Goldman Sachs Vendor Code of Conduct | Goldman Sachs - URL Scan Results

Summary

A Concise Overview of the scan result of url https://www.goldmansachs.com/investor-relations/corporate-governance/sustainability-reporting/vendor-code-of-conduct-index.html

Document
HTML
2
StyleSheets
2
Scripts
59
Font
0
Images
4
Links
9
JavaScript Variables
49
Console log messages
0
Network
Requests
82
Bytes Transferred
2.77MB
Bytes Total
10.35MB

DNS Record
CNAME Record
6
A Record
1
Technology
Search engines
1
PaaS
1
Cookie compliance
1
Advertising
2
Analytics
2
Security
1
CDN
2

Links

The outgoing links identified from the page.

Link	Text
https://higher.gs.com/	Open Roles
https://www.gsam.com/	Asset Management
https://pwm.gs.com/nam/en-us?gsid=10200&chl=ref&plt=gs	Private Wealth Management
https://www.marcus.com/	Marcus
https://marquee.gs.com/	Marquee
https://www.linkedin.com/company/goldman-sachs	link for linkedin share
https://www.instagram.com/goldmansachs	link for instagram share
https://www.youtube.com/user/GoldmanSachs	link for youtube share
https://twitter.com/goldmansachs

JavaScript Variables

Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.

0objecteventundefinedonbeforetoggleobjectfenceobjectsharedStorageobjectdocumentPictureInPictureobjectfetchLaterfunctiononpageswapobjectonpagerevealobjectmodelobjectonscrollendobject_satelliteobject__satelliteLoadedboolean__alloyMonitorsobjectalloyfunction__alloyNSobjectfbqfunction_fbqfunctionGS_UX_UITOOLKIT_DISABLE_COMPONENT_ANALYTICSbooleanBOOMR_mqobjectBOOMR_API_keystringBOOMRobjectBOOMR_lstartnumberbrazeobjectbrazeQueueobjectwebpackChunk_N_Eobject__next_set_public_path__functionnextobject__NEXT_DATA__object__SSG_MANIFEST_CBfunction__NEXT_Pobject_N_Eobject__NEXT_PRELOADREADYfunction__gs_uitk_emotion_instanceobjectGS_UX_UITOOLKIT_VERSIONSobject__MIDDLEWARE_MATCHERSobject__BUILD_MANIFESTobject__SSG_MANIFESTobjectBOOMR_configtnumber_truste_eumapfunctiontrusteobject$temp_closebtn_styleobject$temp_box_overlay_borderobject$temp_inner_iframeobject$temp_box_overlayobjectuserTypestringBOOMR_onloadnumber_linkedin_data_partner_idstringuetqobject

Technology

The technologies identified are present on the scanned URL.

Name	Description	Detected patterns
Analytics
Linkedin Insight Tag https://business.linkedin.com/marketing-solutions/insight-tag	LinkedIn Insight Tag is a lightweight JavaScript tag that powers conversion tracking, website audiences, and website demographics.	Type: scriptSrc Regex: snap\.licdn\.com\/li\.lms-analytics\/insight\.min\.js
Facebook Pixel https://facebook.com	Facebook pixel is an analytics tool that allows you to measure the effectiveness of your advertising.	Type: scriptSrc Regex: connect\.facebook\.\w{1,250}\/.{1,250}\/fbevents\.js
Security
HSTS https://www.rfc-editor.org/rfc/rfc6797#section-6.1	HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.	Type: headers Name: strict-transport-security Regex: (?:)
Search engines
Algolia https://www.algolia.com	Algolia offers a hosted web search product delivering real-time results.	Type: headers Name: content-security-policy Regex: \.algolia
CDN
Amazon CloudFront https://aws.amazon.com/cloudfront/	Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.	Type: headers Name: x-amz-cf-id Regex: (?:)
Akamai https://akamai.com	Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.	Type: dns Regex: ^[a-z0-9]{1,250}\.[a-z0-9]{1,250}\.akamaiedge.net\.?$
Advertising
Microsoft Advertising https://ads.microsoft.com	Microsoft Advertising is an online advertising platform developed by Microsoft.	Type: scriptSrc Regex: bat\.bing\.com\/bat\.js
Linkedin Ads https://business.linkedin.com/marketing-solutions/ads	Linkedin Ads is a paid marketing tool that offers access to Linkedin social networks through various sponsored posts and other methods.	Type: headers Name: content-security-policy Regex: px\.ads\.linkedin\.com
PaaS
Amazon Web Services https://aws.amazon.com/	Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.	Dependent on Amazon CloudFront
Cookie compliance
TrustArc https://trustarc.com	TrustArc provides software and services to help corporations update their privacy management processes so they comply with government laws and best practices.	Type: scriptSrc Regex: consent\.trustarc\.com

DNS Record

A DNS record maps a domain name to an IP address or other resource information.

