.org

DNS records live

NS

a.ns-bac.com
b.ns-bac.org
c.ns-bac.net
d.ns-bac.info
e.ns-boa.biz
f.ns-boa.us
g.ns-bac.com
h.ns-bac.org

TXT

_eylnjhgqx24spvc6mswa9qciei492sm
_26utrpvtn7z7ergmybyudrf0o537a9x

Email authentication no MX

SPF: not published
DMARC: v=DMARC1; p=reject; rua=mailto:auth.report_ns@bankofamerica.com; ruf=mailto:auth.ruf@bankofamerica.com
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2

from 2026-01-26 to 2027-02-27

Expires in 283 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.merrilledge.com/

present

strict-transport-security
content-security-policy

findings

CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self' *.ml.com *.bankofamerica.com *.bofa.com *.bac-assets.com glance.net beta.glancecdn.net www.glancecdn.net glancecdn.net cdnstorage.myglance.net cdn-bofa.myglance.net www.glancecdn.net storage.glancecdn.net www.glance.net bofa-prod-presence-1.glance.net bofa-prod-presence-2.glance.net bofa-prod-presence-3.glance.net bofa-prod-presence-4.glance.net bofa-prod-presence-5.glance.net bofa-prod-presence-6.glance.net bofa-prod-presence-7.glance.net bofa-prod-presence-8.glance.net bofa-prod-presence-9.glance.net cobrowse-location.glance.net session-a-1.glance.net session-a-2.glance.net session-a-3.glance.net session-a-4.glance.net session-a-5.glance.net session-a-6.glance.net session-a-7.glance.net session-a-8.glance.net session-a-9.glance.net visitor-cam-aws.glance.net lb-video.glance.net prod-video-a-1.glance.net prod-video-a-2.glance.net prod-video-a-3.glance.net prod-video-a-4.glance.net prod-video-a-5.glance.net prod-video-a-6.glance.net prod-video-a-7.glance.net prod-vid
strict-transport-security: max-age=31536000;includeSubDomains