scotiabank.clausematch.com Open in urlscan Pro
75.2.30.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scotiabank.clausematch.com/login
Submission Tags: falconsandbox
Submission: On September 28 via api (September 28th 2023, 11:52:08 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 75.2.30.116, located in United States and belongs to AMAZON-02, US. The main domain is scotiabank.clausematch.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 27th 2023. Valid for: a year.

This is the only time scotiabank.clausematch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
17	75.2.30.116 75.2.30.116		16509 (AMAZON-02) (AMAZON-02)
19	2

17 75.2.30.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: add5c3ab4ff98e409.awsglobalaccelerator.com

scotiabank.clausematch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	clausematch.com scotiabank.clausematch.com	908 KB
0	Failed function sub() { [native code] }. Failed
19	2

	Domain	Requested by
17	scotiabank.clausematch.com	scotiabank.clausematch.com
0	wam.cloud.bns Failed	scotiabank.clausematch.com
19	2

This site contains no links.

Subject Issuer	Validity	Valid
scotiabank.clausematch.com Amazon RSA 2048 M01	`2023-02-27` - `2024-03-27`	a year	crt.sh

This page contains 1 frames:

Frame: https://wam.cloud.bns/sso/cdsso/federation.jsp?appName=ClauseMatch
Frame ID: F72F1AE7DBCABBBBCFF63DCF3F576759
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

908 kB
Transfer

2271 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
scotiabank.clausematch.com/ 1 KB
2 KB 443ms
131ms Document
text/html 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

3b5203b1955fddecfc6ec983b5c967d366944d8cd79c27d78cd4e67299d6331c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-type: text/html
date: Thu, 28 Sep 2023 23:52:01 GMT
etag: W/"64d3e300-4b7"
feature-policy: sync-xhr *
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: strict-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 delivery-config-cd1d508e46be45f0.js Show response
scotiabank.clausematch.com/ 4 KB
3 KB 135ms
132ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/delivery-config-cd1d508e46be45f0.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bb1cb62a2491db9069298217bd0bca3aeedfc35de68a94b963707690d3fdbd29

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scotiabank.clausematch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-eaf"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 styles.143e48e7db67ae8a.css
scotiabank.clausematch.com/ 25 KB
8 KB 138ms
134ms Stylesheet
text/css 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b90f927d49d4cac49f8614295e26054391b810fc6e3ce3c8dbe850abbfc2d075

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scotiabank.clausematch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-658a"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 runtime.7ed8ae35120083d7.js Show response
scotiabank.clausematch.com/ 3 KB
3 KB 136ms
132ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/runtime.7ed8ae35120083d7.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

333229181b011800508b68b04e2f9388dbd6c5c4e2b0d4bc66e7a1191eac0aec

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-de4"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 polyfills.ccbd4515ebc93ecc.js Show response
scotiabank.clausematch.com/ 195 KB
76 KB 163ms
160ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/polyfills.ccbd4515ebc93ecc.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

f35657f21af9b4ab56919097ed0bd2c1b4cc4ad94ffca38cd26a4faa20d6fe5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-30c73"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 vendor.cd39c0077e94ffeb.js Show response
scotiabank.clausematch.com/ 1 MB
480 KB 139ms
136ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/vendor.cd39c0077e94ffeb.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3f2f82e547c78e71dfefc7a5efcdf92bee10c2bc6fe8ad3814662d8390aeaac

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-16107c"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 main.fe7942bab128ccfc.js Show response
scotiabank.clausematch.com/ 348 KB
105 KB 419ms
417ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/main.fe7942bab128ccfc.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b2634fba2f86c32ffc7ebc22b4543bf4768f3063fd1796ea2001b7c456610c64

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-56ead"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 OpenSans-Regular.7191e5b00b5419eb.woff2
scotiabank.clausematch.com/ 55 KB
56 KB 348ms
347ms Font
font/woff2 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/OpenSans-Regular.7191e5b00b5419eb.woff2

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-length: 56348
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: "64d3e300-dc1c"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
expires: Sat, 28 Oct 2023 23:52:01 GMT

GET
H2 200 app-config.json Show response
scotiabank.clausematch.com/ 3 KB
2 KB 131ms
131ms Fetch
application/json 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/app-config.json