Type	Name	Content	DNSSEC
CNAME	www.goldmansachs.com	www.gs.com.	no
CNAME	www.gs.com	www.gs.com.edgekey.net.	no
CNAME	www.gs.com.edgekey.net	e17133.x.akamaiedge.net.	no
A	e17133.x.akamaiedge.net	23.59.206.216	no
CNAME	www.goldmansachs.com	www.gs.com.	no
CNAME	www.gs.com	www.gs.com.edgekey.net.	no
CNAME	www.gs.com.edgekey.net	e17133.x.akamaiedge.net.	no

SSL Certificate

An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.

Subject	Issue date	Expiry date	Valid
www.goldmansachs.com	3/25/2026	3/26/2027	1 year 1 day
cdn.gs.com	3/25/2026	3/26/2027	1 year 1 day
s.go-mpulse.net	3/25/2026	3/26/2027	1 year 1 day
connect.facebook.net	3/25/2026	3/26/2027	1 year 1 day
consent.trustarc.com	3/25/2026	3/26/2027	1 year 1 day
adobedc.demdex.net	3/25/2026	3/26/2027	1 year 1 day
c.go-mpulse.net	3/25/2026	3/26/2027	1 year 1 day
edge.adobedc.net	3/25/2026	3/26/2027	1 year 1 day
17de4c10.akstat.io	3/25/2026	3/26/2027	1 year 1 day
snap.licdn.com	3/25/2026	3/26/2027	1 year 1 day
bat.bing.com	3/25/2026	3/26/2027	1 year 1 day

HTTP Header

An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.

