![](/screenshots/ead66182-6be2-48a1-8ee4-317b76c17b6e.png)
qatruist.gs.com
Open in
urlscan Pro
104.83.4.34
Public Scan
Effective URL: https://qatruist.gs.com/content/login
Submission: On March 02 via api from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on January 17th 2023. Valid for: a year.
This is the only time qatruist.gs.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 12 | 104.83.4.34 104.83.4.34 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 91.235.133.182 91.235.133.182 | 30286 (THM) (THM) | |
1 | 204.4.143.215 204.4.143.215 | 9084 (GSI-AS Eu...) (GSI-AS European AS) | |
12 | 3 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-34.deploy.static.akamaitechnologies.com
qatruist.gs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
gs.com
2 redirects
qatruist.gs.com v.gs.com idfs-qa.gs.com |
191 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | qatruist.gs.com |
2 redirects
qatruist.gs.com
|
1 | idfs-qa.gs.com |
qatruist.gs.com
|
1 | v.gs.com |
qatruist.gs.com
|
12 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cdn-ak-gls-2.gs.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2023-01-17 - 2024-01-16 |
a year | crt.sh |
v.goldman.com DigiCert SHA2 Extended Validation Server CA |
2022-06-02 - 2023-06-29 |
a year | crt.sh |
idfs-qa.gs.com DigiCert SHA2 Extended Validation Server CA |
2022-04-02 - 2023-05-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://qatruist.gs.com/content/login
Frame ID: 320EEF6C4F418B15A5623FCA273D9206
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/ead66182-6be2-48a1-8ee4-317b76c17b6e.png)
Page Title
Truist Bank Login PagePage URL History Show full URLs
-
https://qatruist.gs.com/
HTTP 302
https://qatruist.gs.com/gcsp/portal/ HTTP 302
https://qatruist.gs.com/content/login Page URL
Detected technologies
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://qatruist.gs.com/
HTTP 302
https://qatruist.gs.com/gcsp/portal/ HTTP 302
https://qatruist.gs.com/content/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
qatruist.gs.com/content/ Redirect Chain
|
817 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.03a4941a4c3f92084deb.css
qatruist.gs.com/css/ |
103 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gspr1234.js
qatruist.gs.com/mfa/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.0af15d665504247f2e67.js
qatruist.gs.com/js/ |
7 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.86b2b453693b84ff35e3.js
qatruist.gs.com/js/ |
113 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.50e6764a0ac43c56661c.js
qatruist.gs.com/js/ |
371 KB 113 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-configurations.json
qatruist.gs.com/content/truist-ui/nodes/ |
375 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-en.json
qatruist.gs.com/content/truist-ui/nodes/contentkeys/ |
7 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help-content-configurations.json
qatruist.gs.com/content/truist-ui/nodes/ |
168 B 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
userapi
qatruist.gs.com/gs-sso/ |
733 B 2 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pbeo66ix3dnzk2ic.js
v.gs.com/ |
0 219 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorization.oauth2
idfs-qa.gs.com/as/ |
