See 3 issues here: https://sritest.io/#report/f009e9b1-b372-409b-ae2f-a5c1c24562b8
Symantec Certificate installed properly.
DOM XSS Scan vuln. + potential; issues with Rails: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fnexus.ensighten.com%2Frbc%2FBootstrap.js
F-status and recommendations: https://observatory.mozilla.org/analyze.html?host=www.rbc.com
error

found JavaScript
error: undefined variable b.firstChild
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var b.firstChild = 1;
error: line:1: …^

Numeric arrays start at 0 not at 1. (pol)

HTTP Strict Transport Security (HSTS) header not implemented

polonus (volunteer website security analyst and website error-hunter)

Also find error in this code: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fwww.google.com%2Frecaptcha%2Fapi.js%3Fonload%3DonloadCaptchaCallback%26render%3Dexplicit
for -www.gstatic.com/recaptcha/api2/r20170712134223/ there as

found JavaScript error: undefined function document.querySelector error: undefined variable s

Object does not support property, take a look at the call stack to see what gets put in as parameters, updating jQuery should be done with care unless something breaks. Info-credits: All-Star. Old variable or set name is still used, so kicks up a undefined variable s error.

polonus (volunteer website security analyst and website error-hunter)