my.goldenstatebank.com Open in urlscan Pro
35.225.70.12  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response my.goldenstatebank.com/	86 KB 20 KB	477ms 169ms	Document text/html	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash b7f27076959735af76db5ed3aa3573ebb3a104b125c9a56313c5db842db408a4 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-Wub0WEMKUPNz/ogDDEM6SD5XTTHyYLqN0DHPwozH2kg=' 'sha256-6qzzkoh3D/yHF6o06b8jOWotr8NZL8yNmloPRxoaB/M=' 'sha256-p4dmDGIRGHQafVo6QlNSvBPsTWxKNFWbHcMweAIab+U=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-lBWjcK2tDHJzBhrF09ODut6/5BCooXwM0VTTqh7W7yg=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.goldenstatebank.com; manifest-src 'self'; worker-src 'self'; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, no-cache content-encoding gzip content-length 19194 content-security-policy default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-Wub0WEMKUPNz/ogDDEM6SD5XTTHyYLqN0DHPwozH2kg=' 'sha256-6qzzkoh3D/yHF6o06b8jOWotr8NZL8yNmloPRxoaB/M=' 'sha256-p4dmDGIRGHQafVo6QlNSvBPsTWxKNFWbHcMweAIab+U=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-lBWjcK2tDHJzBhrF09ODut6/5BCooXwM0VTTqh7W7yg=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.goldenstatebank.com; manifest-src 'self'; worker-src 'self'; content-type text/html date Wed, 01 May 2024 22:51:12 GMT etag W/"4afa-c0GiLuM7l/ikKN8g/fL0HbbpQ+g" permissions-policy document-domain=() referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=15724800; includeSubDomains x-b3-sampled 1 x-b3-spanid 6454e82b97b957e4 x-b3-traceid 9daec2dccd1c6d8eabc93df69bfdcdfa x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	standalone-app-05c30bab.js Show response my.goldenstatebank.com/js/	123 KB 35 KB	117ms 116ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash ddd9c7991fc29ed24cc8991e76925e1d3557edac0ac761de973f4e00076f48ef Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 99a1a1b21ec011f758a3dfbfa2f8f1c9 etag W/"8a38-cIaIJw3CXmbxtTM8Wht7v+V51/A" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 3c6491df7ce45209 x-b3-sampled 1 content-length 35384
GET H2	200	banno-web-6ae33c07.js Show response my.goldenstatebank.com/js/	456 KB 98 KB	117ms 117ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/banno-web-6ae33c07.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 841f0528f825cd5042c7a5055e30dc6e8039134d0669ec0cd847a25e10d02c59 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 8fa65665c564532edc29712d8c43712a etag W/"1858c-B+7u6kw6yxGiKwOpDk4UzGePuII" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 60e8f91addff2863 x-b3-sampled 1 content-length 99724
GET H2	200	golden-state-bank-logo-60915904.png my.goldenstatebank.com/images/fi-assets/golden-state-bank/	8 KB 9 KB	185ms 185ms	Image image/png	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://my.goldenstatebank.com/images/fi-assets/golden-state-bank/golden-state-bank-logo-60915904.png Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 73ca3a1a5f29a2165262f67af6c54e7bcdf929ede770dd9aa0ea5baf65f0a0f0 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 01 May 2024 16:05:37 GMT x-b3-traceid 4cea76a8a913bb0b9727c967541e8cbc etag W/"21fa-18f34e77c68" content-type image/png cache-control public, max-age=31536000 x-b3-spanid 78c1b01d606c6092 x-b3-sampled 1 accept-ranges bytes content-length 8698
GET H2	200	jha-icon-circle-warning-4dec2b24.js Show response my.goldenstatebank.com/js/	733 B 652 B	119ms 119ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/jha-icon-circle-warning-4dec2b24.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 191e17ba0be8f9ad3718c9f744fdd9560ca465ddcf698d5026e1d25a93fa5751 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid c002552bba76c3a7f0397b140592bc9f etag W/"175-j1uUR6788CFhYWTrSAbVowfJB5s" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid fc13b34da9c61688 x-b3-sampled 1 content-length 373
GET H2	200	client-shared-cebe3481.js Show response my.goldenstatebank.com/js/	146 B 382 B	120ms 120ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/client-shared-cebe3481.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 0e0b9371b8fb91793eb6f01719547efc40cbd9bd460968791d9d0ec8841bf3f4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 43630684d9ee78c7243cfb7d055475f1 etag W/"69-YYoOAMD4iLGdJ9cp25V1+2S6J7Y" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid f85e2ec1f919ea6a x-b3-sampled 1 content-length 105