89 B 1 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| gspr1234 function| eventAnalytics object| jsonpFunction object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ number| __$$GLOBAL_REWIRE_NEXT_MODULE_ID__ object| hp_frame object| tmx_frame object| tmx_script5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qatruist.gs.com/ | Name: NSC_JOfes5t2bek5e3pdkm3vbudcwygwadb Value: 14b5a3d9e883820c8569b1d861abd83ffe600c3aea6439adc04b6f1cd97c841e328e45d6 |
|
.gs.com/ | Name: ak_bmsc Value: B7A5267922897DA0FCDFAAF90DE87941~000000000000000000000000000000~YAAQHgRTaCD50ICGAQAAgrW4oBLb4PBkJvky0Z1fcXLQuddZ2YMSRE7ikpALKq3Yg4SBxzvAu4DvkPXS6bjJuuYHWYyeXqj62mQz1mD7ww7hY7Hs4yQAfGyNLfG/aDjP/SxpbbNQ8eojx4PIjwyJfm2RkG1KnqcpTEHMIbIb0D2rUAOmCJplDqMg7+B6kAxNeIwAHHca1FeMFn8Aw8+ByqHJtpDKjk69MrjyFRuYrVvRDg4sFWcGZsIs61xU7Bho31/LnLWAAhAnz83GJuR/PJ4qABO3BhSA3MhCFhAvOSDzbFFWa7PwOhi7dgid2q1C56leyOcTC/ghC8WDkMWznf/AqEeoCOm/PPlzThGUAM7Gv+ZH216QxV9s1e/zekgfSE6vpjzf |
|
.qatruist.gs.com/ | Name: mod_auth_openidc_state Value: https%3A%2F%2Fd224627-003-e3.dc.gs.com%3A8000%2Fgcsp%2Fportal%2F |
|
.gs.com/ | Name: bm_sv Value: A5EAB6383F64CF1FDF147E6DB1CF1E58~YAAQHgRTaD/50ICGAQAAZLy4oBJO6B+kuAWvXNFKbmPgOvTL5zCn3UOp6P8+2F+QCErQc6WjCPhjRfRAV+f1QqK/SPJXe/HN9IZieNLFTBWXQq0ZV9QuON9967xbyD2qA0XsL/q/dl4PL4P5zivhlvbb7iIqZQtH8WNLK5FmolCxpeRsGaFKC67tAFU3IcS3xnn9qwqkmI24bcKTj25+/4iWOe+zesyD+EuHlsGtBZTzPYs8N7QvebvRqLs=~1 |
|
idfs-qa.gs.com/ | Name: PF Value: qhoiyfvP64Ea2BTIn5L5luwez6UdTm6SoYZ2WSsgGFpM |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' gap: https://*.gs.com 'unsafe-inline'; font-src 'self' https://*.gs.com https://*.online-metrix.net data:; script-src 'self' https://assets.adobedtm.com https://*.zopim.com https://assets.zendesk.com https://*.gs.com https://*.online-metrix.net https://*.demdex.net https://*.sc.omtrdc.net 'unsafe-inline' 'unsafe-eval'; blob: https://*.gs.com https://*.online-metrix.net; connect-src 'self' https://*.gs.com https://qaglobal-liquidity.gs.com https://*.omtrdc.net https://*.demdex.net 'unsafe-inline' data:; object-src 'self' https://*.gs.com https://*.online-metrix.net; child-src gap: 'self' https://*.gs.com https://*.online-metrix.net;frame-src 'self' https://*.gs.com https://*.online-metrix.net https://*.demdex.net; img-src 'self' * data: https://*.gs.com https://*.online-metrix.net https://*.omtrdc.net https://*.demdex.net https://*.everesttech.net; style-src 'self' https://*.gs.com 'unsafe-inline'; media-src 'self' https://*.gs.com;frame-ancestors 'self' http://qaglobal-liquidity.gs.com |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
idfs-qa.gs.com
qatruist.gs.com
v.gs.com
104.83.4.34
204.4.143.215
91.235.133.182
03a9521f79d66639b28567ba9be8027549c81784e78f23d002acb423e5f05075
2b7275f2cd7bc2f6b1470648f1a6a7a02dabf03941b4f4a242340202414b07a8
30371bda9c8e6943be51f65f98e7596904267fa6f0731e8da0e1ea1fcc59af30
4c742f153eb0ead4c104ba62d9c97a2f825bfd5c7adcd524b9df341df8301384
5591d2f95b61fb410623841cf34da7398bf2b633780544c59a13c7d157b4e566
5a3f8b252369d791548de9e8923afcc00c2575d48582d71e85920d5f8db13d79
88373beb1b65ebc85516eeceb14747f964fd334afdcdbd3b0a5babb2c4fb0916
898c38fd7c379ddadae1490931c5af04feac59f0112f05698dfc2f31a0bd19c7
92796f64592901c930f1f0f400935b85d7a0856374f0074b6f43a24884c39ad3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f815fbe734c32846f2a0be0d836dc88554a91bbc09c39332b7eb2c30def1e03c
fec9dc004502b7d565c3da3398708a678a648e76cc7e804deb00ce2cf76b239a