urlscan.io logo urlscan.io
SecurityTrails logo

api-stage.nationwide.com Open in urlscan Pro
2.16.241.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Effective URL: https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&client_id=904A88QzzG...
Submission: On October 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2.16.241.82, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is api-stage.nationwide.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 6th 2023. Valid for: a year.
This is the only time api-stage.nationwide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 18.119.59.6 16509 (AMAZON-02)
1 2.16.241.82 20940 (AKAMAI-ASN1)
7 3
Domain Requested by
6 clclearquotepreprod.awspubliccloud2.nationwide.com clclearquotepreprod.awspubliccloud2.nationwide.com
1 api-stage.nationwide.com clclearquotepreprod.awspubliccloud2.nationwide.com
7 2

This site contains no links.

Subject Issuer Validity Valid
clclearquotepreprod.nationwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-13 -
2024-02-07		 a year crt.sh
api-stage.nationwide.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-06 -
2024-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&client_id=904A88QzzGKlxq4WbxDGrh5hfhqwURIp&message_id=8d69be75-a2db-4c89-bc6f-d5e4299f3b89&nonce=VjxIiOGsuhTVpCgT3Gy5HjON4TVW7UFZ&realm=employee&redirect_uri=https://clclearquotepreprod.awspubliccloud2.nationwide.com/authorize/&response_type=token+id_token&scope=openid&state=eyJ1cmwiOiJodHRwczovL2NsY2xlYXJxdW90ZXByZXByb2QuYXdzcHVibGljY2xvdWQyLm5hdGlvbndpZGUuY29tLyIsImNyZWRlbnRpYWxTdG9yYWdlS2V5IjoibnctZXVhLXdlYi1jbGllbnQtY3JlZGVudGlhbHMiLCJldWFEaXJlY3RvckF1dGhvcml6YXRpb25Gb3J3YXJkVXJsIjoiaHR0cHM6Ly9jbGNsZWFycXVvdGVwcmVwcm9kLmF3c3B1YmxpY2Nsb3VkMi5uYXRpb253aWRlLmNvbS9hdXRob3JpemUvIn0=
Frame ID: A6CE4C1F2018686BF7BCA38A730C469B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clclearquotepreprod.awspubliccloud2.nationwide.com/ Page URL
  2. https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

