urlscan.io logo urlscan.io
SecurityTrails logo

files.clear.bank Open in urlscan Pro
52.179.124.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://files.clear.bank/collaborations/3byMqTyVwye6/granted_access/GGQYPH1mfVIxaMf/?showConversation=True
Effective URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Submission: On October 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 52.179.124.30, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is files.clear.bank.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.
This is the only time files.clear.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 52.179.124.30 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
11 3
Apex Domain
Subdomains		 Transfer
10 clear.bank
files.clear.bank
299 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
11 2
Domain Requested by
10 files.clear.bank 1 redirects files.clear.bank
1 www.google-analytics.com files.clear.bank
www.google-analytics.com
11 2

This site contains links to these domains. Also see Links.

Domain
support.e-share.us
Subject Issuer Validity Valid
files.clear.bank
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Frame ID: 5CABB0E052DBCE015AB661EAB1B67A9F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ClearBank

Page URL History Show full URLs

  1. https://files.clear.bank/collaborations/3byMqTyVwye6/granted_access/GGQYPH1mfVIxaMf/?showConversation... HTTP 302
    https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

318 kB
Transfer

1115 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://files.clear.bank/collaborations/3byMqTyVwye6/granted_access/GGQYPH1mfVIxaMf/?showConversation=True HTTP 302
    https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
files.clear.bank/collaborations/MjE1OTg0OQ/pin/
Redirect Chain
  • https://files.clear.bank/collaborations/3byMqTyVwye6/granted_access/GGQYPH1mfVIxaMf/?showConversation=True
  • https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73a6a9866212acb72167e014e0b339ab32a770b19013362f472a10455068a101
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 13:00:42 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
request-id
3a7c44f63d5d3acc06e42e46e1e8ed4e
strict-transport-security
max-age=31536000; includeSubdomains; preload;
vary
Accept-Encoding Cookie, Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 13:00:41 GMT
location
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
request-id
3479ba2b32e47ce77781720dc7851daf
strict-transport-security
max-age=31536000; includeSubdomains; preload;
vary
Cookie, Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
core.af283.css
files.clear.bank/assets/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/core.af283.css
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ea5c1fcb3311844485b5e01b4d74b3418088b80286b75919c2cc9a00abba43c
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:37:00 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbac-6bdd"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
46dec285b18b38be1df9a20c53bed9a3
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
0d8ad395260e.css
files.clear.bank/static/CACHE/css/ 		124 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/static/CACHE/css/0d8ad395260e.css
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64265212e68f3f286e4c650d8df49157097337a86f487899a7c203c3b1613646
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:36:58 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbaa-1ef61"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
5c3095474433e2c5fc73b314c1b9357d
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
runtime.b7f0d.js
files.clear.bank/assets/ 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/runtime.b7f0d.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59368fd437a51e23686c118b0bb41e4db437cd0ef431cf17a32447925ab394c9
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:37:00 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbac-19d88"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
b57e6ca52df82eb19e4eff3fb846f7a0
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
core.4a211.js
files.clear.bank/assets/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/core.4a211.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e41e5910b33877f4a2bf75f2ec31ef8106bda431a847c0217f3bfa75128b7326
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:37:00 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbac-644f"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
827ac45a8cccc2777e163f2ebb2461e4
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
react_stack.b436c.js
files.clear.bank/assets/ 		273 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/react_stack.b436c.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ffa9414b06d9eeaf1273f741dca15e1d1a22e8974b8d9c87f8e9878b82da810
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:37:00 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbac-44580"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
846e741ae1a3da08637736aabcbfb79b
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
000767000b07.js
files.clear.bank/static/CACHE/js/ 		479 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/static/CACHE/js/000767000b07.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da7719e81f3a5ae721459e415b5393b1d08a1c58a01d1c2a1bc1f1682cf82774
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:42 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Mon, 09 Oct 2023 08:36:58 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"6523bbaa-77b2a"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
c6c1f508385ce56d1182b193341e0743
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2024 13:00:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 11:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4149
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 10 Oct 2023 13:51:33 GMT
full_color_awqTi2l.png
files.clear.bank/file/organizations/logos/1987/385/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.clear.bank/file/organizations/logos/1987/385/full_color_awqTi2l.png
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9db03b133c0f53d639a35382579f94fc9a9dca1551763eb4d953fd5fa7d12767
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
referrer-policy
strict-origin-when-cross-origin
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
last-modified
Thu, 18 Aug 2022 12:41:39 GMT
x-content-type-options
nosniff
etag
"62fe3383-982"
content-type
image/png; charset=utf-8
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
request-id
10fe786d8c92f72b686c49e3f7a0bd23
content-length
2434
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		0
0
/
files.clear.bank/api/3.0/identities/user_identity/features/ 		58 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/api/3.0/identities/user_identity/features/
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.clear.bank/collaborations/MjE1OTg0OQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:00:43 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
www-authenticate
NCC, NCCAPP
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Cookie, Origin
content-type
application/json; charset=utf-8
allow
GET, HEAD, OPTIONS
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
34c202c567be874a9b05ef14f9f01cc6
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=858848285&t=pageview&_s=1&dl=https%3A%2F%2Ffiles.clear.bank%2Fcollaborations%2FMjE1OTg0OQ%2Fpin%2F%3FshowConversation%3DTrue&ul=en-us&de=UTF-8&dt=ClearBank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=856972980&gjid=667093839&cid=1875501755.1696942843&tid=UA-35844537-1&_gid=1379993271.1696942843&_r=1&_slc=1&z=757021533

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| invokeServiceWorkerUpdateFlow object| nccPushConf function| runtime_9d274 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| react_stack_62a63 object| ng object| inputOTP object| disableBtn function| $ function| jQuery object| angular

8 Cookies

Domain/Path Name / Value
files.clear.bank/ Name: stickyweb
Value: 1696942841.781.801.599065
files.clear.bank/ Name: id.login.ncryptedcloud.com
Value: hcvdhr7yrgh94x7emtoucroecmxm2vsl
files.clear.bank/ Name: browser-id
Value: "51dbdd70-9024-4b14-80b8-f84f38d2bfe0|1728478840:1qqCLp:OYVCaEBkIWY3J_qQnCUt4KprPD4"
files.clear.bank/ Name: csrftoken
Value: 1csv4DldCNz4XXzqIzG8nP8d0Vl2ytj0
.clear.bank/ Name: _ga
Value: GA1.2.1875501755.1696942843
.clear.bank/ Name: _gid
Value: GA1.2.1379993271.1696942843
.clear.bank/ Name: _gat
Value: 1
files.clear.bank/ Name: push_notifications_enabled
Value:

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=858848285&t=pageview&_s=1&dl=https%3A%2F%2Ffiles.clear.bank%2Fcollaborations%2FMjE1OTg0OQ%2Fpin%2F%3FshowConversation%3DTrue&ul=en-us&de=UTF-8&dt=ClearBank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=856972980&gjid=667093839&cid=1875501755.1696942843&tid=UA-35844537-1&_gid=1379993271.1696942843&_r=1&_slc=1&z=757021533' because it violates the following Content Security Policy directive: "connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us".
network error URL: https://files.clear.bank/api/3.0/identities/user_identity/features/
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com; object-src 'none';img-src https://*.cdn.office.net https://www.gstatic.com data: blob: 'self';worker-src blob: 'self';connect-src 'self' blob: https://3itkm4osqjgb5esedqulluaxyu.appsync-api.us-east-1.amazonaws.com/graphql https://app.e-sharegov.us;font-src 'self'; frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.mcas.ms *.mcas-gov.us *.mcas-gov.ms teams.e-share.us;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block