GET H2	200	bd22c266-ec46-4d92-b47b-118400006396 Show response my.goldenstatebank.com/a/consumer/api/offline-status/institutions/	20 B 195 B	119ms 119ms	Fetch application/json	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/offline-status/institutions/bd22c266-ec46-4d92-b47b-118400006396 Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains x-envoy-upstream-service-time 0 content-length 20 x-request-id b989c388070cc3a5fb2a487c0933053f content-type application/json
GET H2	200	mixpanel-694c2099.js Show response my.goldenstatebank.com/js/	54 KB 17 KB	117ms 117ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/mixpanel-694c2099.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 9eaebeca76ee481755d1846677330605b515179ef6f105506a13acce280756f0 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid e5b56a7b9b7f9b777719be13294b958a etag W/"4226-ePaxZ9DITG5weM1QKwVNeG3I56I" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid e46f1ab89fc86a6a x-b3-sampled 1 content-length 16934
GET H2	200	bannoweb-background-hero-4d2bfbf4.js Show response my.goldenstatebank.com/js/	820 B 657 B	120ms 119ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/bannoweb-background-hero-4d2bfbf4.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash bcc012d6191edec5c55ddd2c930b1ffa8c68d43dc4bc02d55dc4ddd7709d1717 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid f95a0352b1bb3bb570170a71899fbe90 etag W/"179-SZ/LX7NmXByT3eFGO+ulzLXs83c" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid c259b95b927bd6ee x-b3-sampled 1 content-length 377
GET H2	401	validate my.goldenstatebank.com/a/consumer/api/auth/	0 0	148ms 148ms	Fetch	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/auth/validate Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 x-request-id 603daf33b798db93879a6dbf05786a97
GET H2	200	golden-state-bank-favicon-549dd83d.ico my.goldenstatebank.com/images/fi-assets/golden-state-bank/	33 KB 33 KB	134ms 134ms	Other image/x-icon	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/images/fi-assets/golden-state-bank/golden-state-bank-favicon-549dd83d.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 4ff44e5e5c18789c9f83cf42784ea72232903df910025bbc3ed1bd3494dcb816 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 01 May 2024 16:05:37 GMT x-b3-traceid a7b2c0e00ed2063f3d3ced285cf4cade etag W/"821e-18f34e77c68" content-type image/x-icon cache-control public, max-age=31536000 x-b3-spanid 614201f7b6962f6c x-b3-sampled 1 accept-ranges bytes content-length 33310
GET H2	200	golden-state-bank-background-landscape-e42840a7.png my.goldenstatebank.com/images/fi-assets/golden-state-bank/	17 KB 18 KB	135ms 134ms	Image image/png	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://my.goldenstatebank.com/images/fi-assets/golden-state-bank/golden-state-bank-background-landscape-e42840a7.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 44e624f4a35d6aafca0f7ad9608cd2946644d1cb2fe241e78557f343fd45c23b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 01 May 2024 16:05:37 GMT x-b3-traceid b55c10002c5004d3c650fabe6bd7a103 etag W/"4531-18f34e77c68" content-type image/png cache-control public, max-age=31536000 x-b3-spanid 45cf0970f0f7b6e4 x-b3-sampled 1 accept-ranges bytes content-length 17713
GET H2	200	bd22c266-ec46-4d92-b47b-118400006396 Show response my.goldenstatebank.com/a/consumer/api/institutions/	152 KB 152 KB	161ms 160ms	Fetch application/json	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/institutions/bd22c266-ec46-4d92-b47b-118400006396 Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 9abe00ce869153d9089b54372ecb907dc62093b5e649626343bc2c0916d8d96f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 155322 x-request-id 81ffea05ac19693c8c9b63df3a19ba14 content-type application/json