749 kB
Transfer

3231 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clclearquotepreprod.awspubliccloud2.nationwide.com/ Page URL
  2. https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&client_id=904A88QzzGKlxq4WbxDGrh5hfhqwURIp&message_id=8d69be75-a2db-4c89-bc6f-d5e4299f3b89&nonce=VjxIiOGsuhTVpCgT3Gy5HjON4TVW7UFZ&realm=employee&redirect_uri=https://clclearquotepreprod.awspubliccloud2.nationwide.com/authorize/&response_type=token+id_token&scope=openid&state=eyJ1cmwiOiJodHRwczovL2NsY2xlYXJxdW90ZXByZXByb2QuYXdzcHVibGljY2xvdWQyLm5hdGlvbndpZGUuY29tLyIsImNyZWRlbnRpYWxTdG9yYWdlS2V5IjoibnctZXVhLXdlYi1jbGllbnQtY3JlZGVudGlhbHMiLCJldWFEaXJlY3RvckF1dGhvcml6YXRpb25Gb3J3YXJkVXJsIjoiaHR0cHM6Ly9jbGNsZWFycXVvdGVwcmVwcm9kLmF3c3B1YmxpY2Nsb3VkMi5uYXRpb253aWRlLmNvbS9hdXRob3JpemUvIn0= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ee46ba9bcf34d5ae6a51a029a9d698e75d4a133141853ac8ed51285a82951c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
778
content-type
text/html
date
Wed, 18 Oct 2023 17:09:08 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Tue, 26 Sep 2023 18:20:34 GMT
pragma
no-cache
referrer-policy
origin
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
config.js
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/config.js
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3a4508431d0241d3e416f3ec58f455c3beaf184c9badd80cb8bcc59f4eb1d7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 17:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Sat, 30 Sep 2023 00:00:27 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
1534
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
new-relic.js
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		55 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/new-relic.js
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8459b0c25ef0f38c50d2be337d3f85e3ad01356206138bd3158d2ceccf3c59ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:09:08 GMT
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Sat, 30 Sep 2023 00:00:27 GMT
server
Apache
etag
"37-606883a899dbd"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
55
x-xss-protection
1; mode=block
ebf3da7c0c4271977a61.main.js
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		1 MB
398 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/ebf3da7c0c4271977a61.main.js
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Tue, 26 Sep 2023 18:20:34 GMT
server
Apache
etag
"174815-606472174a080-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
main.7e2087f0d7f7442394de.css
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		2 MB
320 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/main.7e2087f0d7f7442394de.css
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Tue, 26 Sep 2023 18:20:34 GMT
server
Apache
etag
"1a8e9f-606472174a080-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
Primary Request authorize
api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/ 		192 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&client_id=904A88QzzGKlxq4WbxDGrh5hfhqwURIp&message_id=8d69be75-a2db-4c89-bc6f-d5e4299f3b89&nonce=VjxIiOGsuhTVpCgT3Gy5HjON4TVW7UFZ&realm=employee&redirect_uri=https://clclearquotepreprod.awspubliccloud2.nationwide.com/authorize/&response_type=token+id_token&scope=openid&state=eyJ1cmwiOiJodHRwczovL2NsY2xlYXJxdW90ZXByZXByb2QuYXdzcHVibGljY2xvdWQyLm5hdGlvbndpZGUuY29tLyIsImNyZWRlbnRpYWxTdG9yYWdlS2V5IjoibnctZXVhLXdlYi1jbGllbnQtY3JlZGVudGlhbHMiLCJldWFEaXJlY3RvckF1dGhvcml6YXRpb25Gb3J3YXJkVXJsIjoiaHR0cHM6Ly9jbGNsZWFycXVvdGVwcmVwcm9kLmF3c3B1YmxpY2Nsb3VkMi5uYXRpb253aWRlLmNvbS9hdXRob3JpemUvIn0=
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/ebf3da7c0c4271977a61.main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70d821ba5e4ef1e7cf7b6dd597db738c96290bab3b9c13040bc1449c9335feed

