urlscan.io logo urlscan.io
SecurityTrails logo

files.clear.bank Open in urlscan Pro
52.179.124.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://files.clear.bank/collaborations/3RSV2uD38fnM/granted_access/tSYLUYf4kN9WsR%252B/?showConversation=True
Effective URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Submission: On November 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 52.179.124.30, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is files.clear.bank.
TLS certificate: Issued by R3 on October 4th 2022. Valid for: 3 months.
This is the only time files.clear.bank was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 52.179.124.30 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2
Apex Domain
Subdomains		 Transfer
9 clear.bank
files.clear.bank
289 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
10 2
Domain Requested by
9 files.clear.bank 1 redirects files.clear.bank
2 www.google-analytics.com files.clear.bank
www.google-analytics.com
10 2

This site contains links to these domains. Also see Links.

Domain
support.e-share.us
Subject Issuer Validity Valid
files.clear.bank
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Frame ID: 243CC21917A711C8D890B7345D4E8887
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ClearBank

Page URL History Show full URLs

  1. https://files.clear.bank/collaborations/3RSV2uD38fnM/granted_access/tSYLUYf4kN9WsR%252B/?showConversa... HTTP 302
    https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

308 kB
Transfer

1079 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://files.clear.bank/collaborations/3RSV2uD38fnM/granted_access/tSYLUYf4kN9WsR%252B/?showConversation=True HTTP 302
    https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
files.clear.bank/collaborations/MTY4NTk3MQ/pin/
Redirect Chain
  • https://files.clear.bank/collaborations/3RSV2uD38fnM/granted_access/tSYLUYf4kN9WsR%252B/?showConversation=True
  • https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9384d07983641153c65f9593b1d0d2bf5dafae2e95d35fb3c1755735f65a4e0e
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 11:15:57 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
request-id
7ea5159e3ce8ab0847bfad383a161c49
strict-transport-security
max-age=31536000; includeSubdomains; preload;
vary
Accept-Encoding Cookie
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
content-type
text/html; charset=utf-8
date
Mon, 07 Nov 2022 11:15:55 GMT
location
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
referrer-policy
strict-origin-when-cross-origin
request-id
fb94b694b072682279847ec842abb136
strict-transport-security
max-age=31536000; includeSubdomains; preload;
vary
Cookie
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
core.04245.css
files.clear.bank/assets/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/core.04245.css
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa375889b7c5f1d636d7b00c41df7095e1bfdcd1ccd54e9e15adc0157ea77b84
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:06 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633ea-6511"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
7a0b29b16260371a0fa3e049916d209a
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
14efb1939865.css
files.clear.bank/static/CACHE/css/ 		124 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/static/CACHE/css/14efb1939865.css
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c77baa98889915b0ace5c5bae964f7baf6db7c6e480ce89fb6dc30612965d372
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:07 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633eb-1ef61"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
9d0ba1dfb6ca44cdc0ac03043122a4d8
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
runtime.455d0.js
files.clear.bank/assets/ 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/runtime.455d0.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c58ebccec2647679ec8529378c682f4bfed8d6585f9b978494d2dab60157b02
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:06 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633ea-19d6b"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
0bb5589d505ac4541d25ff4cf28d443a
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
core.494cd.js
files.clear.bank/assets/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/core.494cd.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7016cb1c277507e8fc1af0b4ddf783ea8d89d509db7cee83415baa08650ce27
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:06 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633ea-4815"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
048f6f4d569a7c9c681eb9558ea64d28
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
react_stack.fe366.js
files.clear.bank/assets/ 		270 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/assets/react_stack.fe366.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f456ac73a4f49a3ec7c1be3c195bc8b40b2c4a9f10a4bb2c0100bfd30d694374
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:06 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633ea-436cc"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
c6c82be8d027b386747888f7758388a7
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
6410b2df5bc2.js
files.clear.bank/static/CACHE/js/ 		478 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.clear.bank/static/CACHE/js/6410b2df5bc2.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e956122234841fc6fd37c490582f5fcc416006b8175b631a2bd1c05dd73e4a6f
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Sat, 05 Nov 2022 09:59:07 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"636633eb-77998"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
request-id
faa97303bbc0322f978866df4b646eb7
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 11:15:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 11:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 13:15:54 GMT
full_color_awqTi2l.png
files.clear.bank/file/organizations/logos/1987/385/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.clear.bank/file/organizations/logos/1987/385/full_color_awqTi2l.png
Requested by
Host: files.clear.bank
URL: https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.124.30 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9db03b133c0f53d639a35382579f94fc9a9dca1551763eb4d953fd5fa7d12767
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://files.clear.bank/collaborations/MTY4NTk3MQ/pin/?showConversation=True
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:15:57 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload;
referrer-policy
strict-origin-when-cross-origin
content-security-policy
style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
last-modified
Thu, 18 Aug 2022 12:41:39 GMT
x-content-type-options
nosniff
etag
"62fe3383-982"
content-type
image/png; charset=utf-8
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
request-id
aa5d3982ff7f7b1d32cb7d8532a782fc
content-length
2434
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1675208616&t=pageview&_s=1&dl=https%3A%2F%2Ffiles.clear.bank%2Fcollaborations%2FMTY4NTk3MQ%2Fpin%2F%3FshowConversation%3DTrue&ul=en-us&de=UTF-8&dt=ClearBank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=723813127&gjid=524850095&cid=1984442222.1667819757&tid=UA-35844537-1&_gid=1106412470.1667819757&_r=1&_slc=1&z=1570743264
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://files.clear.bank/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 11:15:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://files.clear.bank
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| runtime_3a1f3 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| react_stack_59b0a object| ng function| $ function| jQuery object| angular

6 Cookies

Domain/Path Name / Value
files.clear.bank/ Name: id.login.ncryptedcloud.com
Value: w2mgc6j1ixyjuw1v4lb066isttth52fo
files.clear.bank/ Name: browser-id
Value: "b7b14ea6-9699-4842-b3ae-97bfd3fa639c|1699355755:1os06d:WZl7CEHi8zXDrVPV3uQlXyB16Q8"
files.clear.bank/ Name: csrftoken
Value: wkuU95Pw2UQkUOo0HOM0D4aUZ2IFbcGi
.clear.bank/ Name: _ga
Value: GA1.2.1984442222.1667819757
.clear.bank/ Name: _gid
Value: GA1.2.1106412470.1667819757
.clear.bank/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com *.tinymce.com *.tiny.cloud 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://google-analytics.com https://www.google.com https://www.gstatic.com *.tinymce.com *.tiny.cloud; object-src 'none';img-src https://www.gstatic.com data: blob: 'self' *.tinymce.com *.tiny.cloud;worker-src blob:;connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net *.tinymce.com *.tiny.cloud blob:;font-src 'self' *.tinymce.com *.tiny.cloud;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block