Is goldmansachs.com legit?

68
/ 100
Mostly Safe
Industry: Finance

While goldmansachs.com exhibits strong foundational and security elements typical of a major financial institution, the immediate lack of accessible content and critical legal pages is concerning. It appears to be a legitimate domain for Goldman Sachs, but the current accessibility issues and missing compliance documents warrant caution.

Finance average: 80/100 · based on 48 sites

Checked: April 18, 2026 at 8:09 AM UTC · Refresh

Is goldmansachs.com a scam? Here's what we found.

Security 90/100

The site boasts robust security, including modern TLS 1.3 encryption, a valid SSL certificate from a reputable issuer, and powerful HSTS and Content Security Policy configurations. Google Web Risk also finds it clean, which are all excellent signs for data protection.

Identity 95/100

This domain is clearly linked to a long-established entity, evidenced by its 30-year domain age and registration through a corporate registrar. Impersonating such a high-profile domain would be extremely difficult, solidifying its identity.

Reputation 90/100

Goldmansachs.com has an excellent online reputation, reflected in its very high Tranco rank and clean status on all DNS blacklists. These signals confirm it's a widely recognized and trusted entity on the internet.

Transparency 60/100

This is where goldmansachs.com falters. The website currently returns a HTTP 403 error, preventing access to content. Furthermore, the absence of easily found contact information or social media links significantly reduces its transparency, which is critical for a financial brand.

Compliance 50/100

A significant concern is the absence of crucial legal pages like a privacy policy and terms of service. For a prominent financial institution, these are non-negotiable for user trust and regulatory adherence.

Infrastructure 85/100

The server architecture is sound, with proper DNS resolution, multiple mail servers, and excellent email authentication (SPF and DMARC). The only minor gap is the unsigned DNSSEC, which could be an improvement.

Signals Detected

[+]
Tranco Rank: Rank #5870

This is a well-known, high-traffic website

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
Domain Age: 30 years, 2 months

Domain created 1995-07-25T04:00:00Z (30 years, 2 months ago)

[?]
Registrar: CSC Corporate Domains, Inc.

Registered through CSC Corporate Domains, Inc.

[+]
Domain Expiry: 2026-07-24T04:00:00Z

Expires in 96 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
SSL Certificate: Valid

Valid certificate, expires in 167 days

[?]
Certificate Issuer: DigiCert Inc

Certificate issued by DigiCert Inc

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[?]
robots.txt: Not found

No robots.txt file — common for small sites

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
DNS Resolution: 1 IP(s)

Resolves to: 104.102.44.67

[+]
Email (MX Records): 2 record(s)

Mail servers: mxb-0014b501.gslb.pphosted.com., mxa-0014b501.gslb.pphosted.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 10 server(s)

DNS providers: ns1.gs.com., ns6.gs.com., ns5.gs.com., ns2.gs.com., ns1.goldmansachs.biz., ns7.gs.com., ns1.gs360.net., ns1.goldmansachs.info., ns4.gs.com., ns3.gs.com.

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[?]
Server: WebServer

Web server: WebServer

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[~]
Website Status: HTTP 403

Website returned status 403

[~]
Contact Info: Not found

No obvious contact information found on homepage

[-]
Legal Pages: Missing

No privacy policy or terms of service found

[~]
Social Media Presence: None found

No social media links found on homepage

[?]
Branding: Basic

Site has a favicon but no social sharing metadata

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 67ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for goldmansachs.com
<a href="https://verified.fyi/review/goldmansachs.com"><img src="https://verified.fyi/badge/goldmansachs.com?size=medium&style=full&theme=dark" alt="goldmansachs.com trust score — verified.fyi" /></a>
[![goldmansachs.com trust score](https://verified.fyi/badge/goldmansachs.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/goldmansachs.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a domain like goldmansachs.com, it's crucial to understand the context of a major financial institution. Unlike a small e-commerce site, a global investment bank like Goldman Sachs operates under stringent regulatory requirements and high expectations for digital security. From an underlying technical perspective, goldmansachs.com boasts a strong foundation. Its domain has been active for an impressive 30 years, virtually impossible to fake, and exhibits top-tier security measures like modern TLS encryption and robust email authentication. This level of technical sophistication is exactly what you'd expect from a leading player in the finance industry. However, a puzzling issue arises with site accessibility: the website currently returns a 403 forbidden error. This means users cannot directly access the content, which creates friction and raises questions, especially for a site that should be a primary point of contact for clients and prospective employees. Furthermore, the lack of readily available contact information and crucial legal documents like a privacy policy and terms of service are significant omissions. For a financial entity, these aren't just boilerplate elements; they are cornerstones of regulatory compliance and client trust. Typically, a financial services website should provide crystal-clear pathways for contact and transparent legal declarations. While the strong underlying technical signals suggest the domain itself is legitimate and owned by Goldman Sachs, the current user-facing issues impact trust. If you're looking to engage with Goldman Sachs, you might need to use alternative official channels until these accessibility and transparency concerns are resolved on their primary website.