Request headers

Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, accept, Authorization
access-control-allow-methods
POST, GET
access-control-allow-origin
access-control-expose-headers
Location
access-control-max-age
3628800
cache-control
max-age=0, no-cache, no-store
content-length
192
content-type
application/json
date
Wed, 18 Oct 2023 17:09:10 GMT
expires
Wed, 18 Oct 2023 17:09:10 GMT
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=510 origin; dur=64 ak_p; desc="1697648949348_34664466_507635798_57264_39210_11_493_255";dur=1
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
80cae07f579c5e35ed7f.woff
clclearquotepreprod.awspubliccloud2.nationwide.com/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clclearquotepreprod.awspubliccloud2.nationwide.com/80cae07f579c5e35ed7f.woff
Requested by
Host: clclearquotepreprod.awspubliccloud2.nationwide.com
URL: https://clclearquotepreprod.awspubliccloud2.nationwide.com/main.7e2087f0d7f7442394de.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.59.6 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-59-6.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clclearquotepreprod.awspubliccloud2.nationwide.com/
Origin
https://clclearquotepreprod.awspubliccloud2.nationwide.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:09:09 GMT
x-content-type-options
nosniff
referrer-policy
origin
last-modified
Tue, 26 Sep 2023 18:20:34 GMT
server
Apache
etag
"6b14-606472174a080"
x-frame-options
SAMEORIGIN
content-type
font/woff
accept-ranges
bytes
content-length
27412
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.nationwide.com/ Name: _abck
Value: E13E963E45E63FADCB7DC5FFE7BD9FA0~-1~YAAQEvAQAi6Y2jeLAQAAtjzDQwpPRJof3FjOpa337vSZ1YtoNz0H5VIDOxh6+5kkcSHgR0/92/8rAcMmiC7B156rpRRNbMlauKTJY4ontA5NK3c5QwlPIQu2EvYL1zUMnrdRJFUTa79OOXoxa9xUBcLkcAQxPYEv/FEHmxn5DFFu9UYgc7EKeKPgvMtJZN0U2xkzweYLrRL4B6wSzK3M3WFvJ6Ww2IS9mP01tmxLzEPAcIjCTxjMuwbl5CkPFbFN5a/XVCu8Fume/fvEhyxd1aefKekFm6s1Z97OyTeYezQbJDo0ZzyEdRWswjgqeX5ATMaDVR/qlo4LY82z7zouZdm5BteIP8+p1W4M8f9kFgt/w+xah0wV1Rw/ryW6y+G6~-1~-1~-1
.nationwide.com/ Name: ak_bmsc
Value: 4118D22AA83B102CC69EF517789F9DBA~000000000000000000000000000000~YAAQEvAQAi+Y2jeLAQAAtjzDQxVdPJIWwM1IWVIP19DDc8eCudmGpE4KM7MSNtOdgtyqJyI1zruiWeWu6TkvHfTx1AqxlJ5Uvi1ACYtJbibLpbWKQdHuZMTO+3tN9OLsSyBkevtpYeB99bATMwybccg8ugVUGHdM7RI59l4SNmS7s56n1cN1N3kD9uZ8AsCweokjGzyp+GLaceD6XeQ4zNoJ3WGFCPz7lHw7CYO2CPiVR0oouyLHheyzl3Ibg+Dyg5PR5rrpnG5nCR5b2xflzV4agTAIDTpv22uTr6lXh82PRnxjLqB+IOnG94O0l1/8ymeHki8cJ0QCAiUax1qGyHV+35RnXPRU0aoQ2PXl9gt54LTs9YLpYQWdYmrRPCMPwyRYJTowXeVzoYGW84NGDQ==
.nationwide.com/ Name: bm_sz
Value: D5DAAE07AC560AD08ADFDD91FCF9DA63~YAAQEvAQAjCY2jeLAQAAtjzDQxXrVzU4pKcdxU1OacJBFJB/4U6cJZxl3MmuRnXDm3C0EYrT1+GMtyNPTx7wwxQ6tf1cHp1JIu+tkXzLBZcTjNOg0umIrT8mIFdvcsrEJj/ji9Ap/RJ9TTGLrjhkp8K7sFYzVKskSanHxENAm5lVZNo8K5JRIH05ryWu5Mr3o4znLMXLNnhIpmMQLlCDmElXSghg3kVCn/v8yOyNresxAMg6ItgprdC1LFkZTxRTeSlW5H8az9TlA1/nWGJjrEletgmuw24RU4YUnuyXHleiGoifRXwE~4536134~3159347

1 Console Messages

Source Level URL
Text
network error URL: https://api-stage.nationwide.com/security-processing/enterprise-user-auth/v2/authorize?auth_method=ping-racf&client_id=904A88QzzGKlxq4WbxDGrh5hfhqwURIp&message_id=8d69be75-a2db-4c89-bc6f-d5e4299f3b89&nonce=VjxIiOGsuhTVpCgT3Gy5HjON4TVW7UFZ&realm=employee&redirect_uri=https://clclearquotepreprod.awspubliccloud2.nationwide.com/authorize/&response_type=token+id_token&scope=openid&state=eyJ1cmwiOiJodHRwczovL2NsY2xlYXJxdW90ZXByZXByb2QuYXdzcHVibGljY2xvdWQyLm5hdGlvbndpZGUuY29tLyIsImNyZWRlbnRpYWxTdG9yYWdlS2V5IjoibnctZXVhLXdlYi1jbGllbnQtY3JlZGVudGlhbHMiLCJldWFEaXJlY3RvckF1dGhvcml6YXRpb25Gb3J3YXJkVXJsIjoiaHR0cHM6Ly9jbGNsZWFycXVvdGVwcmVwcm9kLmF3c3B1YmxpY2Nsb3VkMi5uYXRpb253aWRlLmNvbS9hdXRob3JpemUvIn0=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block