Trust report
github.com
85/100 — trusted. Long-established, no impersonation patterns, no scam-correlated signals.
Verdict driven by: no privacy policy found; no terms of service found; site returned HTTP 429 — worth extra caution before trusting.
Top scam signals
- No privacy policy foundLegally required in most jurisdictions. Its absence is a real red flag.
- No terms of service foundReputable sites usually publish a terms of service.
- Site returned HTTP 429The server is reachable but did not return a success status.
SL Trust Core
85
safe
Category breakdown
Identity & Age70/100
1 signal · weight 22
Impersonation Risk100/100
1 signal · weight 22
Red Flags100/100
1 signal · weight 18
Transparency57/100
7 signals · weight 14
Security100/100
8 signals · weight 8
Email100/100
3 signals · weight 4
Infrastructure77/100
4 signals · weight 4
Content64/100
3 signals · weight 3
Performance100/100
3 signals · weight 3
Technical Health100/100
2 signals · weight 2
Positive signals
- HTTPS is enforced
- Fast response (40ms)
- Served through Cloudflare
- 1 address record(s) resolved
- 8 authoritative nameservers
- robots.txt published
Warnings
- Site returned HTTP 429
- No privacy policy found
- No terms of service found
Critical
None detected.
Recommendations
Top 3 things to fix
- high · transparencyPublish a Privacy Policy
A linked privacy policy is legally required in most jurisdictions and is one of the strongest transparency signals.
- medium · transparencyPublish Terms of Service
Reputable commercial sites publish clear terms so users know their rights.
- low · contentAdd a meta description
A 120–160 character description improves click-through from search.
- Root label
- github
- TLD
- .com
- Uses punycode (xn--)
- no
- Mixed-script (homoglyph)
- no
- Brand match
- no known brand embedded
- Typosquat check
- no typosquat pattern
- Phishing suffix tokens
- none
No impersonation patterns detected
Domain doesn't look like a typosquat, doesn't embed a well-known brand, and uses ASCII characters.
+8
- Payment red flags
- none detected
- Urgency / pressure language
- none detected
- Disposable-domain combo
- no
- Page text length scanned
- 239 chars
No scam-correlated language found on the home page
No crypto-only / gift-card / wire-only payment demands, and no obvious urgency tactics.
+6
RDAP returned 403
- Final URL
- https://github.com/
- Status
- 429
- Response time
- 40ms
- Server
- cloudflare
- CDN
- Cloudflare
- Content-Type
- text/html; charset=utf-8
- Body size
- 1.5 KB
- Redirects
- 0
Site returned HTTP 429
The server is reachable but did not return a success status.
-6
HTTPS is enforced
All redirects stayed on HTTPS. Traffic is encrypted end-to-end.
+10
Fast response (40ms)
+6
Served through Cloudflare
Sites behind a major CDN benefit from DDoS protection and edge caching.
+4
- A
- 140.82.112.4
- AAAA
- —
- MX
- 0 github-com.mail.protection.outlook.com
- NS
- dns1.p08.nsone.net, dns2.p08.nsone.net, dns3.p08.nsone.net, dns4.p08.nsone.net, ns-1283.awsdns-32.org, ns-1707.awsdns-21.co.uk, ns-421.awsdns-52.com, ns-520.awsdns-01.net
- TXT count
- 22
1 address record(s) resolved
+4
8 authoritative nameservers
+2
ssl timed out after 8000ms
HSTSContent Security PolicyX-Frame-OptionsX-Content-Type-Optionsmissing: Referrer Policymissing: Permissions Policy
HSTS is set
Tells browsers to only use HTTPS for this domain.
+6
Content Security Policy is set
Restricts which scripts and resources the page can load.
+5
X-Frame-Options is set
Prevents clickjacking by disallowing framing.
+3
X-Content-Type-Options is set
Blocks MIME-sniffing browser attacks.
+2
Missing Referrer Policy
Controls what referrer information is sent with requests.
-2
Missing Permissions Policy
Restricts access to powerful browser features (camera, mic, etc.).
-2
- SPF
- v=spf1 ip4:192.30.252.0/22 include:spf.protection.outlook.com include:_netblocks.google.com include:_netblocks2.google.com include:mail.zendesk.com include:_spf.salesforce.com include:servers.mcsv.net include:mktomail.com include:sendgrid.net ip4:62.253.2" "27.114 ip4:166.78.69.169 ip4:166.78.69.170 ip4:166.78.71.131 ~all
- DMARC
- v=DMARC1; p=quarantine; sp=reject; pct=100; rua=mailto:dmarc@github.com; ruf=mailto:dmarc@github.com; fo=1
- DMARC policy
- quarantine
- DKIM selectors found
- google, selector1, s1, s2
SPF record published
+5
DMARC published (quarantine)
+4
DKIM configured (google, selector1, s1, s2)
+3
Cloudflare· cdn
- Title
- Rate limit · GitHub
- Description
- —
- Language
- —
- Charset
- —
1 technologies detected
Cloudflare
Mobile viewport configured
+2
Missing meta description
-2
privacynot found
termsnot found
contacthttps://support.github.com/
aboutnot found
refundnot found
shippingnot found
cookiesnot found
Socials
No privacy policy found
Legally required in most jurisdictions. Its absence is a real red flag.
-4
No terms of service found
Reputable sites usually publish a terms of service.
-4
Contact page linked from home page
+5
No about page found
Reputable sites usually publish a about page.
-3
No refund/return policy found
Reputable sites usually publish a refund/return policy.
-3
No cookie policy found
Reputable sites usually publish a cookie policy.
-2
1 social profile(s) linked
twitter
+3
Diagnostics
Scan performance
engine 5.1.0 · report v5
Total scan time
8106 ms
Cache
Miss
Final response
40 ms
Redirects
0
Plugins executed
18
Plugins failed
5
Signal confidence
72%
Per-plugin timings
sslfailed · 8000 ms
phishstatsfailed · 3500 ms
urlhausfailed · 376 ms
email-security106 ms
sitemap84 ms
robots42 ms
http40 ms
dns34 ms
rdapfailed · 3 ms
reputation0 ms
impersonation0 ms
safe-browsingfailed · 0 ms
security-headers0 ms
tech0 ms
content0 ms
redirects0 ms
performance0 ms
red-flags0 ms