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/polyfills.ccbd4515ebc93ecc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e652651042d7650aee02c519c05603c8592cf7cdc484cf3ffe56fc65d7699b1c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scotiabank.clausematch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
content-security-policy: object-src 'none'; script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
server: nginx
referrer-policy: strict-origin
x-frame-options: DENY, DENY
content-type: application/json
cache-control: max-age=10
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 28 Sep 2023 23:52:12 GMT

GET
H2 200 837.5731b87446fcdf1a.js Show response
scotiabank.clausematch.com/ 73 KB
16 KB 132ms
132ms Script
application/javascript 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/837.5731b87446fcdf1a.js

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/runtime.7ed8ae35120083d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e4a07002352c105fd6e69068d74d08a07216af8d11bff0b5b722715c224545c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: W/"64d3e300-1246e"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
expires: Sat, 28 Oct 2023 23:52:02 GMT

GET
H2 404 fonts.css
scotiabank.clausematch.com/branding/fonts/ 0
0 131ms
131ms Stylesheet
text/html 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/branding/fonts/fonts.css

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/vendor.cd39c0077e94ffeb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scotiabank.clausematch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
server: nginx
content-length: 548
content-type: text/html

GET
H2 401 me Show response
scotiabank.clausematch.com/api/v1/users/ 0
617 B 160ms
160ms XHR
text/plain 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/api/v1/users/me

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/polyfills.ccbd4515ebc93ecc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://scotiabank.clausematch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 expertsans-light-webfont.d6c07fa88f5c71d9.woff
scotiabank.clausematch.com/ 21 KB
23 KB 133ms
132ms Font
font/woff 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/expertsans-light-webfont.d6c07fa88f5c71d9.woff

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

cfd7fb9f4a18ffee0a0c870a6a43435d7cb9678f7f56f67bef0ba433f14e766e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-length: 21852
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: "64d3e300-555c"
x-frame-options: DENY
content-type: font/woff
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
expires: Sat, 28 Oct 2023 23:52:02 GMT

GET
H2 200 expertsans-bold-webfont.0c1d6d5e60054e26.woff
scotiabank.clausematch.com/ 22 KB
23 KB 132ms
131ms Font
font/woff 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/expertsans-bold-webfont.0c1d6d5e60054e26.woff

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6e7b2ff7e18d02aad02155846f31f818bfd3f96469e4fc0fb6190daeb3e95d08

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-length: 22184
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: "64d3e300-56a8"
x-frame-options: DENY
content-type: font/woff
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
expires: Sat, 28 Oct 2023 23:52:02 GMT

GET
H2 200 OpenSans-Semibold.4e96170d280c2016.woff2
scotiabank.clausematch.com/ 55 KB
56 KB 162ms
161ms Font
font/woff2 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/OpenSans-Semibold.4e96170d280c2016.woff2

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

0240d31750dece0d5a709e6eb5cbfded2f15b37b5a4d752c3c636cdd03bd12f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-length: 56336
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: "64d3e300-dc10"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
expires: Sat, 28 Oct 2023 23:52:02 GMT

GET
H2 200 OpenSans-Bold.a2db9e9b894eee37.woff2
scotiabank.clausematch.com/ 53 KB
55 KB 133ms
132ms Font
font/woff2 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/OpenSans-Bold.a2db9e9b894eee37.woff2

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/styles.143e48e7db67ae8a.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scotiabank.clausematch.com/
Origin: https://scotiabank.clausematch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://*.sentry.io; style-src 'self' 'unsafe-inline' https://*.appcues.com https://*.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://*.appcues.com https://*.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://*.appcues.net https://*.appcues.com wss://api.appcues.net wss://*.appcues.com;
content-length: 54576
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 09 Aug 2023 19:03:28 GMT
server: nginx
etag: "64d3e300-d530"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=2592000, max-age=2592000, must-revalidate, proxy-revalidate
feature-policy: sync-xhr *
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
expires: Sat, 28 Oct 2023 23:52:02 GMT

GET
H2 401 me
scotiabank.clausematch.com/api/v1/users/ 0
567 B 133ms
133ms XHR
text/plain 75.2.30.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.clausematch.com/api/v1/users/me