Name	Value
Akamai-Cache-Status	Hit from child
Akamai-GRN	0.87f4d517.1774548364.137c6ace
Cache-Control	max-age=3600
Connection	keep-alive
Content-Encoding	gzip
Content-Length	37609
Content-Security-Policy	default-src 'none'; img-src 'self' data: blob: https://www.goldmansachs.com https://.trustarc.com https://.truste.com https://googletagmanager.com https://www.googletagmanager.com https://www.google.com https://px.ads.linkedin.com https://gs.sc.omtrdc.net https://.doubleclick.net https://.parsely.com https://cdn.gs.com https://gateway.zscalerthree.net https://prod.forms.workflow.ep.site.gs.com .gs.com: https://public.flourish.studio https://gateway.zscaler.net https://adservice.google.com https://www.linkedin.com https://.6sc.co https://www.facebook.com https://iad1.qualtrics.com https://siteintercept.qualtrics.com https://.adobe.com https://.omtrdc.net https://.demdex.net https://.tt.omtrdc.net https://.adobedtm.com https://.adobetag.com https://.targetcdn.adobe.com https://.adobedc.net https://.experience.adobe.com https://.adobe.io https://.everesttech.net https://.experiencecloud.adobe.com; style-src 'self' 'unsafe-inline' https://www.goldmansachs.com https://amp.akamaized.net https://cdn.gs.com .gs.com:* https://public.flourish.studio https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.goldmansachs.com https://.trustarc.com https://googletagmanager.com https://www.googletagmanager.com https://snap.licdn.com https://connect.facebook.net https://bat.bing.com https://gs.sc.omtrdc.net https://.doubleclick.net https://siteintercept.qualtrics.com https://.siteintercept.qualtrics.com https://.parsely.com https://.go-mpulse.net https://.akstat.io https://amp.akamaized.net https://cdn.gs.com https://gateway.zscalerthree.net .gs.com: https://public.flourish.studio https://www.googleadservices.com https://.6sc.co https://.adobe.com https://.omtrdc.net https://.demdex.net https://.tt.omtrdc.net https://.adobedtm.com https://.adobetag.com https://.targetcdn.adobe.com https://.adobedc.net https://.experience.adobe.com https://.adobe.io https://.everesttech.net https://.experiencecloud.adobe.com https://sdk.ceros.com; connect-src 'self' https://www.goldmansachs.com https://.trustarc.com https://www.google.com https://px.ads.linkedin.com https://gs.sc.omtrdc.net https://.doubleclick.net https://dpm.demdex.net https://siteintercept.qualtrics.com https://.parsely.com https://.go-mpulse.net https://.akstat.io https://amp.akamaized.net https://cdn.gs.com https://.algolia.net https://.algolianet.com https://.algolia.io .gs.com:* https://api.goldmansachs.wallst.com https://www.gsam.com/bin/gsam/servlets/EmailSubscriptionServlet https://public.flourish.studio https://adobedc.demdex.net https://adservice.google.com https://.6sc.co https://.akamaihd.net https://sdk.iad-07.braze.com https://.adobe.com https://.omtrdc.net https://.demdex.net https://.tt.omtrdc.net https://.adobedtm.com https://.adobetag.com https://.targetcdn.adobe.com https://.adobedc.net https://.experience.adobe.com https://.adobe.io https://.everesttech.net https://.experiencecloud.adobe.com; font-src 'self' data: https://www.goldmansachs.com https://.trustarc.com https://amp.akamaized.net https://cdn.gs.com .gs.com:* https://public.flourish.studio https://fonts.gstatic.com; frame-src 'self' mailto: https://www.goldmansachs.com https://.trustarc.com https://www.googletagmanager.com https://.doubleclick.net https://onegs.iad1.qualtrics.com https://d1pmpteesu3euy.cloudfront.net https://cdn.gs.com https://playlist.megaphone.fm https://gateway.zscalerthree.net .gs.com: https://goldmansachs.demdex.net https://gateway.zscaler.net https://consent-pref.trustarc.com https://flo.uri.sh; media-src 'self' data: blob: https://www.goldmansachs.com https://cdn.gs.com https://video.goldmansachs.com .gs.com:; frame-ancestors 'self' https://www.goldmansachs.com .gs.com: https://.targetcdn.adobe.com https://.experience.adobe.com https://*.adobe.io;
Content-Type	text/html; charset=UTF-8
Date	Thu, 26 Mar 2026 18:06:04 GMT
ETag	W/"92b6e96d6133ffe799f4f5a866bd8c15"
Edge-Cache-Tag	gscom-2.0-prod-edge-cache
Expires	Thu, 26 Mar 2026 19:06:04 GMT
Last-Modified	Tue, 24 Mar 2026 21:39:32 GMT
Link	<https://cdn.gs.com/fonts/gs-sans/v3/gs-sans-condensed-variable.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdn.gs.com/fonts/gs-sans/v3/gs-sans-variable.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdn.gs.com/fonts/gs-serif/v3/gs-serif-variable.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://connect.facebook.net>;rel="preconnect" <https://cdn.gs.com>;rel="preconnect"
Referrer-Policy	strict-origin-when-cross-origin
Server	WebServer
Server-Timing	cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1774548364063_399897735_326920910_34_12206_1_6_-";dur=1
Strict-Transport-Security	max-age=31536000; includeSubdomains
Vary	Accept-Encoding
X-Akamai-Device-Characteristics	ajax_preferred_geoloc_api=none;device_os=Windows NT;device_os_version=10.0;is_tablet=false;is_wireless_device=false2;mobile_browser=Chrome;mobile_browser_version=119;physical_screen_height=175;physical_screen_width=280;resolution_height=800;resolution_width=1280;viewport_initial_scale=;viewport_width=width_equals_max_image_width;is_mobile=false
X-Akamai-Transformed	9 - 0 pmb=mRUM,2
X-Amz-Cf-Id	NxTXDFQCydZYCB-y1VJXl9Qyv0Xh4UFwcRvS7uFEtJcg8tqwYvbFFw==
X-Amz-Cf-Pop	SEA900-P9
X-Content-Type-Options	nosniff
X-MSH-S3-Origin-Path	/version594
X-XSS-Protection	1; mode=block
ajax_preferred_geoloc_api	none
device_os	Windows NT
device_os_version	10.0
is_mobile	false
is_tablet	false
is_wireless_device	false
mobile_browser	Chrome
mobile_browser_version	119
physical_screen_height	175
physical_screen_width	280
resolution_height	800
resolution_width	1280
viewport_initial_scale
viewport_width	width_equals_max_image_width
x-amz-replication-status	COMPLETED
x-amz-server-side-encryption-bucket-key-enabled	true
x-amz-version-id	CDC1A8vJEAQwQrNUwzUsZZfQVUAG8aPV

Content Security Policy

Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.

Name	Value

Cookies

Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.

Name	Value	Domain/Path	Expires	Secure	HTTP Only
AKA_A2	A	.goldmansachs.com/	3/26/2026, 7:06:04 PM	yes	yes
RT	"z=1&dm=goldmansachs.com&si=v1entdbt04l&ss=mn7sa160&sl=0&tt=0"	.goldmansachs.com/	4/2/2026, 6:06:04 PM	no	no
TAsessionID	[TAsessionID redacted]	.goldmansachs.com/	3/26/2026, 6:36:06 PM	yes	no
notice_behavior	implied\|us	.goldmansachs.com/	12/31/1969, 11:59:59 PM	yes	no
RT	"z=1&dm=www.goldmansachs.com&si=642516de-9357-4589-b23b-658e0255162c&ss=mn7sa0ue&sl=1&tt=1rk&bcn=%2F%2F17de4c10.akstat.io%2F"	.www.goldmansachs.com/	4/2/2026, 6:06:06 PM	no	no

URL Scan Results for the page [Goldman Sachs Vendor Code of Conduct | Goldman Sachs](https://www.goldmansachs.com/investor-relations/corporate-governance/sustainability-reporting/vendor-code-of-conduct-index.html)

URL basic Information and screenshot