GET H2	200	jha-icon-form-89223365.js Show response my.goldenstatebank.com/js/	1 KB 791 B	119ms 117ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/jha-icon-form-89223365.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 7f84d4ed2d0c0ab7032492310f279036d5182fbcbeb210e614158036c8ecaefb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid c09e846f4fabf74e713a29fc09e1306e etag W/"200-Gfqxl/IZPY0GrVse/EqCIbjolSs" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid df5db10f280e970b x-b3-sampled 1 content-length 512
GET H2	200	jha-icon-life-preserver-7b9dd6f3.js Show response my.goldenstatebank.com/js/	1 KB 901 B	117ms 115ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/jha-icon-life-preserver-7b9dd6f3.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 85a1b668bc488a85d4b8efaa79561e5c1b8597fb6f47739878154ef922fc9bbf Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid e7e1ad1f2a3bb36fd3296c3db78aa69d etag W/"26f-ca8iDDt5orcUkVoDxfOU1rCdMRE" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 124f8e8e7a771714 x-b3-sampled 1 content-length 623
GET H2	200	time Show response my.goldenstatebank.com/a/consumer/api/v0/login/	13 B 241 B	250ms 249ms	Fetch application/json	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/v0/login/time Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 0ba93499ea230ae614bdb2b76d5d712a38fa3276dee75837bcddc761bed89aef Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT cache-control private, no-store, no-cache strict-transport-security max-age=15724800; includeSubDomains etag W/"d-PoLrUbtL+jRwRWxlJpEkBCJYeFY" content-length 13 x-request-id cf756dfcc9c14cc24334dc0287f276d3 content-type application/json; charset=utf-8
GET H2	200	jha-icon-warning-e9dd1c56.js Show response my.goldenstatebank.com/js/	898 B 729 B	221ms 220ms	Script text/javascript	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/js/jha-icon-warning-e9dd1c56.js Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash f7aebda738329e99c9d0ea8622d41ac65cef5c1e3e57ffd36b159bd41a77c672 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT content-encoding br strict-transport-security max-age=15724800; includeSubDomains x-b3-traceid 824bdcdfaf001146577fb8f45305c956 etag W/"1c3-84il4derC6J61bzp4mgxG9Lqt1Q" content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 x-b3-spanid 63bd45a08e35259d x-b3-sampled 1 content-length 451
GET H2	200	time Show response my.goldenstatebank.com/a/consumer/api/v0/login/	13 B 240 B	320ms 117ms	Fetch application/json	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/v0/login/time Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 531a14abcb90c11546482e01dfb54e782cbc6cf62f91381bd57be454c2da8462 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT cache-control private, no-store, no-cache strict-transport-security max-age=15724800; includeSubDomains etag W/"d-mCjvCoHePZHAduKJo1am+QUeh/M" content-length 13 x-request-id dc0e9406589b29d3c03c7e42b1607b07 content-type application/json; charset=utf-8
GET H2	200	roboto-regular-webfont.woff2 my.goldenstatebank.com/fonts/	15 KB 15 KB	153ms 153ms	Font font/woff2	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/fonts/roboto-regular-webfont.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/ Origin https://my.goldenstatebank.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 01 May 2024 17:25:11 GMT x-b3-traceid 16369d996c295b82125506d00aba7ee9 etag W/"3bf0-18f353054d8" content-type font/woff2 cache-control public, no-cache x-b3-spanid 619c3534bb46cb02 x-b3-sampled 1 accept-ranges bytes content-length 15344
GET H2	200	golden-state-bank-favicon-549dd83d.ico my.goldenstatebank.com/images/fi-assets/golden-state-bank/	33 KB 0	0ms 0ms	Other image/x-icon	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/images/fi-assets/golden-state-bank/golden-state-bank-favicon-549dd83d.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash 4ff44e5e5c18789c9f83cf42784ea72232903df910025bbc3ed1bd3494dcb816 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://my.goldenstatebank.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:51:13 GMT last-modified Wed, 01 May 2024 16:05:37 GMT x-b3-traceid a7b2c0e00ed2063f3d3ced285cf4cade etag W/"821e-18f34e77c68" content-type image/x-icon cache-control public, max-age=31536000 x-b3-spanid 614201f7b6962f6c x-b3-sampled 1 accept-ranges bytes content-length 33310