Requested by

Host: scotiabank.clausematch.com
URL: https://scotiabank.clausematch.com/polyfills.ccbd4515ebc93ecc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

add5c3ab4ff98e409.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://scotiabank.clausematch.com/
X-XSRF-TOKEN: 7154b26e-ec2f-4bc6-8414-4d1139d91f73
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 23:52:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET federation.jsp
wam.cloud.bns/sso/cdsso/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wam.cloud.bns
URL: https://wam.cloud.bns/sso/cdsso/federation.jsp?appName=ClauseMatch

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
scotiabank.clausematch.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 7154b26e-ec2f-4bc6-8414-4d1139d91f73
scotiabank.clausematch.com/	1970-01-20 15:15:49	Name: AWSALB Value: IbIYgm9V+MM8VnID6T+RdKHB0Ytcu66QEBPm851rTltOMgJmyoJtz9L5/jXqv22iwN2Gg3JCm9c99S7eclaKAeH3OdOKDuVt45hHpOzn4jXLQPZ/yxTIqX3cxNxO
scotiabank.clausematch.com/	1970-01-20 15:15:49	Name: AWSALBCORS Value: IbIYgm9V+MM8VnID6T+RdKHB0Ytcu66QEBPm851rTltOMgJmyoJtz9L5/jXqv22iwN2Gg3JCm9c99S7eclaKAeH3OdOKDuVt45hHpOzn4jXLQPZ/yxTIqX3cxNxO

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: sync-xhr. Values defined in Permissions-Policy header will be used.
network	error	URL: https://scotiabank.clausematch.com/branding/fonts/fonts.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scotiabank.clausematch.com/api/v1/users/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://scotiabank.clausematch.com/api/v1/users/me Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net; frame-ancestors 'none'; default-src 'self' https://www.youtube.com https://.sentry.io; style-src 'self' 'unsafe-inline' https://.appcues.com https://.appcues.net https://fonts.googleapis.com https://fonts.google.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' https://.appcues.com https://.appcues.net res.cloudinary.com twemoji.maxcdn.com data:; media-src 'self'; connect-src 'self' https://o1099923.ingest.sentry.io https://.appcues.net https://.appcues.com wss://api.appcues.net wss://.appcues.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scotiabank.clausematch.com
wam.cloud.bns
wam.cloud.bns
75.2.30.116
0240d31750dece0d5a709e6eb5cbfded2f15b37b5a4d752c3c636cdd03bd12f8
333229181b011800508b68b04e2f9388dbd6c5c4e2b0d4bc66e7a1191eac0aec
3b5203b1955fddecfc6ec983b5c967d366944d8cd79c27d78cd4e67299d6331c
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729
6e7b2ff7e18d02aad02155846f31f818bfd3f96469e4fc0fb6190daeb3e95d08
b2634fba2f86c32ffc7ebc22b4543bf4768f3063fd1796ea2001b7c456610c64
b90f927d49d4cac49f8614295e26054391b810fc6e3ce3c8dbe850abbfc2d075
bb1cb62a2491db9069298217bd0bca3aeedfc35de68a94b963707690d3fdbd29
bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67
cfd7fb9f4a18ffee0a0c870a6a43435d7cb9678f7f56f67bef0ba433f14e766e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f2f82e547c78e71dfefc7a5efcdf92bee10c2bc6fe8ad3814662d8390aeaac
e4a07002352c105fd6e69068d74d08a07216af8d11bff0b5b722715c224545c3
e652651042d7650aee02c519c05603c8592cf7cdc484cf3ffe56fc65d7699b1c
f35657f21af9b4ab56919097ed0bd2c1b4cc4ad94ffca38cd26a4faa20d6fe5d

scotiabank.clausematch.com Open in urlscan Pro 75.2.30.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

908 kBTransfer

2271 kBSize

3 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

4 Console Messages

Security Headers

Indicators

scotiabank.clausematch.com Open in urlscan Pro
75.2.30.116 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

908 kB
Transfer

2271 kB
Size

3
Cookies

19 HTTP transactions
-1 data transactions