ScanMalware.com

Security Scan Report: onlinebanking.golden1.com

Redirected to:
https://digitalbanking.golden1.com/pre-auth/login
Site favicon
Submitted: May 9, 2026, 10:34:59 AMCompleted: May 9, 2026, 10:36:28 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 64 HTTP transactions. The main domain is digitalbanking.golden1.com and was registered NaN years ago.

Submitted URL: https://onlinebanking.golden1.com

Effective URL: https://digitalbanking.golden1.com/pre-auth/loginRedirected

The Cisco Umbrella rank of the primary domain is #189,763 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 84%

7
Risk Score

Site shows strong malware‑related IDS alerts and suspicious obfuscated scripts despite no forms, indicating a high‑risk malicious page.

Risk Factors
Critical IDS alerts indicating malware data exfiltration and command‑and‑control
Low domain ranking while claiming to be a bank login page
High JavaScript obfuscation score (charcode manipulation, base64 encoding)
Login‑style title without any form fields
Domain age information unavailable

Details

Page Title

Digital Banking | Secure login

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'onlinebanking.golden1.com' uses the commercial generic top-level domain (.com), featuring subdomain 'onlinebanking'. The registrable portion 'golden1' spans 7 characters holding two vowels versus four consonants; bonus characters include 1 digit. Breaking it apart gives 2 words: golden, 1. The median word length lands at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://onlinebanking.golden1.com

Page Load Overview

2.61s
Total Load Time
64
HTTP Requests
5
Domains
0 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:48 chars
Detector Agreement:50%

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
163.161.82.26United States
AS16509Amazon.com, Inc.
12104.18.28.121United States
AS13335Cloudflare, Inc.
12104.18.25.24United States
AS13335Cloudflare, Inc.
1223.53.43.58Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
12104.18.24.24United States
AS13335Cloudflare, Inc.
645--

Detected Technologies4

X-UA-Compatible
100%
Dynatrace
50%
HSTS
40%
Dynatrace RUM
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18192E8AB5A520415111B461AB3E677DC733952036E4BCC8D3BEE35498F8DBEC30A376A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:j5IFUfzZLUiiuV1FWqqvgPgviY61zGXrOnOP8BKinL9L7YCi3gmZ+5nx/yd2yr:j5IIUiiCbWqqoLY61zGXrOnOP8BKinL4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:20376:IGiWADA4SFBQLbAAkOMsIA4FN2A6qohCCBhgDQAAQBAhIbBHChtSiQGCABCxYAqh4xhAtslJFAhABAmiQJEIIF5gGWxFSQI8

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:04ffffffffffffff
Perceptual Hash:d656565656565654
Difference Hash:0403000000000000
Wavelet Hash:00f0f0f0f0f0f0f0
Color Hash:#ccd279

Other Hashes

Crop Resistant:0403000000000000

Scan History

Scan history not available

Unable to load historical scan data