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	start Show response my.goldenstatebank.com/a/consumer/api/login/assertion/	159 B 388 B	148ms 147ms	Fetch application/json	35.225.70.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://my.goldenstatebank.com/a/consumer/api/login/assertion/start Requested by Host: my.goldenstatebank.com URL: https://my.goldenstatebank.com/js/standalone-app-05c30bab.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.70.12 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.70.225.35.bc.googleusercontent.com Software / Resource Hash cfb31f76dfcb091f6c96439470c586fc25551f50e443af9d41ce67e15fe9c882 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://my.goldenstatebank.com/login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Response headers date Wed, 01 May 2024 22:51:13 GMT cache-control private, no-store, no-cache strict-transport-security max-age=15724800; includeSubDomains etag W/"9f-t5WchQHvPVlWBHjyPMHf0gGVk/A" content-length 159 x-request-id 8785bbdaa72500c93a0dc5a8c219f24f content-type application/json; charset=utf-8

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| imprt_ object| banno string| mitekWorkerPath object| ShadyCSS object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| odb function| zSc function| zT function| ys function| rVa function| bPc function| kUc function| wRc function| v function| elc function| xvc function| jea function| cpc function| vDb function| xm function| nxb function| xpc function| cwb function| mib function| j1a function| yn function| ga function| tUc function| jJc function| eQc function| rUc function| tRb function| ioc function| c1a function| yUc function| yi function| fVc function| hac function| pUc function| eNa function| wU function| yja function| p1 function| dNa function| qGa function| zRc function| dL function| eIa function| vja function| kv function| rV function| wf function| b2a function| vxa function| lc function| yTc function| kU function| tyc function| n6a function| mmc function| npc function| zmc function| ylc

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.goldenstatebank.com/	1970-01-21 05:02:19	Name: deviceId Value: online-ba71f80f-5614-49c5-b300-ae1766c49ccb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network	error	URL: https://my.goldenstatebank.com/a/consumer/api/auth/validate Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-Wub0WEMKUPNz/ogDDEM6SD5XTTHyYLqN0DHPwozH2kg=' 'sha256-6qzzkoh3D/yHF6o06b8jOWotr8NZL8yNmloPRxoaB/M=' 'sha256-p4dmDGIRGHQafVo6QlNSvBPsTWxKNFWbHcMweAIab+U=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-lBWjcK2tDHJzBhrF09ODut6/5BCooXwM0VTTqh7W7yg=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.goldenstatebank.com; manifest-src 'self'; worker-src 'self';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my.goldenstatebank.com
35.225.70.12
0ba93499ea230ae614bdb2b76d5d712a38fa3276dee75837bcddc761bed89aef
0e0b9371b8fb91793eb6f01719547efc40cbd9bd460968791d9d0ec8841bf3f4
191e17ba0be8f9ad3718c9f744fdd9560ca465ddcf698d5026e1d25a93fa5751
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44e624f4a35d6aafca0f7ad9608cd2946644d1cb2fe241e78557f343fd45c23b
4ff44e5e5c18789c9f83cf42784ea72232903df910025bbc3ed1bd3494dcb816
531a14abcb90c11546482e01dfb54e782cbc6cf62f91381bd57be454c2da8462
73ca3a1a5f29a2165262f67af6c54e7bcdf929ede770dd9aa0ea5baf65f0a0f0
7f84d4ed2d0c0ab7032492310f279036d5182fbcbeb210e614158036c8ecaefb
841f0528f825cd5042c7a5055e30dc6e8039134d0669ec0cd847a25e10d02c59
85a1b668bc488a85d4b8efaa79561e5c1b8597fb6f47739878154ef922fc9bbf
9abe00ce869153d9089b54372ecb907dc62093b5e649626343bc2c0916d8d96f
9eaebeca76ee481755d1846677330605b515179ef6f105506a13acce280756f0
b7f27076959735af76db5ed3aa3573ebb3a104b125c9a56313c5db842db408a4
bcc012d6191edec5c55ddd2c930b1ffa8c68d43dc4bc02d55dc4ddd7709d1717
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
cfb31f76dfcb091f6c96439470c586fc25551f50e443af9d41ce67e15fe9c882
ddd9c7991fc29ed24cc8991e76925e1d3557edac0ac761de973f4e00076f48ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7aebda738329e99c9d0ea8622d41ac65cef5c1e3e57ffd36b159bd41a77c672