my.goldenstatebank.com
Open in
urlscan Pro
35.225.70.12
Public Scan
Submission: On May 01 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on May 19th 2023. Valid for: a year.
This is the only time my.goldenstatebank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 35.225.70.12 35.225.70.12 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
21 | 2 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.70.225.35.bc.googleusercontent.com
my.goldenstatebank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
goldenstatebank.com
my.goldenstatebank.com |
401 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | my.goldenstatebank.com |
my.goldenstatebank.com
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
my.goldenstatebank.com GeoTrust TLS RSA CA G1 |
2023-05-19 - 2024-05-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://my.goldenstatebank.com/
Frame ID: 7526A0D5994455B73A7D871E71BD1D06
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
my.goldenstatebank.com/ |
86 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
standalone-app-05c30bab.js
my.goldenstatebank.com/js/ |
123 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banno-web-6ae33c07.js
my.goldenstatebank.com/js/ |
456 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
golden-state-bank-logo-60915904.png
my.goldenstatebank.com/images/fi-assets/golden-state-bank/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jha-icon-circle-warning-4dec2b24.js
my.goldenstatebank.com/js/ |
733 B 652 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client-shared-cebe3481.js
my.goldenstatebank.com/js/ |
146 B 382 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bd22c266-ec46-4d92-b47b-118400006396
my.goldenstatebank.com/a/consumer/api/offline-status/institutions/ |
20 B 195 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-694c2099.js
my.goldenstatebank.com/js/ |
54 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannoweb-background-hero-4d2bfbf4.js
my.goldenstatebank.com/js/ |
820 B 657 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate
my.goldenstatebank.com/a/consumer/api/auth/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
golden-state-bank-favicon-549dd83d.ico
my.goldenstatebank.com/images/fi-assets/golden-state-bank/ |
33 KB 33 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
golden-state-bank-background-landscape-e42840a7.png
my.goldenstatebank.com/images/fi-assets/golden-state-bank/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bd22c266-ec46-4d92-b47b-118400006396
my.goldenstatebank.com/a/consumer/api/institutions/ |
152 KB 152 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jha-icon-form-89223365.js
my.goldenstatebank.com/js/ |
1 KB 791 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jha-icon-life-preserver-7b9dd6f3.js
my.goldenstatebank.com/js/ |
1 KB 901 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
time
my.goldenstatebank.com/a/consumer/api/v0/login/ |
13 B 241 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jha-icon-warning-e9dd1c56.js
my.goldenstatebank.com/js/ |
898 B 729 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
time
my.goldenstatebank.com/a/consumer/api/v0/login/ |
13 B 240 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roboto-regular-webfont.woff2
my.goldenstatebank.com/fonts/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
golden-state-bank-favicon-549dd83d.ico
my.goldenstatebank.com/images/fi-assets/golden-state-bank/ |
33 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
start
my.goldenstatebank.com/a/consumer/api/login/assertion/ |
159 B 388 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| imprt_ object| banno string| mitekWorkerPath object| ShadyCSS object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| odb function| zSc function| zT function| ys function| rVa function| bPc function| kUc function| wRc function| v function| elc function| xvc function| jea function| cpc function| vDb function| xm function| nxb function| xpc function| cwb function| mib function| j1a function| yn function| ga function| tUc function| jJc function| eQc function| rUc function| tRb function| ioc function| c1a function| yUc function| yi function| fVc function| hac function| pUc function| eNa function| wU function| yja function| p1 function| dNa function| qGa function| zRc function| dL function| eIa function| vja function| kv function| rV function| wf function| b2a function| vxa function| lc function| yTc function| kU function| tyc function| n6a function| mmc function| npc function| zmc function| ylc1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my.goldenstatebank.com/ | Name: deviceId Value: online-ba71f80f-5614-49c5-b300-ae1766c49ccb |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'none'; script-src 'unsafe-inline' 'sha256-5tglEW0Vs+Qd9vtRZ++NKLr08Vk0yoF/jPR+mbB5eq8=' 'sha256-wyuUAa+a967T1T6WNseoupM6GGreJ7AugW1DgkH8rQI=' 'sha256-Wub0WEMKUPNz/ogDDEM6SD5XTTHyYLqN0DHPwozH2kg=' 'sha256-6qzzkoh3D/yHF6o06b8jOWotr8NZL8yNmloPRxoaB/M=' 'sha256-p4dmDGIRGHQafVo6QlNSvBPsTWxKNFWbHcMweAIab+U=' 'sha256-ildUzQ5UsadChij+sqp2CK8DE6fAqU4NwegKKfap0rs=' 'sha256-lBWjcK2tDHJzBhrF09ODut6/5BCooXwM0VTTqh7W7yg=' 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://banno.com https://*.banno.com https://*.googleusercontent.com https://banno-assets-production.s3.amazonaws.com https://banno-sentry-production.s3.amazonaws.com; media-src 'self' mediastream:; frame-src 'self' https://*.mybankhq.com https://*.billpaysite.com https://*.banno.com https://geezeo-tiles.s3.amazonaws.com https://*.geezeo.com https://orcasnet-investments.banno-plugins-uat.com https://connect2.finicity.com https://businessbillpay-e.com/ https://*.businessbillpay-e.com/ https://apim.autobooks.co; child-src 'self'; font-src https: data:; frame-ancestors 'self'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://clientstream.launchdarkly.com https://app.launchdarkly.com wss://global.vss.twilio.com wss://sdkgw.us1.twilio.com wss://my.goldenstatebank.com; manifest-src 'self'; worker-src 'self'; |
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
my.goldenstatebank.com
35.225.70.12
0ba93499ea230ae614bdb2b76d5d712a38fa3276dee75837bcddc761bed89aef
0e0b9371b8fb91793eb6f01719547efc40cbd9bd460968791d9d0ec8841bf3f4
191e17ba0be8f9ad3718c9f744fdd9560ca465ddcf698d5026e1d25a93fa5751
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44e624f4a35d6aafca0f7ad9608cd2946644d1cb2fe241e78557f343fd45c23b
4ff44e5e5c18789c9f83cf42784ea72232903df910025bbc3ed1bd3494dcb816
531a14abcb90c11546482e01dfb54e782cbc6cf62f91381bd57be454c2da8462
73ca3a1a5f29a2165262f67af6c54e7bcdf929ede770dd9aa0ea5baf65f0a0f0
7f84d4ed2d0c0ab7032492310f279036d5182fbcbeb210e614158036c8ecaefb
841f0528f825cd5042c7a5055e30dc6e8039134d0669ec0cd847a25e10d02c59
85a1b668bc488a85d4b8efaa79561e5c1b8597fb6f47739878154ef922fc9bbf
9abe00ce869153d9089b54372ecb907dc62093b5e649626343bc2c0916d8d96f
9eaebeca76ee481755d1846677330605b515179ef6f105506a13acce280756f0
b7f27076959735af76db5ed3aa3573ebb3a104b125c9a56313c5db842db408a4
bcc012d6191edec5c55ddd2c930b1ffa8c68d43dc4bc02d55dc4ddd7709d1717
bdbf1c1b735b09d5cdd6e0d87b5a3db5f5334f23e13dfe29e2ceb3d687e02716
cfb31f76dfcb091f6c96439470c586fc25551f50e443af9d41ce67e15fe9c882
ddd9c7991fc29ed24cc8991e76925e1d3557edac0ac761de973f4e00076f48ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7aebda738329e99c9d0ea8622d41ac65cef5c1e3e57ffd36b159bd41a77c672